Difference between revisions of "IT-SDK-Kubernetes-Basics"
Jump to navigation
Jump to search
Samerhijazi (talk | contribs) (→Vagrant) |
Samerhijazi (talk | contribs) (→Ansible) |
||
| Line 32: | Line 32: | ||
* Installation with '''Vagrant''': https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant/ | * Installation with '''Vagrant''': https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant/ | ||
<pre class="code"> | <pre class="code"> | ||
| + | --- | ||
| + | - hosts: all | ||
| + | become: true | ||
| + | tasks: | ||
| + | - name: Install packages that allow apt to be used over HTTPS | ||
| + | apt: | ||
| + | name: "{{ packages }}" | ||
| + | state: present | ||
| + | update_cache: yes | ||
| + | vars: | ||
| + | packages: | ||
| + | - apt-transport-https | ||
| + | - ca-certificates | ||
| + | - curl | ||
| + | - gnupg-agent | ||
| + | - software-properties-common | ||
| + | - name: Add an apt signing key for Docker | ||
| + | apt_key: | ||
| + | url: https://download.docker.com/linux/ubuntu/gpg | ||
| + | state: present | ||
| + | |||
| + | - name: Add apt repository for stable version | ||
| + | apt_repository: | ||
| + | repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable | ||
| + | state: present | ||
| + | |||
| + | - name: Install docker and its dependecies | ||
| + | apt: | ||
| + | name: "{{ packages }}" | ||
| + | state: present | ||
| + | update_cache: yes | ||
| + | vars: | ||
| + | packages: | ||
| + | - docker-ce | ||
| + | - docker-ce-cli | ||
| + | - containerd.io | ||
| + | notify: | ||
| + | - docker status | ||
| + | |||
| + | - name: Add vagrant user to docker group | ||
| + | user: | ||
| + | name: vagrant | ||
| + | group: docker | ||
| + | |||
| + | - name: Remove swapfile from /etc/fstab | ||
| + | mount: | ||
| + | name: "{{ item }}" | ||
| + | fstype: swap | ||
| + | state: absent | ||
| + | with_items: | ||
| + | - swap | ||
| + | - none | ||
| + | |||
| + | - name: Disable swap | ||
| + | command: swapoff -a | ||
| + | when: ansible_swaptotal_mb > 0 | ||
| + | |||
| + | - name: Add an apt signing key for Kubernetes | ||
| + | apt_key: | ||
| + | url: https://packages.cloud.google.com/apt/doc/apt-key.gpg | ||
| + | state: present | ||
| + | |||
| + | - name: Adding apt repository for Kubernetes | ||
| + | apt_repository: | ||
| + | repo: deb https://apt.kubernetes.io/ kubernetes-xenial main | ||
| + | state: present | ||
| + | filename: kubernetes.list | ||
| + | |||
| + | - name: Install Kubernetes binaries | ||
| + | apt: | ||
| + | name: "{{ packages }}" | ||
| + | state: present | ||
| + | update_cache: yes | ||
| + | vars: | ||
| + | packages: | ||
| + | - kubelet | ||
| + | - kubeadm | ||
| + | - kubectl | ||
| + | |||
| + | - name: Configure node ip | ||
| + | lineinfile: | ||
| + | path: /etc/default/kubelet | ||
| + | line: KUBELET_EXTRA_ARGS=--node-ip={{ node_ip }} | ||
| + | |||
| + | - name: Restart kubelet | ||
| + | service: | ||
| + | name: kubelet | ||
| + | daemon_reload: yes | ||
| + | state: restarted | ||
| + | |||
| + | - name: Initialize the Kubernetes cluster using kubeadm | ||
| + | command: kubeadm init --apiserver-advertise-address="192.168.50.10" --apiserver-cert-extra-sans="192.168.50.10" --node-name k8s-master --pod-network-cidr=192.168.0.0/16 | ||
| + | |||
| + | - name: Setup kubeconfig for vagrant user | ||
| + | command: "{{ item }}" | ||
| + | with_items: | ||
| + | - mkdir -p /home/vagrant/.kube | ||
| + | - cp -i /etc/kubernetes/admin.conf /home/vagrant/.kube/config | ||
| + | - chown vagrant:vagrant /home/vagrant/.kube/config | ||
| + | |||
| + | - name: Install calico pod network | ||
| + | become: false | ||
| + | command: kubectl create -f https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/calico.yaml | ||
| + | |||
| + | - name: Generate join command | ||
| + | command: kubeadm token create --print-join-command | ||
| + | register: join_command | ||
| + | |||
| + | - name: Copy join command to local file | ||
| + | local_action: copy content="{{ join_command.stdout_lines[0] }}" dest="./join-command" | ||
| + | |||
| + | handlers: | ||
| + | - name: docker status | ||
| + | service: name=docker state=started | ||
</pre> | </pre> | ||
Revision as of 21:09, 31 July 2021
Contents
Ref.
