Skip to content

Instantly share code, notes, and snippets.

@afym

afym/k8s.md

Created April 19, 2019 21:12
Show Gist options
  • Save afym/982c8315d79f55c9a5ffd5fbcba56bdd to your computer and use it in GitHub Desktop.
Save afym/982c8315d79f55c9a5ffd5fbcba56bdd to your computer and use it in GitHub Desktop.
Download ZIP
k8s install linux
Raw
k8s.md

Installing K8S in Centos

First setup two servers

a master node base on centos 7
a worker node base on centos 7

Turn off swap in mater and worker nodes

sudo swapoff -a

Comment fstab too in master and worker nodes (/root/swap/...)

sudo vi /etc/fstab

#
# /etc/fstab
# Created by anaconda on Mon Sep 29 21:48:54 2014
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
UUID=0f790447-ebef-4ca0-b229-d0aa1985d57f /                       xfs     defaults        1 1
#/root/swap swap swap sw 0 0

Install docker in master and worker nodes

sudo yum install docker -y

Enable docker service in master and worker nodes

sudo systemctl enable docker
sudo systemctl start docker

Adding the K8S repo in master and worker nodes

cat << EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Turn off selinux in master and worker nodes

sudo setenforce 0

Turn to permissive SELINUX in master and worker nodes

sudo vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted

Install Kubernetes packages in master and worker nodes

sudo yum install -y kubelet kubeadm kubectl

Enable k8s service in master and worker nodes

sudo systemctl enable kubelet
sudo systemctl start kubelet

Configure kernel parameters at boot for K8S

cat << EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF

sudo sysctl --system

Configure the master node

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Configure the network adapter in master node

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml

Join your worker node to the master (worker node)

sudo kubeadm join ${controller_private_ip}:6443 --token ${token} --discovery-token-ca-cert-hash ${hash}

List your nodes

kubectl get nodes

NAME                         STATUS   ROLES    AGE     VERSION
angelfym1c.mylabserver.com   Ready    master   7m25s   v1.14.0
angelfym2c.mylabserver.com   Ready    <none>   70s     v1.14.0

Creating a job

apiVersion: batch/v1
kind: Job
metadata:
  name: pi
spec:
  template:
    spec:
      containers:
      - name: pi
        image: perl
        command: ["perl",  "-Mbignum=bpi", "-wle", "print bpi(2000)"]
      restartPolicy: Never
  backoffLimit: 4

Create a object in k8s

kubectl create -f .yml

kubectl describe job pi

kubectl get pods

kubectl logs pi-vcmfv

kubectl logs pi-vcmfv

Creating a job

// busibox cli : http://spblinux.de/2.0/doc/commands.html

apiVersion: batch/v1
kind: Job
metadata:
  name: sleep
spec:
  template:
    spec:
      containers:
      - name: sleep
        image: busybox
        command: ["sleep", "10"]
      restartPolicy: Never
  backoffLimit: 4

Creating Pod

apiVersion: v1
kind: Pod
metadata:
  name: alpine
  namespace: default
spec:
  containers:
  - name: alpine
    image: alpine
    command:
      - sleep
      - "3600"
    imagePullPolicy: IfNotPresent
  restartPolicy: Always

kubectl create -f .yml

kubectl describe job alpine

kubectl get pods

kubectk delete pods alpine kubectl delete -f alpine.yaml kubectl delete pod alpine kubectl delete job sleep kubectl delete job api

apiVersion: v1
kind: Pod
metadata:
  name: nginx
  namespace: default
spec:
  containers:
  - name: nginx
    image: nginx
    imagePullPolicy: IfNotPresent
  restartPolicy: Always

kubectl describe node

List all pods

kubectl get pods --all-namespaces -o wide

Describe pods in k8s system

kubectl get pods -n kube-system

kubectl cluster-info

Get k8s configuration

kubectl config view kubectl config view -o jsonpath='{.users[].name}'

Create a secret

apiVersion: v1
kind: Secret
metadata:
  name: mysecret
type: Opaque
data:
  password: $(echo -n "s33msi4" | base64 -w0)
  username: $(echo -n "jane" | base64 -w0)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment