Otu esi etinye ụyọkọ Kubernetes na CentOS 8


Usoro ịwụnye ụyọkọ Kubernetes na CentOS 8 fọrọ nke nta ka ọ bụrụ nke CentOS 7 (nke ị nwere ike ịgafe ebe a), mana usoro ebe a nwere mgbanwe ole na ole. Mgbanwe ndị a, na-agbasakarị na ntinye nke Docker.

Malite na CentOS 8 (yana site na ndọtị RHEL 8), docker ejirila podman na buildah dochie ya ugbu a nke bụ ngwaọrụ sitere na Redhat. Dịka eziokwu, ewepụla ngwungwu docker ugbu a na ngwungwu ndabara.

Site na mmegharị a, ndị otu Redhat na-achọ ime ka usoro nke imepụta na iji arịa dị mfe, na-enweghị ikike ikike pụrụ iche, ebe n'otu oge ahụ, na-edobe ndakọrịta na ihe onyonyo docker na-arụ ọrụ na-enweghị mkpa daemon. Podman kwere nkwa inyekwu mgbanwe mgbe ọ na-agba ọsọ na gburugburu Kubernetes, mana ndị juri ka nọ ebe ahụ.

Maka edemede a, anyị ga-agba ọsọ na usoro ịwụnye Kubernetes na ikpo okwu CentOS 8, na-agba ọsọ na Docker-CE (Community Edition). N'ime edemede ọzọ, anyị ga-agba ọsọ site na ntinye yiri ya, na-eji podman maka arịa anyị.

  1. Sava atọ na-agba CentOS 8 – 1 Master Node na 2 Worker Nodes.
  2. A na-atụ aro na ọnụ gị kwesịrị ịnwe opekata mpe 2 CPU nwere 2GB Ram ma ọ bụ karịa kwa igwe. Nke a abụghị ihe siri ike chọrọ mana ọ na-ebute ya site na mkpa nke ngwa ị chọrọ ịgba ọsọ.
  3. Njikọ ịntanetị na ọnụ gị niile. Anyị ga na-ebubata Kubernetes na ngwugwu docker site na ebe nchekwa. N'otu aka ahụ, ị ga-achọ ijide n'aka na arụnyere njikwa ngwugwu DNF na ndabara ma nwee ike ịweta ngwugwu na anya.
  4. ọnụ gị niile kwesịkwara inwe ike jikọọ na ibe gị, ma ọ bụ na netwọk nzuzo ma ọ bụ nke ọha, nke ọ bụla dị.
  5. Ị ga-achọkwa ịnweta akaụntụ nwere ikike sudo ma ọ bụ mgbọrọgwụ. N'ime nkuzi a, a ga m eji akaụntụ mgbọrọgwụ m.

Ọtụtụ ọnụ n'ozuzu na-abịa na adreesị Mac pụrụ iche, Otú ọ dị, na ụfọdụ pụrụ iche, ụfọdụ Virtual Machines nwere ike inwe otu adreesị MAC. Ya mere, a na-atụ aro ka ị kwado na ngwaahịa_UUID na adreesị MAC abụghị otu n'ime oghere ọ bụla.

Kubernetes na-eji ụkpụrụ ndị a iji chọpụta ọnụ ọnụ dị na ụyọkọ ahụ n'ụzọ pụrụ iche. Ọ bụrụ na ụkpụrụ ndị a abụghị ihe pụrụ iche na ọnụ ọnụ nke ọ bụla, usoro ntinye nwere ike ịda.

Ka ịlele adreesị MAC nke interface netwọk wee tụnyere ya.

# ip link

Ka ịlele ngwaahịa_uuid wee tulee, mee iwu a.

# cat /sys/class/dmi/id/product_uuid 

Emebere nrụnye anyị ka ọ nwee Master-Node na-achịkwa ọnụ ndị ọrụ. Na njedebe nke nrụnye a, ihe owuwu anyị nwere ezi uche ga-adị ka nke a.

Master Node - Igwe a na-arụkarị ọrụ dị ka ụgbọ elu njikwa ma na-agba ọsọ nchekwa data ụyọkọ na ihe nkesa API (nke kubectl CLI na-akpakọrịta).

Ụyọkọ Kubernetes 3-ọnụ anyị ga-adị ka nke a:

Nwụnye nke ụyọkọ Kubernetes na Master-Node

Maka Kubernetes ka ọ rụọ ọrụ, ị ga-achọ igwe na-eme ihe. Dịka e kwuru, anyị ga-eji Docker-CE.

A ga-eme ụlọ ọrụ ndị a na CentOS 8 Master-Node.

Na CentOS 8 Master-Node gị, tọọ aha nnabata sistemụ wee melite DNS na faịlụ /etc/hosts gị.

# hostnamectl set-hostname master-node
# cat <<EOF>> /etc/hosts
192.168.0.47 master-node
192.168.0.48 node-1 worker-node-1
192.168.0.49 node-2 worker-node-2
EOF

Na-esote, ping your worker-node-1 and worker-node-2 iji lelee ma faịlụ nnabata gị emelitere na-arụ ọrụ nke ọma site na iji iwu ping.