- https://kind.sigs.k8s.io/
- http://kubernetesbyexample.com/
- https://kubernetes.io/docs/reference/kubectl/cheatsheet/
Infrastructure
Vagrant
# -*- mode: ruby -*-
# vi: set ft=ruby :
IMAGE_NAME = "ubuntu/focal64"
Vagrant.configure("2") do |config|
config.vm.provider "virtualbox" do |vb|
vb.gui = false
vb.cpus = 2
vb.memory = 4096
end
config.vm.define "k8s-master" do |master|
master.vm.box = IMAGE_NAME
master.vm.hostname = "k8s-master"
master.vm.network "public_network", bridge: "br0", mac: "0800272657FA", ip: "192.168.178.80"
end
config.vm.define "k8s-node01" do |node01|
node01.vm.box = IMAGE_NAME
node01.vm.hostname = "k8s-node01"
node01.vm.network "public_network", bridge: "br0", mac: "0800272657FB", ip: "192.168.178.81"
end
end
Ansible
- Installation with Vagrant: https://kubernetes.io/blog/2019/03/15/kubernetes-setup-using-ansible-and-vagrant/
---
- hosts: all
become: true
tasks:
- name: Install packages that allow apt to be used over HTTPS
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- apt-transport-https
- ca-certificates
- curl
- gnupg-agent
- software-properties-common
- name: Add an apt signing key for Docker
apt_key:
url: https://download.docker.com/linux/ubuntu/gpg
state: present
- name: Add apt repository for stable version
apt_repository:
repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu xenial stable
state: present
- name: Install docker and its dependecies
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- docker-ce
- docker-ce-cli
- containerd.io
notify:
- docker status
- name: Add vagrant user to docker group
user:
name: vagrant
group: docker
- name: Remove swapfile from /etc/fstab
mount:
name: "{{ item }}"
fstype: swap
state: absent
with_items:
- swap
- none
- name: Disable swap
command: swapoff -a
when: ansible_swaptotal_mb > 0
- name: Add an apt signing key for Kubernetes
apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
state: present
- name: Adding apt repository for Kubernetes
apt_repository:
repo: deb https://apt.kubernetes.io/ kubernetes-xenial main
state: present
filename: kubernetes.list
- name: Install Kubernetes binaries
apt:
name: "{{ packages }}"
state: present
update_cache: yes
vars:
packages:
- kubelet
- kubeadm
- kubectl
- name: Configure node ip
lineinfile:
path: /etc/default/kubelet
line: KUBELET_EXTRA_ARGS=--node-ip={{ node_ip }}
- name: Restart kubelet
service:
name: kubelet
daemon_reload: yes
state: restarted
- name: Initialize the Kubernetes cluster using kubeadm
command: kubeadm init --apiserver-advertise-address="192.168.50.10" --apiserver-cert-extra-sans="192.168.50.10" --node-name k8s-master --pod-network-cidr=192.168.0.0/16
- name: Setup kubeconfig for vagrant user
command: "{{ item }}"
with_items:
- mkdir -p /home/vagrant/.kube
- cp -i /etc/kubernetes/admin.conf /home/vagrant/.kube/config
- chown vagrant:vagrant /home/vagrant/.kube/config
- name: Install calico pod network
become: false
command: kubectl create -f https://docs.projectcalico.org/v3.4/getting-started/kubernetes/installation/hosted/calico.yaml
- name: Generate join command
command: kubeadm token create --print-join-command
register: join_command
- name: Copy join command to local file
local_action: copy content="{{ join_command.stdout_lines[0] }}" dest="./join-command"
handlers:
- name: docker status
service: name=docker state=started
Cluster-Installation
