11 - Kubernetes - K8s

-
 Docker Container Clustering using Kubernetes
  • Orchestration
  • Developed by Google lab in 2015 - Now managed by CNCF
  • Open-source
  • Kubernetes is also called K8s test
  • Running on Docker and other Containers
  • More functionality 
  • Supported by Clouds - AWS, Azure, GPC
    • Master nodes managed by Cloud and not access Tenant
  • Communication between Container by CNI -> Container Network Interface
  • Capability of automating deployment, scaling of application, and operations of application container across clusters
  • Auto-scalable infrastructure
  • Higher density of resource utilization
  • Predictable infrastructure

Kubernetes Architecture
  • Kubernetes Master Server
    • etcd : configuration information of K8s ( like Zookeeper ), in multiple nodes
    • API Server: Provide operation on cluster - kubeconfig tools that used for communication
    • Scheduler: responsible for deploy PODs
    • Controller Manager: responsible for managing cluster of state
  • Kubernets Nodes
    • Docker: requirement of each node and help in running the encapsulated application containers
    • Kubelet: interact with etcd and read configuration details
    • Kubernetes Proxy: services available to the external host, primitive load balance, Managed health check, volumes, secrets



KUBERNETES LAB

mkdir kubernetes
cd kubernetes
mkdir master vm1 vm2

1 - Master Node

cd master
vagrant ssh
** Required root privileges
sudo su -
hostnamectrl set-hostname kubemaster.unix.in
bash

vi /etc/hosts
192.168.33.09 kubemaster.unix.in
192.168.33.10 workernode1.unix.in
192.168.33.11 workernode2.unix.in

****** Prerequisite Kubernetes  *******
# disable swap
swapoff -a 
free -m

# disable swap partition
vi /etc/fstab
# /dev/mapper/centos-swap swap

# disable SE LINUX
setenforce 0
vi /etc/sysconfig/selinux
  SELINIX=disable

# Enable Cluster Communication
modeprobe br_netfilter
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

**** Install Kubernetes
# Install Depedencies
yum install -y yum-utils device-mapper-persistent-data lvm2

*** Install Docker 
curl -fsSL get.docker.com | sh

** Created Kubernetes Repo
cat << EOF > /etc/yum.repos.d/kubernetes.repo  
[kubernetes]  
name=Kubernetes  
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64  
enabled=1  
gpgcheck=0  
repo_gpgcheck=0  
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg  
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg  
EOF
** Install kubelet, kubead and kubectl
yum install -y kubelet kubeadm kubectl
systemctl enable docker
systemctl enable kubelet
systemctl start docker

docker info | grep -i cgroup
** Updating c groupfs driver
mkdir /etc/docker
cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
"max-size": "100m"
  },
  "storage-driver": "overlay2",
  "storage-opts": [
"overlay2.override_kernel_check=true"
  ]
}
EOF
** create server.d directory and reload
ls -ld /etc/systemd/system
mkdir -p /etc/systemed/system/docker.service.d
systemctl daemon-reload
systemctl restart docker
** Verify cgroups
docker info | grep -i cgroups
** Initialize Kubernetes Cluster  -->  only run in master node
** kubeadm config images pull from docker hub
kubeadm init --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16


** if the issue in Kubernetes version, now reset Kubernetes cluster and install an older version kubeadm reset ** Cleanup memoery echo 3 > /prod/sys/vm/drop_caches free -m
kubeadm init --kubernetes-version v1.20.1 --apiserver-advertise-address=192.168.33.9 --pod-network-cidr=10.244.0.0/16

Pending update soon ....................................



2 - Kube Node1



3 - Kube Node2


---------------------------------------------------------------------------------
K8s Cluster Lab - 2nd Version

1 - MASTER-NODE

Step 1: Prepare Hostname, Firewall and SELinux

# sudo su -
# hostnamectl set-hostname master-node
# bash

cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF
*** Configure Firewall
systemctl start firewalld
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=2379-2380/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --permanent --add-port=10251/tcp
sudo firewall-cmd --permanent --add-port=10252/tcp
sudo firewall-cmd --permanent --add-port=10255/tcp
sudo firewall-cmd --reload

# load netfilter probe specifically
modprobe br_netfilter


*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
or
vi /etc/sysconfig/selinux
  SELINIX=disable
  

** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a

Step 2: Setup the Kubernetes Repo

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF


Step 3: Install Docker, kubelet, kubeadm, and kubectl

yum install docker -y     or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl 

systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker
Step 4: Initialize Kubernetes Master and Setup Default User

kubeadm init --apiserver-advertise-address=192.168.33.27 --pod-network-cidr=10.244.0.0/16

** copy kubeadm join xxxxxxxxxxxxxxxx
kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus \
    --discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b