# ping 192.168.0.48
# ping 192.168.0.49

Na-esote, gbanyụọ Selinux, n'ihi na nke a chọrọ iji kwe ka arịa nweta ohere ịnweta faịlụ nke onye ọbịa, nke netwọk pod na ọrụ ndị ọzọ chọrọ.

# setenforce 0

Ịtọ ntọala ka ọ bụrụ 0 na-edozi SELinux ka ọ bụrụ nke ọma, nke na-ewepụ SELinux nke ọma ruo mgbe ịmalitegharị ọzọ. Iji gbanyụọ ya kpamkpam, jiri iwu dị n'okpuru wee malitegharịa.

# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# reboot

Kubernetes na-eji ọdụ ụgbọ mmiri dị iche iche maka nkwurịta okwu na ịnweta na ọdụ ụgbọ mmiri ndị a kwesịrị ịnweta Kubernetes na ọ bụghị nanị site na firewall.

Hazie iwu firewall na ọdụ ụgbọ mmiri.

# firewall-cmd --permanent --add-port=6443/tcp
# firewall-cmd --permanent --add-port=2379-2380/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10251/tcp
# firewall-cmd --permanent --add-port=10252/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd --reload
# modprobe br_netfilter
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Ị ga-ebu ụzọ tinye ebe nchekwa Docker n'ihi na ọ nọkwaghị na ndepụta ngwugwu ndabara site na iji iwu dnf config-manager na-esonụ.

# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Tinyekwa ngwugwu containerd.io nke dị dị ka daemon nke na-achịkwa usoro ndụ akpa zuru oke nke usoro nhazi ya, site na ịnyefe ihe oyiyi na nchekwa na mkpochapụ akpa na nlekọta na nchekwa dị ala na ntinye netwọk na karịa.

# dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

Ugbu a wụnye ngwugwu docker-ce kacha ọhụrụ.

# dnf install docker-ce

Ị nwere ike mee ma malite ọrụ docker.

# systemctl enable docker
# systemctl start docker

Na-esote, ị ga-eji aka tinye Kubernetes repositories ka ha anaghị abịa na ndabara na CentOS 8.

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Kubeadm na-enyere gị aka ịmepụta ụyọkọ Kubernetes kacha nta nke dabara na omume kacha mma. Site na kubeadm, ụyọkọ gị kwesịrị ịgafe ule Kubernetes Conformance.

Kubeadm na-akwadokwa ọrụ okirikiri ndụ ụyọkọ ndị ọzọ, dị ka nkwalite, mbelata, na ijikwa akara akpụkpọ ụkwụ. Kubeadm na-ejikọkwa enyi na enyi ya na ngwa ndị ọzọ na-akụ egwu dị ka ihe nwere ike ime na Terraform.

Na ngwugwu repo dị njikere ugbu a, ị nwere ike ịga n'ihu ma wụnye ngwugwu kubeadm.

# dnf install kubeadm -y 

Mgbe echichi mechara nke ọma, mee ma malite ọrụ ahụ.

# systemctl enable kubelet
# systemctl start kubelet

Onye isi Kubernetes nke na-arụ ọrụ dị ka ụgbọelu njikwa maka ụyọkọ ahụ na-arụ ọrụ ole na ole dị mkpa dị mkpa maka ụyọkọ ahụ. Dị ka ndị dị otú a, usoro mmalite ahụ ga-eme usoro nyocha iji hụ na igwe dị njikere ịgba ọsọ Kubernetes. Nyocha mbụ ndị a na-ekpughe ịdọ aka ná ntị yana pụọ na mperi. kubeadm init wee budata ma wụnye akụrụngwa njikwa ụgbọ elu.

Ugbu a ọ bụ oge ibido Kubernetes master, mana tupu nke ahụ, ị ga-ewepụrịrị swap iji mee iwu \kubeadm init\

# swapoff -a

Ịmalite Kubernetes master bụ usoro akpaaka kpamkpam nke iwu \kubeadm init na-achịkwa dị ka egosiri.

# kubeadm init

Na-esote, detuo iwu na-esonụ ma chekwaa ya ebe, dịka anyị chọrọ ka anyị na-agba ọsọ iwu a na ọnụ ọnụ ndị ọrụ ma emechaa.

kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5  \ --discovery-token-ca-cert-hash ha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf7

NDỤMỌDỤ: Mgbe ụfọdụ iwu a dị n'elu nwere ike ịtụfu njehie gbasara arụmụka agafere, yabụ iji zere njehie, ịkwesịrị iwepu mkpụrụedemede '\' na iwu ikpeazụ gị ga-adị ka nke a.

# kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5 –discovery token-ca-cert-hash sha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf7

Ozugbo Kubernetes malitere nke ọma, ị ga-emerịrị ka onye ọrụ gị malite iji ụyọkọ ahụ. Na ọnọdụ anyị, anyị ga-eji onye ọrụ mgbọrọgwụ. Ị nwekwara ike ịmalite ụyọkọ ahụ site na iji onye ọrụ sudo dịka egosiri.

