11 - Kubernetes - K8s

 Docker Container Clustering using Kubernetes
  • Orchestration
  • Developed by Google lab in 2015 - Now managed by CNCF
  • Open-source
  • Kubernetes is also called K8s test
  • Running on Docker and other Containers
  • More functionality 
  • Supported by Clouds - AWS, Azure, GPC
    • Master nodes managed by Cloud and not access Tenant
  • Communication between Container by CNI -> Container Network Interface
  • Capability of automating deployment, scaling of application, and operations of application container across clusters
  • Auto-scalable infrastructure
  • Higher density of resource utilization
  • Predictable infrastructure

Kubernetes Architecture
  • Kubernetes Master Server
    • etcd : configuration information of K8s ( like Zookeeper ), in multiple nodes
    • API Server: Provide operation on cluster - kubeconfig tools that used for communication
    • Scheduler: responsible for deploy PODs
    • Controller Manager: responsible for managing cluster of state
  • Kubernets Nodes
    • Docker: requirement of each node and help in running the encapsulated application containers
    • Kubelet: interact with etcd and read configuration details
    • Kubernetes Proxy: services available to the external host, primitive load balance, Managed health check, volumes, secrets



KUBERNETES LAB

mkdir kubernetes
cd kubernetes
mkdir master vm1 vm2

1 - Master Node

cd master
vagrant ssh
** Required root privileges
sudo su -
hostnamectrl set-hostname kubemaster.unix.in
bash

vi /etc/hosts
192.168.33.09 kubemaster.unix.in
192.168.33.10 workernode1.unix.in
192.168.33.11 workernode2.unix.in

****** Prerequisite Kubernetes  *******
# disable swap
swapoff -a 
free -m

# disable swap partition
vi /etc/fstab
# /dev/mapper/centos-swap swap

# disable SE LINUX
setenforce 0
vi /etc/sysconfig/selinux
  SELINIX=disable

# Enable Cluster Communication
modeprobe br_netfilter
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

**** Install Kubernetes
# Install Depedencies
yum install -y yum-utils device-mapper-persistent-data lvm2

*** Install Docker 
curl -fsSL get.docker.com | sh

** Created Kubernetes Repo
cat << EOF > /etc/yum.repos.d/kubernetes.repo  
[kubernetes]  
name=Kubernetes  
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64  
enabled=1  
gpgcheck=0  
repo_gpgcheck=0  
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg  
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg  
EOF
** Install kubelet, kubead and kubectl
yum install -y kubelet kubeadm kubectl
systemctl enable docker
systemctl enable kubelet
systemctl start docker

docker info | grep -i cgroup
** Updating c groupfs driver
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
"max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
"overlay2.override_kernel_check=true"
  ]
}
EOF
** create server.d directory and reload
ls -ld /etc/systemd/system
mkdir -p /etc/systemed/system/docker.service.d
systemctl daemon-reload
systemctl restart docker
** Verify cgroups
docker info | grep -i cgroups
** Initialize Kubernetes Cluster  -->  only run in master node
** kubeadm config images pull from docker hub
kubeadm init --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16


** if the issue in Kubernetes version, now reset Kubernetes cluster and install an older version kubeadm reset ** Cleanup memoery echo 3 > /prod/sys/vm/drop_caches free -m
kubeadm init --kubernetes-version v1.20.1 --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16

Pending update soon ....................................



2 - Kube Node1



3 - Kube Node2


---------------------------------------------------------------------------------
K8s Cluster Lab - 2nd Version

1 - MASTER-NODE

Step 1: Prepare Hostname, Firewall and SELinux

# sudo su -
# hostnamectl set-hostname master-node
# bash

cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF
*** Configure Firewall
systemctl start firewalld
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=2379-2380/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --permanent --add-port=10251/tcp
sudo firewall-cmd --permanent --add-port=10252/tcp
sudo firewall-cmd --permanent --add-port=10255/tcp
sudo firewall-cmd --reload

# load netfilter probe specifically
modprobe br_netfilter


*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
or
vi /etc/sysconfig/selinux
  SELINIX=disable
  

** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a

Step 2: Setup the Kubernetes Repo

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF


Step 3: Install Docker, kubelet, kubeadm, and kubectl

yum install docker -y     or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl 

systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker
Step 4: Initialize Kubernetes Master and Setup Default User

kubeadm init --apiserver-advertise-address=192.168.33.27 --pod-network-cidr=10.244.0.0/16

** copy kubeadm join xxxxxxxxxxxxxxxx
kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus \
    --discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b

** Manage Cluster as Regular User
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

Step 5: Setup Your Pod Network

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

or ...
# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

Step 6: Check Status of Cluster
kubectl get nodes

kubectl get pods --all-namespaces


2 - worker-node1

Step 1: Prepare Hostname, Firewall and SELinux

sudo su -
hostnamectl set-hostname worker-node1
bash

cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF

# hostnamectl set-hostname worker-node1
bash

** Enter the following commands on each worker node:
*** Configure Firewall
systemctl start firewalld
firewall-cmd --permanent --add-port=10251/tcp
firewall-cmd --permanent --add-port=10255/tcp
firewall-cmd --reload

# load netfilter probe specifically
modprobe br_netfilter


*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config

or 
vi /etc/sysconfig/selinux
  SELINIX=disable
  
** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a

Step 2: Setup the Kubernetes Repo

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF


Step 3: Install Docker, kubelet, kubeadm, and kubectl

yum install docker -y     or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl 

systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker


Step 4: Join Worker Node to Cluster

kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus --discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b





Troubleshooting

cd /etc/sysconfig/network-script

systemctl daemon-reload

kubeadm reset

Comments

Popular posts from this blog

05 - Docker - Containers

08 - PUPPET - Configuration Management

06 - Docker Swarm - Container Orchestration