1.
Create VM with 3 NetCard (1. NAT:dhcp – for
external use, 2. Host-only: Static – for internal use, 3. Bridge Net: Static –
for local intranet).
Example of network configuration
(/etc/network/interfaces):
auto lo
iface lo inet loopback
# The primary network interface
auto enp0s3
iface enp0s3 inet dhcp
#Virbr
auto virbr0
iface virbr0 inet dhcp
#Host-only Net for local VM use
auto enp0s8
iface enp0s8 inet static
address 192.168.56.204
netmask 255.255.255.0
network 192.168.56.0
#Bridge Net for local network use
auto enp0s9
iface enp0s9 inet static
address 192.168.1.24
netmask 255.255.255.0
If you clone from existing VM, change
hostname file (/etc/hostname) and hosts file accordingly. Configure your VMs
with 2Gb of RAM for normal work. In my case, I used 1.5Gb and still ok.
2.
You should be a root user to install all. You
should not have a group called docker. If it is change it using: groupmod –n
.
3.
Disable swap on your disk (kubeadm won’t work
with swap on):
swapoff –a
(better to comment
out swap line on fstab. Be careful don’t comment disk or boot volumes or yr
system won’t start)
vi /etc/fstab
4.
Update your OS packages: sudo apt-get update
5.
Install standard docker: apt-get install –qy docker.io
6.
Install apt repositories of Kubernetes:
apt-get update && apt-get install –y
apt-transport-https
cat <
NAV
7.
Update package list: apt-get update
8.
Install kubelet, kubeadm, kubectl and
kubernetes-cni
(ref.:https://kubernetes.io/docs/setup/independent/install-kubeadm/)
apt-get update && apt-get install –y kubelet
kubeadm kubectl kubernetes-cni
9.
We can use Flannel (https://github.com/coreos/flannel)
for Software Defined Network SDN using overlay and ipvlan of Linux kernel. This
automated network for our PODs and nodes’ heartbeat communication.
10.
Find out network interfaces and IPs: ifconfig
In my case: enp0s3 is dhcp for external on
10.0.2.0 subnet and enp0s8 for internal on 192.168.56.0 subnet. We need to use
internal IP address for Kubernetes API transfers:
kubeadm init --pod-network-cidr=10.244.0.0/16
--apiserver-advertise-address=192.168.56.203 --ignore-preflight-errors=all --kubernetes-version
stable-1.8
This is what you should get as a result:
….
[bootstraptoken] Configured RBAC rules to allow
certificate rotation for all node client certificates in the cluster
[bootstraptoken] Creating the "cluster-info"
ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: kube-dns
[addons] Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the
following as a regular user:
mkdir -p
$HOME/.kube
sudo cp -i
/etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id
-u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with
one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the
following on each node
as root:
kubeadm join
--token d417eb.97ba29ee82e6fe94 192.168.56.203:6443
--discovery-token-ca-cert-hash sha256:9851580063b9900fa95bb092c58cf07735c4a9082012b14c7ae7e0be0af60d0e
11.
Create a regular user
useradd yusuf –G sudo –m –s /bin/bash
passwd yusuf
id yusuf
12.
We need to configure environment variables for
our new user:
su yusuf
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
export KUBECONFIG=$HOME/.kube/config
echo "export KUBECONFIG=$HOME/.kube/config" |
tee -a ~/.bashrc
13.
Configure our Flannel network for our PODs as of
above results. If you want other add-ons check https://kubernetes.io/docs/concepts/cluster-administration/addons/
and use as needed.
Set
/proc/sys/net/bridge/bridge-nf-call-iptablesto 1 by running sysctl
net.bridge.bridge-nf-call-iptables=1 to pass bridged IPv4 traffic to iptables’ chains.
This is a requirement for some CNI plugins to work, for more information please
see here.
I use Flannel here (https://github.com/coreos/flannel):
$ sudo kubectl apply -f
https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
clusterrole
"flannel" created
clusterrolebinding
"flannel" created
serviceaccount
"flannel" created
configmap
"kube-flannel-cfg" created
daemonset
"kube-flannel-ds" created
14.
Check for dns:
kubectl get pods --all-namespaces
15.
Adding Nodes to our cluster.
Do all step from 2 to 7 and step 10 on each
node.
16.
Join to the cluster:
kubeadm join --token d417eb.97ba29ee82e6fe94
192.168.56.203:6443 --discovery-token-ca-cert-hash
sha256:9851580063b9900fa95bb092c58cf07735c4a9082012b14c7ae7e0be0af60d0e
17.
Check nodes from Master node:
kubectl get nodes
18.
If you want to control cluster from Worker node,
you need to copy admin.conf file from Master node. Login to Master node as a
root:
su
scp /etc/kubernetes/admin.conf
192.168.56.204:/home/yusuf/
kubectl --kubeconfig ./admin.conf get nodes
19.
Check running components of Kubernetes
(everything should be running on Status):
kubectl get all --namespace=kube-system
20.
Let’s try to deploy a pod with container and
check it out:
kubectl run mynginx --image=nginx --port=80
21.
Check if it is deployed:
kubectl get pods
kubectl get deploy
22.
Check it out in details (kubectl describe pod
, kubectl logs
):
kubectl describe po mynginx
kubectl logs mynginx-6cd7b4779c-gbxww
23.
You can login into container using kubectl exec:
$ kubectl exec -it mynginx-6cd7b4779c-gbxww sh
# head -n3 /etc/os-release
PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
NAME="Debian GNU/Linux"
VERSION_ID="9"
# exit
24.
You can expose it to external IP for you to be
able to see from external browser (in our case, laptop where VirtualBox
installed). I put my Node2 IP address as I don’t have external LoadBalancer. I
see container is in there by kubectl get pods –output=wide:
kubectl expose deployment mynginx --type=LoadBalancer
--name=my-service --external-ip=192.168.1.42
or just
kubectl expose deployment mynginx --type=NodePort
or
kubectl expose pod mynginx-6cd7b4779c-2nvnt --type=NodePort
–name myninx-servc
25.
Now, we can open a browser from our laptop as http://192.168.1.42/ or if you exposed with
NodePort type, check for exposed port by kubectl get svc and use that with IP
address.
26.
For cleanup:
kubectl delete services my-service
kubectl delete deployment mynginx
27.
If you want to use WebUI tool to see everything
on the dashboard (https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/)
kubectl create -f
https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
28.
WebUI tool won’t allow connection from other
than localhost. So if you want to login it from host (direct from laptop) do
following:
kubectl proxy --address=192.168.56.203 --port=9090
--accept-hosts='^*$'
29.
If you forgot join string for adding new nodes:
kubeadm token create --print-join-command
30.
References:
No comments:
Post a Comment