Iji jiri mgbọrọgwụ, gbanye:

# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config

Iji jiri onye ọrụ sudo nyeere, gbaa ọsọ:

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Ugbu a gosi na agbanyere kubectl iwu.

# kubectl get nodes

N'oge a, ị ga-ahụ ọnọdụ nke master-node bụ 'NotReady'. Nke a bụ n'ihi na anyị ka ga-ebuga netwọk pọd na ụyọkọ ahụ.

Netwọk pọd bụ netwọk mkpuchi maka ụyọkọ, nke etinyere n'elu netwọk ọnụ ugbu a. Emebere ya iji kwe ka njikọta n'ofe pọd.

Ịkwanye ụyọkọ netwọkụ bụ usoro mgbanwe dị ukwuu dabere na mkpa gị yana enwere ọtụtụ nhọrọ dịnụ. Ebe ọ bụ na anyị chọrọ ime ka nrụnye anyị dị mfe dị ka o kwere mee, anyị ga-eji ngwa mgbakwunye Weavenet nke na-adịghị achọ nhazi ọ bụla ma ọ bụ koodu mgbakwunye na ọ na-enye otu adreesị IP kwa pod nke dị mma maka anyị. Ọ bụrụ na ịchọrọ ịhụ nhọrọ ndị ọzọ, biko lelee ebe a.

Iwu ndị a ga-adị mkpa iji nweta ntọala netwọkụ pod.

# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

Ugbu a ọ bụrụ na ịlele ọkwa nke onye nwe-ọnụ gị, ọ kwesịrị ịbụ 'Njikere'.

# kubectl get nodes

Ọzọ, anyị na-agbakwunye ọnụ ndị ọrụ na ụyọkọ.

Na-agbakwụnye ọnụ ndị ọrụ na ụyọkọ Kubernetes

A ga-eme ntuziaka ndị a na ọnụ ọnụ onye ọrụ ọ bụla mgbe ị na-esonye na ụyọkọ Kubernetes.

Mbụ tọọ aha nnabata na onye ọrụ-node-1 na onye ọrụ-node-2, wee tinye ndenye nnabata na faịlụ /etc/hosts.

# hostnamectl set-hostname 'node-1'
# cat <<EOF>> /etc/hosts
192.168.0.47 master-node
192.168.0.48 node-1 worker-node-1
192.168.0.49 node-2 worker-node-2
EOF

Na-esote, ping onye nwe gị ọnụ site n'ọnụ onye ọrụ gị iji gosi na faịlụ nnabata gị emelitere na-arụ ọrụ nke ọma site na iji iwu ping.

# 192.168.0.47

Na-esote, gbanyụọ SElinux ma melite iwu firewall gị.

# setenforce 0
# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# firewall-cmd --permanent --add-port=6783/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd --permanent --add-port=30000-32767/tcp
# firewall-cmd --reload
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Tinye ebe nchekwa Docker buru ụzọ jiri DNF nhazi-onye njikwa.

# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Na-esote, tinye ngwugwu containerd.io.

# dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

Site na arụnyere ngwungwu abụọ a, wụnye ụdị docker-ce kacha ọhụrụ.

# dnf install docker-ce

Kwado wee malite ọrụ docker.

# systemctl enable docker
# systemctl start docker

Ị ga-eji aka tinye ebe nchekwa Kubernetes n'ihi na etinyeghị ya na CentOS 8.

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Na ngwugwu repo dị ugbu a, ị nwere ike ịga n'ihu ma wụnye kubeadm.

# dnf install kubeadm -y 

Malite ma mee ka ọrụ ahụ nwee ike.

# systemctl enable kubelet
# systemctl start kubelet

Ugbu a, anyị chọrọ akara nke kubeadm init mepụtara, iji sonyere ụyọkọ ahụ. Ị nwere ike idetuo ma mado ya na node-1 na node-2 ma ọ bụrụ na i depụtala ya ebe.

# kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5  --discovery-token-ca-cert-hash sha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf78

Dị ka atụ aro na ahịrị ikpeazụ, laghachi na onye nwe-ọnụ gị wee chọpụta ma onye ọrụ node-1 na onye ọrụ node-2 abanyela na ụyọkọ ahụ site na iji iwu na-esonụ.

# kubectl get nodes

Ọ bụrụ na usoro niile na-aga nke ọma, mgbe ahụ, ị ga-ahụ node-1 na node-2 na ọnọdụ njikere na master-node. N'oge a, ị tinyela ụyọkọ Kubernetes nke ọma na CentOS 8.

Akwadoro Gụọ: Otu esi ebunye Nginx na ụyọkọ Kubernetes

Ụyọkọ anyị mepụtara ebe a nwere otu ọnụ ụzọ Nna-ukwu, ya mere, ọ bụrụ na ọnụ ụlọ Master ada ada, ụyọkọ gị nwere ike tufuo data na ọ ga-adị mkpa ka emepụtaghachi ya site na ọkọ.

N'ihi nke a, ana m akwado nhazi nke dị nke ukwuu.