11 - Kubernetes - K8s
Docker Container Clustering using Kubernetes
- Orchestration
- Developed by Google lab in 2015 - Now managed by CNCF
- Open-source
- Kubernetes is also called K8s test
- Running on Docker and other Containers
- More functionality
- Supported by Clouds - AWS, Azure, GPC
- Master nodes managed by Cloud and not access Tenant
- Communication between Container by CNI -> Container Network Interface
- Capability of automating deployment, scaling of application, and operations of application container across clusters
- Auto-scalable infrastructure
- Higher density of resource utilization
- Predictable infrastructure
Kubernetes Architecture
- Kubernetes Master Server
- etcd : configuration information of K8s ( like Zookeeper ), in multiple nodes
- API Server: Provide operation on cluster - kubeconfig tools that used for communication
- Scheduler: responsible for deploy PODs
- Controller Manager: responsible for managing cluster of state
- Kubernets Nodes
- Docker: requirement of each node and help in running the encapsulated application containers
- Kubelet: interact with etcd and read configuration details
- Kubernetes Proxy: services available to the external host, primitive load balance, Managed health check, volumes, secrets
KUBERNETES LAB
mkdir kubernetes
cd kubernetes
mkdir master vm1 vm2
1 - Master Node
cd master
vagrant ssh
** Required root privileges
sudo su -
hostnamectrl set-hostname kubemaster.unix.in
bash
vi /etc/hosts
192.168.33.09 kubemaster.unix.in
192.168.33.10 workernode1.unix.in
192.168.33.11 workernode2.unix.in
****** Prerequisite Kubernetes *******
# disable swap
swapoff -a
free -m
# disable swap partition
vi /etc/fstab
# /dev/mapper/centos-swap swap
# disable SE LINUX
setenforce 0
vi /etc/sysconfig/selinux
SELINIX=disable
# Enable Cluster Communication
modeprobe br_netfilter
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
**** Install Kubernetes
# Install Depedencies
yum install -y yum-utils device-mapper-persistent-data lvm2
*** Install Docker
curl -fsSL get.docker.com | sh
** Created Kubernetes Repo
cat << EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
** Install kubelet, kubead and kubectl
yum install -y kubelet kubeadm kubectl
systemctl enable docker
systemctl enable kubelet
systemctl start docker
docker info | grep -i cgroup
** Updating c groupfs driver
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2",
"storage-opts": [
"overlay2.override_kernel_check=true"
]
}
EOF
** create server.d directory and reload
ls -ld /etc/systemd/system
mkdir -p /etc/systemed/system/docker.service.d
systemctl daemon-reload
systemctl restart docker
** Verify cgroups
docker info | grep -i cgroups
** Initialize Kubernetes Cluster --> only run in master node
** kubeadm config images pull from docker hub
kubeadm init --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16
** if the issue in Kubernetes version, now reset Kubernetes cluster and install an older version
kubeadm reset
** Cleanup memoery
echo 3 > /prod/sys/vm/drop_caches
free -m
kubeadm init --kubernetes-version v1.20.1 --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16
Pending update soon ....................................
2 - Kube Node1
3 - Kube Node2
---------------------------------------------------------------------------------
K8s Cluster Lab - 2nd Version
1 - MASTER-NODE
Step 1: Prepare Hostname, Firewall and SELinux
# sudo su -
# hostnamectl set-hostname master-node
# bash
cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF
*** Configure Firewall
systemctl start firewalld
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=2379-2380/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --permanent --add-port=10251/tcp
sudo firewall-cmd --permanent --add-port=10252/tcp
sudo firewall-cmd --permanent --add-port=10255/tcp
sudo firewall-cmd --reload
# load netfilter probe specifically
modprobe br_netfilter
*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
or
vi /etc/sysconfig/selinux
SELINIX=disable
** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a
Step 2: Setup the Kubernetes Repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
Step 3: Install Docker, kubelet, kubeadm, and kubectl
yum install docker -y or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker
Step 4: Initialize Kubernetes Master and Setup Default User
kubeadm init --apiserver-advertise-address=192.168.33.27 --pod-network-cidr=10.244.0.0/16
** copy kubeadm join xxxxxxxxxxxxxxxx
kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus \
--discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b
** Manage Cluster as Regular User
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
Step 5: Setup Your Pod Network
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
or ...
# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"
Step 6: Check Status of Cluster
kubectl get nodes
kubectl get pods --all-namespaces
2 - worker-node1
Step 1: Prepare Hostname, Firewall and SELinux
sudo su -
hostnamectl set-hostname worker-node1
bash
cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF
# hostnamectl set-hostname worker-node1
bash
** Enter the following commands on each worker node:
*** Configure Firewall
systemctl start firewalld
firewall-cmd --permanent --add-port=10251/tcp
firewall-cmd --permanent --add-port=10255/tcp
firewall-cmd --reload
# load netfilter probe specifically
modprobe br_netfilter
*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
or
vi /etc/sysconfig/selinux
SELINIX=disable
** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a
Step 2: Setup the Kubernetes Repo
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
Step 3: Install Docker, kubelet, kubeadm, and kubectl
yum install docker -y or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker
Step 4: Join Worker Node to Cluster
kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus --discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b
Troubleshooting
cd /etc/sysconfig/network-script
systemctl daemon-reload
kubeadm reset
Comments
Post a Comment