swapoff -a sudo apt-get update sudo apt-get upgrade sudo apt-get install docker.io ... sudo sh -c "echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' >> /etc/apt/sources.list.d/kubernetes.list" sudo sh -c "curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -" ... sudo apt-get update sudo apt-get install kubeadm=1.20.1-00 kubelet=1.20.1-00 kubectl=1.20.1-00 sudo apt-mark hold kubelet kubeadm kubectl ... sudo sh -c "echo '192.168.178.80 k8s-master' >> /etc/hosts" nano kubeadm-config.yaml --------------------------- apiVersion: kubeadm.k8s.io/v1beta2 kind: ClusterConfiguration kubernetesVersion: 1.20.1 controlPlaneEndpoint: "k8s-master:6443" networking: podSubnet: 192.168.0.0/16 --------------------------- sudo kubeadm init --config=kubeadm-config.yaml --upload-certs | tee kubeadm-init.out sudo kubeadm init --kubernetes-version 1.20.1 --pod-network-cidr 192.168.0.0/16 # Alternativ ... mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ... kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml kubectl get node kubectl config use-context kubernetes-admin@kubernetes
Cluster-Updating
sudo apt-cache madison kubeadm sudo kubeadm version kubectl get node ... sudo apt-mark unhold kubeadm sudo apt-get install kubeadm=1.21.1-00 sudo apt-mark hold kubeadm ... kubectl drain k8s-master --ignore-daemonsets # Drain node in preparation for maintenance ... sudo kubeadm upgrade plan sudo kubeadm upgrade apply v1.21.1 ... sudo apt-mark unhold kubelet kubectl sudo apt-get install kubelet=1.21.1-00 kubectl=1.21.1-00 sudo apt-mark hold kubelet kubectl ... sudo systemctl daemon-reload sudo systemctl restart kubelet ... kubectl uncordon k8s-master # Mark node as schedulable.
Settings
kubectl describe node | grep -i taint kubectl taint nodes --all node-role.kubernetes.io/master- kubectl -n kube-system describe secret default
DryRun
kubectl create deployment nginx --image=nginx --replicas=2 kubectl expose deployment nginx --type=LoadBalancer ... kubectl create job hello --image=busybox -- echo "Hello World" kubectl create cronjob hello --image=busybox --schedule="*/1 * * * *" -- echo "Hello World" ... kubectl run --image=nginx -o yaml --dry-run=client > pod-defination.yaml kubectl create deployment --image=nginx --replicas=3 -o yaml --dry-run=client > deployment-defination.yaml
ServiceTypes
- ref: https://kubernetes.io/docs/concepts/services-networking/service/
- ClusterIP: Service is reachableonly from within the cluster.
- NodePort: Service is reachable from outside the cluster.
- LoadBalancer: Service is reachable from outside the cluster (Using a cloud provider's load balancer).
- ExternalName: t.b.d.
Probes
Bedeutung
- Probe: describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic.
- Liveness: to know when to restart a container.
- Readiness: to know when a container is ready to start accepting traffic.
- Startup: to know when a container application has started. If such a probe is configured, it disables liveness and readiness checks until it succeeds.
Settings
- initialDelaySeconds: wait x seconds before performing the first probe.
- periodSeconds: every x seconds to perform probe.
- timeoutSeconds: wait x seconds after which the probe times out.
- successThreshold: x times to considered successful after having failed (Defaults=1).
- failureThreshold: x times to giving up after fails (Defaults=3). Giving up in case of liveness probe means restarting the container.
kind
curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.11.1/kind-linux-amd64 curl -Lo kind.exe https://kind.sigs.k8s.io/dl/v0.11.1/kind-windows-amd64
kind create cluster kind create cluster --name kind-2 kind get clusters kind delete cluster ... kubectl cluster-info --context kind-kind
minikube
minikube start minikube dashboard minikube stop #Halt the cluster: minikube config set memory 16384 #Set memory limit minikube addons list #Browse the catalog minikube start -p aged --kubernetes-version=v1.16.1 #Create a second cluster minikube delete --all #Delete all of the minikube
