test

hands-on.md

Openstack On K8s Hands-on Lab.

Ansible Initial Setting

$ ssh-keygen -f "/home/stack/.ssh/known_hosts" -R localhost
$ ssh localhost

Install Kubernetes by Kubespray

$ git clone https://github.com/kubernetes-incubator/kubespray.git
$ cd kubespray
$ vi inventory/inventory.cfg 
localhost ansible_port=22 ansible_host=localhost ip=<YOUR_VM_IP> iface=ens3
[etcd]
localhost

[kube-master]
localhost

[kube-node]
localhost

[k8s-cluster:children]
kube-node
kube-master
EOF

$ cp ~/kube-controller-manager.manifest.j2 ~/kubespray/roles/kubernetes/master/templates/manifests/

$ vi inventory/group_vars/k8s-cluster.yml
26 kube_version: v1.6.6
72 kube_network_plugin: flannel
79 kube_service_addresses: 10.96.0.0/16
84 kube_pods_subnet: 192.168.0.0/16
108 skydns_server: "{{ kube_service_addresses|ipaddr('net')|ipaddr('10')|ipaddr('address') }}"

$ vi roles/download/defaults/main.yml
29 flannel_version: v0.7.0
103 kube_controller_manager_repo: "seungkyua/kube-controller-manager"

$ vi roles/kubernetes/master/defaults/main.yml
3 kube_hostpath_dynamic_provisioner: "true"

$ ansible-playbook -u stack -b -i inventory/inventory.cfg cluster.yml

Kubernetes Config

// Context config
$ kubectl config set-cluster local-kubernetes --server=http://localhost:8080 --insecure-skip-tls-verify=true
$ kubectl config set-context local --cluster=local-kubernetes --user=root --namespace=kube-system
$ kubectl config use-context local

// Node labelling
$ kubectl label nodes openstack-control-plane=enabled --all --namespace=openstack --overwrite
$ kubectl label nodes openstack-compute-node=enabled --all --namespace=openstack --overwrite
$ kubectl label nodes openvswitch=enabled --all --namespace=openstack --overwrite

// Make general storage
$ cat > ~/general-storage-class.yaml <<EOF
apiVersion: storage.k8s.io/v1beta1
kind: StorageClass
metadata:
  namespace: kube-system
  name: general
  annotations:
    storageclass.beta.kubernetes.io/is-default-class: "true"
provisioner: kubernetes.io/host-path
EOF
$ kubectl create -f ~/general-storage-class.yaml 

Install Helm

$ TMP_DIR=$(mktemp -d)
$ curl -sSL https://storage.googleapis.com/kubernetes-helm/helm-v2.5.0-linux-amd64.tar.gz | tar -zxv --strip-components=1 -C ${TMP_DIR}
$ sudo mv ${TMP_DIR}/helm /usr/local/bin/helm
$ rm -rf ${TMP_DIR}
$ helm init
$ helm serve & > /dev/null
$ helm repo add local http://localhost:8879/charts

Install Openstack-Helm

// Clone Openstack-Helm
$ cd;git clone https://github.com/openstack/openstack-helm.git
$ export WORK_DIR=$HOME/openstack-helm
$ cd openstack-helm
$ make

//Openstack Environment Servie
$ helm install --namespace=openstack ${WORK_DIR}/ingress --name=ingress
$ helm install --namespace=openstack ${WORK_DIR}/mariadb --name=mariadb --set replicas=1 --set volume.class_name=general
$ helm install --namespace=openstack ${WORK_DIR}/memcached --name=memcached
$ helm install --namespace=openstack ${WORK_DIR}/etcd --name=etcd-rabbitmq
$ helm install --namespace=openstack ${WORK_DIR}/rabbitmq --name=rabbitmq

//Openstack Install
$ helm install --namespace=openstack ${WORK_DIR}/keystone --name=keystone
$ helm install --namespace=openstack ${WORK_DIR}/glance --name=glance --values=${WORK_DIR}/tools/overrides/mvp/glance.yaml
$ helm install --namespace=openstack ${WORK_DIR}/nova --name=nova --values=${WORK_DIR}/tools/overrides/mvp/nova.yaml --set network.metadata.ip=10.96.120.234
$ helm install --namespace=openstack ${WORK_DIR}/neutron --name=neutron --values=${WORK_DIR}/tools/overrides/mvp/neutron.yaml --set conf.metadata_agent.default.neutron.metadata.agent.nova_metadata_ip=10.96.120.234
$ helm install --namespace=openstack ${WORK_DIR}/horizon --name=horizon --set=network.enable_node_port=true

Review

//Horizon 접속
$ kubectl get svc -n openstack| grep horizon-int
http://<your_vm_ip>:<horizon_node_port> 
ex) http://115.68.227.218:31000

안녕하세요. openstack days에서 강연 흥미롭게 잘 들었습니다. 혹시 사용하신 kube-controller-manager.manifest.j2 파일을 받을 수 없을까해서 문의 드립니다. 그 때 백업을 받아두었는데 정리하다 실수로 삭제해버렸습니다. 인터넷에 검색해도 몇몇 예제가 나오는데 제가 내공이 많이 부족해서 잘 되지가 않아서 혹시 그 파일을 다시 받아볼 수 있을까 해서 여쭤봅니다. 감사합니다.

apiVersion: v1
kind: Pod
metadata:
  name: kube-controller-manager
  namespace: {{system_namespace}}
  labels:
    k8s-app: kube-controller
spec:
  hostNetwork: true
{% if kube_version | version_compare('v1.6', '>=') %}
  dnsPolicy: ClusterFirst
{% endif %}
  containers:
  - name: kube-controller-manager
    image: {{ kube_controller_manager_repo }}:{{ kube_version }}
    imagePullPolicy: {{ k8s_image_pull_policy }}
    resources:
      limits:
        cpu: {{ kube_controller_cpu_limit }}
        memory: {{ kube_controller_memory_limit }}
      requests:
        cpu: {{ kube_controller_cpu_requests }}
        memory: {{ kube_controller_memory_requests }}
    command:
    - /bin/sh
    - -c
    - /usr/local/bin/kube-controller-manager
      --kubeconfig={{ kube_config_dir }}/kube-controller-manager-kubeconfig.yaml
      --leader-elect=true
      --service-account-private-key-file={{ kube_cert_dir }}/apiserver-key.pem
      --root-ca-file={{ kube_cert_dir }}/ca.pem
      --cluster-signing-cert-file={{ kube_cert_dir }}/ca.pem
      --cluster-signing-key-file={{ kube_cert_dir }}/ca-key.pem
      --enable-hostpath-provisioner={{ kube_hostpath_dynamic_provisioner }}
      --node-monitor-grace-period={{ kube_controller_node_monitor_grace_period }}
      --node-monitor-period={{ kube_controller_node_monitor_period }}
      --pod-eviction-timeout={{ kube_controller_pod_eviction_timeout }}
      --v={{ kube_log_level }}
{% if rbac_enabled %}
      --use-service-account-credentials
{% endif %}
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
      --cloud-provider={{cloud_provider}}
      --cloud-config={{ kube_config_dir }}/cloud_config
{% elif cloud_provider is defined and cloud_provider == "aws" %}
      --cloud-provider={{cloud_provider}}
{% endif %}
{% if kube_network_plugin is defined and kube_network_plugin == 'cloud' %}
      --allocate-node-cidrs=true
      --configure-cloud-routes=true
      --cluster-cidr={{ kube_pods_subnet }}
{% endif %}
{% if controller_mgr_custom_flags is string %}
     {{ controller_mgr_custom_flags }}
{% else %}
{%   for flag in controller_mgr_custom_flags %}
     {{ flag }}
{%   endfor %}
{% endif %}
     1 >> /var/log/kubernetes/kube-controller-manager.log 2>&1
    livenessProbe:
      httpGet:
        host: 127.0.0.1
        path: /healthz
        port: 10252
      initialDelaySeconds: 30
      timeoutSeconds: 10
    volumeMounts:
    - mountPath: /var/log/kubernetes
      name: logfile
    - mountPath: /etc/ssl/certs
      name: ssl-certs-host
      readOnly: true
    - mountPath: "{{kube_config_dir}}/ssl"
      name: etc-kube-ssl
      readOnly: true
    - mountPath: "{{ kube_config_dir }}/kube-controller-manager-kubeconfig.yaml"
      name: kubeconfig
      readOnly: true
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere" ] %}
    - mountPath: {{ kube_config_dir }}/cloud_config
      name: cloudconfig
      readOnly: true
{% endif %}
  volumes:
  - hostPath:
      path: /var/log/kubernetes
    name: logfile
  - name: ssl-certs-host
    hostPath:
{% if ansible_os_family == 'RedHat' %}
      path: /etc/pki/tls
{% else %}
      path: /usr/share/ca-certificates
{% endif %}
  - name: etc-kube-ssl
    hostPath:
      path: "{{ kube_config_dir }}/ssl"
  - name: kubeconfig
    hostPath:
      path: "{{ kube_config_dir }}/kube-controller-manager-kubeconfig.yaml"
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure", "vsphere"] %}
  - hostPath:
      path: {{ kube_config_dir }}/cloud_config
    name: cloudconfig
{% endif %}