Kubernetes

1. Yum config

Use a network yum mirror for fast speed, you may want to look at

How to build a yum mirror
How to bulld a local yum

mv /etc/yum.repos.d/*.repo /tmp/
sudo vi /etc/yum.repos.d/remote.repo
[remote]
name=RHEL Apache
baseurl=http://192.168.126.143
enabled=1
gpgcheck=0

2. Evirenment

kube-env.sh init installtion env

#!/bin/bash

rm -f /root/.ssh/id_rsa
ssh-keygen -t rsa -N '' -f /root/.ssh/id_rsa -q
cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys

sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
setenforce 0

sed -ri 's/.*swap.*/#&/' /etc/fstab
swapoff -a
sysctl -p

firewall-cmd --permanent --add-port=6443/tcp 
firewall-cmd --permanent --add-port=2379-2380/tcp 
firewall-cmd --permanent --add-port=10250/tcp 
firewall-cmd --permanent --add-port=10251/tcp 
firewall-cmd --permanent --add-port=10252/tcp 
firewall-cmd --permanent --add-port=10255/tcp 
firewall-cmd --reload
modprobe br_netfilter
echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system

reboot

3.Installation

3.1 Docker

3.1.1 docker install

sudo yum install docker-ce-19.03.14-3.el7 docker-ce-cli-19.03.14-3.el7 containerd.io-1.3.9-3.1.el7 -y
sudo systemctl enable docker
sudo systemctl start docker
systemctl enable docker
systemctl start docker
docker --version

3.1.2 cggroup systemd for docker

cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF
reboot

3.2 Kubernetes

3.2.1 k8s images

kubeadm config images list
images=(
    kube-apiserver:v1.20.1
    kube-controller-manager:v1.20.1
    kube-scheduler:v1.20.1
    kube-proxy:v1.20.1
    pause:3.2
    etcd:3.4.13-0
    coredns:1.7.0
)

for imageName in ${images[@]} ; do
    docker pull registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
    docker tag registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName k8s.gcr.io/$imageName
    docker rmi registry.cn-hangzhou.aliyuncs.com/google_containers/$imageName
done

rm -rf /etc/kubernetes/manifests
rm -f /etc/kubernetes/kubelet.conf
rm -f /etc/kubernetes/pki/ca.crt

4.2.2 hostname

vi /etc/hosts
192.168.126.145 kube-master
192.168.126.146 kube-node1
192.168.126.147 kube-node2

4.2.2 k8s install

dnf install kubeadm -y

systemctl enable kubelet
systemctl start kubelet
kubeadm init --image-repository=registry.ourdark.org --pod-network-cidr=10.244.0.0/16
Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

  export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.126.145:6443 --token rz8qnn.qu17hu8zcs7suwry \
    --discovery-token-ca-cert-hash sha256:b8a242360e5bbb423819dd700e7776f0cf3700175ea5c7157c7d788f22e9494c 

4.3 Plugin

4.3.1 network

kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

4.3.2 external access

iptables -P FORWARD ACCEPT

4.3.3 commands

# Remove all exited docker
docker rm $(docker ps -q -f status=exited)