Kubernetes

From ALT Linux Wiki

Kubernetes

Kubernetes is an open source system for managing containerized applications across multiple hosts; providing basic mechanisms for deployment, maintenance, and scaling of applications.

All following tasks could be done with ansible from playbook repositories: http://git.altlinux.org/people/obirvalger/public/ansible-k8s.git, http://git.altlinux.org/people/obirvalger/public/ansible-test-nginx.git.

Preparing

Need one master node and some (three in this example) slave nodes. The following packages should be installed on the nodes:

# apt-get install docker-ce kubernetes-kubeadm kubernetes-kubelet cri-tools

Full network connectivity among all machines in the cluster should be present.

Cluster deployment

  1. The following command initializes cluster when running on master:
    # kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=SystemVerification.
    Flags explanation:
    --pod-network-cidr=10.244.0.0/16 - internal net, this cidr is needed by Flannel;
    --ignore-preflight-errors=SystemVerification - do not fail if too new docker version is installed.
    At the end of the previous command output would be next command:
    kubeadm join <ip_address>:<порт> --token <token> --discovery-token-ca-cert-hash sha256:<hash>.
  2. Configuring kubernetes to work from user (not from root).
    1. Create directory ~/.kube:
      $ mkdir ~/.kube;
    2. Copy config:
      # cp /etc/kubernetes/admin.conf ~<username>/.kube/config;
    3. Change config owner:
      # chown <username>: ~<username>/.kube/config.
  3. Then join other nodes to master:
    # kubeadm join <ip_address>:<port> --token <token> --discovery-token-ca-cert-hash sha256:<hash> --ignore-preflight-errors=SystemVerification.
    Nodes could be verified via:
    $ kubectl get nodes -o wide
    Approximate output:
    NAME      STATUS    ROLES     AGE       VERSION   INTERNAL-IP   EXTERNAL-IP   OS-IMAGE      KERNEL-VERSION        CONTAINER-RUNTIME
    docker1   Ready     <none>    4h        v1.11.2   10.10.3.23    <none>        ALT Regular   4.17.14-un-def-alt1   docker://Unknown
    docker2   Ready     <none>    4h        v1.11.2   10.10.3.120   <none>        ALT Regular   4.17.14-un-def-alt1   docker://Unknown
    docker3   Ready     <none>    4h        v1.11.2   10.10.3.157   <none>        ALT Regular   4.17.14-un-def-alt1   docker://Unknown
    k8s       Ready     master    4h        v1.11.2   10.10.3.227   <none>        ALT Regular   4.17.14-un-def-alt1   docker://Unknown
    
  4. Installing pod network addon:
    $ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml.
    Verifying network work:
    $ kubectl get pods --namespace kube-system.
    Approximate output:
    NAME                          READY     STATUS    RESTARTS   AGE
    coredns-78fcdf6894-6trk7      1/1       Running   0          2h
    coredns-78fcdf6894-nwt5l      1/1       Running   0          2h
    etcd-k8s                      1/1       Running   0          2h
    kube-apiserver-k8s            1/1       Running   0          2h
    kube-controller-manager-k8s   1/1       Running   0          2h
    kube-flannel-ds-894bt         1/1       Running   0          2h
    kube-flannel-ds-kbngw         1/1       Running   0          2h
    kube-flannel-ds-n7h45         1/1       Running   0          2h
    kube-flannel-ds-tz2rc         1/1       Running   0          2h
    kube-proxy-6f4lm              1/1       Running   0          2h
    kube-proxy-f92js              1/1       Running   0          2h
    kube-proxy-qkh54              1/1       Running   0          2h
    kube-proxy-szvlt              1/1       Running   0          2h
    kube-scheduler-k8s            1/1       Running   0          2h
    

Note, that coredns should be in the Running state. Number of kube-flannel and kube-proxy accords to number of nodes (four in these example).

Test launch of nginx

  1. Lets create Deployment:
    $ kubectl apply -f https://k8s.io/examples/application/deployment.yaml;
  2. Then create service, to get external access to the our application;
    Save the following configuration to the file nginx-service.yaml:
    apiVersion: v1
    kind: Service
    metadata:
      name: nginx
      labels:
        app: nginx
    spec:
      type: NodePort
      ports:
      - port: 80
        targetPort: 80
      selector:
        app: nginx
    
  3. Run the service:
    $ kubectl apply -f nginx-service.yaml.
  4. Get its port:
    $ kubectl get svc nginx
    Approximate output:
    NAME      TYPE       CLUSTER-IP       EXTERNAL-IP   PORT(S)        AGE
    nginx     NodePort   10.108.199.141   <none>        80:32336/TCP   4h
    
  5. And verify working of our application:
    $ curl <ip_address>:<port>, где
    ip_address - is the ip address of any node, and port gets from service. Example of command: curl 10.10.3.120:32336.