** Manage Cluster as Regular User
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

Step 5: Setup Your Pod Network

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

or ...
# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

Step 6: Check Status of Cluster
kubectl get nodes

kubectl get pods --all-namespaces


2 - worker-node1

Step 1: Prepare Hostname, Firewall and SELinux

sudo su -
hostnamectl set-hostname worker-node1
bash

cat <<EOF>> /etc/hosts
192.168.33.27 master-node
192.168.33.29 worker-node1
EOF

# hostnamectl set-hostname worker-node1
bash

** Enter the following commands on each worker node:
*** Configure Firewall
systemctl start firewalld
firewall-cmd --permanent --add-port=10251/tcp
firewall-cmd --permanent --add-port=10255/tcp
firewall-cmd --reload

# load netfilter probe specifically
modprobe br_netfilter


*** Update Iptables Settings
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

** Disable SELinux
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config

or 
vi /etc/sysconfig/selinux
  SELINIX=disable
  
** Disable SWAP
sed -i '/swap/d' /etc/fstab
swapoff -a

Step 2: Setup the Kubernetes Repo

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF


Step 3: Install Docker, kubelet, kubeadm, and kubectl

yum install docker -y     or #curl -fsSL get.docker.com | sh
yum install -y kubelet kubeadm kubectl 

systemctl enable kubelet
systemctl start kubelet
systemctl enable docker
systemctl start docker


Step 4: Join Worker Node to Cluster

kubeadm join 192.168.33.27:6443 --token qeszty.ejuxd2a2vijdcjus --discovery-token-ca-cert-hash sha256:3d5bd33b6334b4d32fc33f2533853b224c2ac8fc8fd3f91bccf44a9bcb43334b





Troubleshooting

cd /etc/sysconfig/network-script

systemctl daemon-reload

kubeadm reset

Comments

Post a Comment

Popular posts from this blog

05 - Docker - Containers

-
Image
 Docker - Containers - Container is operating system-level virtualization  ( Linux Kernal ) Allow for multiple isolated user-space instances called containers They share a single kernel Can be added or removed any times - Containers consist of a self-contained Linux file system Can be from any Linux distribution which is compatible with the host kernel Usually contain a single application such as a server - Operating  Is often used in Cloud Computing Docker Architecture Docker is available in two editions: Community Edition (CE) - open-source Enterprise Edition (EE) Docker uses a client-server architecture Client REST API  (   the primary user interface which communicates ) Over HTTP Over local Unix Socket Docker CLI docker build docker pull docker run Servers (Docker_Host) Is the Docker daemon Responsible for building, running, and distributing containers Docker daemon Container Images Registry (docker.io , DockerHub) Responsible for the storage, management, and delivery of Docker im
Read more

08 - PUPPET - Configuration Management

-
Image
 PUPPET - Configuration Management A Configuration Management Tool A framework for Systems Automation A Declarative Domain Specific Language (DSL) An Open Source software is written in Ruby Works on Linux, Unix (Solaris, AIX, *BSD), macOS, Windows |Supported Platforms) Developed by Puppet Labs Puppet Agent Required SSL certificate Default fatches after 60 minutes noop - dry run Puppet Open Source or Enterprise Puppet Langauge Declarative - Domain Specific Langauge (DSL) define STATES (No procedures) Puppet code is written in manifest ( .pp extension ) In the code, we declare resources that affect elements of the system (files, packages, services ... ) Resources are grouped into classes Classes and configuration files are organized in modules Puppet Resource Abstraction Layers Puppet Catalog Certificate Management Server Resources Facter Puppet Manifest Puppet Resources Resource Types Reference Puppet Nodes Roles Define Policy Puppet Virtual Resources Puppet Lab   Pu
Read more

06 - Docker Swarm - Container Orchestration

-
Image
 Docker Swarm - Container Orchestration Create Cluster Build & Deployment automated Rolling Deployment Update Version Docker Swarm is clustering for Docker It turns several Docker hosts into a single virtual Docker host The Swarm is controlled by Swarm Manager Each Docker code communicates with the manager It can be installed manually or by using Docker Machine Scheduler Service Discover Consul -> provide DNS Zookeeper - configuration management tools Cheat Sheet => https://lzone.de/cheat-sheet/Docker%20Swarm LAB mkdir DockerSwarm cd DockerSwarm mkdir manager vm1 vm2  *** Manager Node **** cd manager vagrant ssh sudo su - hostnamectrl set-hostname managernode.unix.in bash vi /etc/hosts 192.168.33.14 managernode.unix.in 192.168.33.15 workernode1.unix.in 192.168.33.16 workernode1.unix.in ## Install Docker C curl -fsSL get.docker.com | sh ## Add user Vagrant in Docker group sudo usermod -aG docker vagrant id vagrant ## Start Docker Service
Read more