Bii o ṣe le Fi Iṣupọ Kubernetes sori CentOS 7

Ti o ni ẹbun nipasẹ Google si agbegbe Opensource, Kubernetes ti di bayi ohun elo iṣakoso ohun elo ti o fẹ. O le ṣakoso ati ṣe akoso kii ṣe awọn asiko asiko docker nikan ṣugbọn tun Awọn apoti ati awọn asiko asiko Rkt.

Aṣoju iṣupọ Kubernetes ni gbogbogbo yoo ni ipade ọga ati ọpọlọpọ awọn apa oṣiṣẹ tabi Minions. Lẹhinna a ṣakoso awọn apa-oṣiṣẹ lati oju ipade oluwa, nitorinaa ṣe idaniloju pe iṣupọ naa ni iṣakoso lati aaye aarin.

O tun ṣe pataki lati sọ pe o tun le ṣafihan iṣupọ ẹyọ-ọkan Kubernetes eyiti o jẹ iṣeduro ni gbogbogbo fun ina pupọ, awọn ẹru iṣẹ ti kii ṣe iṣelọpọ. Fun eyi, o le lo Minikube, eyiti o jẹ ọpa ti o nṣakoso iṣupọ ẹyọ-ọkan Kubernetes ninu ẹrọ foju kan lori oju ipade rẹ.

Iṣeduro Iṣeduro: Bii o ṣe le Fi Iyọ-iṣẹ Kubernetes sori CentOS 8

Fun ikẹkọ yii, a yoo rin-nipasẹ fifi sori ẹrọ iṣupọ ọpọ Kubernetes lori CentOS 7 Linux. Ikẹkọ yii jẹ laini aṣẹ-aṣẹ nitorina o yoo nilo iraye si window ebute rẹ.

  1. Awọn olupin pupọ ti n ṣiṣẹ Centos 7 (1 Node Master, 2 Node Osise). A gba ọ niyanju pe Node Ọga rẹ ni o kere ju awọn Sipiyu 2, botilẹjẹpe eyi kii ṣe ibeere ti o muna.
    2. Asopọmọra Intanẹẹti lori gbogbo awọn apa rẹ. A yoo gba Kubernetes ati awọn idii docker lati ibi ipamọ. Bakanna, iwọ yoo nilo lati rii daju pe a ti fi oluṣakoso package yum sori ẹrọ nipasẹ aiyipada ati pe o le mu awọn idii latọna jijin.
  2. Iwọ yoo tun nilo iraye si akọọlẹ kan pẹlu sudo tabi awọn anfaani root. Ninu ẹkọ yii, Emi yoo lo akọọlẹ gbongbo mi.

Ẹgbẹ iṣupọ 3-node wa yoo dabi nkan bi eleyi:

Fifi sori ẹrọ Awọn iṣupọ Kubernetes lori Ọga-Node

Fun Kubernetes lati ṣiṣẹ, iwọ yoo nilo ẹrọ isomọ ohun elo. Fun fifi sori ẹrọ yii, a yoo lo docker bi o ṣe jẹ olokiki julọ.

Awọn igbesẹ wọnyi yoo ṣiṣẹ lori Ọga-Node.

Lori oju ipade ọga rẹ, ṣeto orukọ olupin ati ti o ko ba ni olupin DNS, lẹhinna tun ṣe imudojuiwọn faili rẹ/ati be be/awọn ogun.

# hostnamectl set-hostname master-node
# cat <<EOF>> /etc/hosts
10.128.0.27 master-node
10.128.0.29 node-1 worker-node-1
10.128.0.30 node-2 worker-node-2
EOF

O le ping oṣiṣẹ-node-1 ati oṣiṣẹ-node-2 lati ṣe idanwo ti ile-iṣẹ olupin rẹ ti o ni imudojuiwọn ba dara nipa lilo pipaṣẹ ping.

# ping 10.128.0.29
# ping 10.128.0.30

Nigbamii, mu SElinux ṣiṣẹ ki o mu awọn ofin ogiriina rẹ ṣe.

# setenforce 0
# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# reboot

Ṣeto awọn ofin ogiriina atẹle lori awọn ibudo. Rii daju pe aṣẹ-ogiri ogiri-cmd kọọkan, pada ṣaṣeyọri kan.

# firewall-cmd --permanent --add-port=6443/tcp
# firewall-cmd --permanent --add-port=2379-2380/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10251/tcp
# firewall-cmd --permanent --add-port=10252/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd –reload
# modprobe br_netfilter
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Iwọ yoo nilo lati ṣafikun awọn ibi ipamọ Kubernetes pẹlu ọwọ nitori wọn ko wa sori ẹrọ nipasẹ aiyipada lori CentOS 7.

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Pẹlu repo package ni bayi ti ṣetan, o le lọ siwaju ki o fi kubeadm ati awọn idii docker sori ẹrọ.

# yum install kubeadm docker -y

Nigbati fifi sori ba pari ni aṣeyọri, mu ṣiṣẹ ki o bẹrẹ awọn iṣẹ mejeeji.

# systemctl enable kubelet
# systemctl start kubelet
# systemctl enable docker
# systemctl start docker

Bayi a ti ṣetan lati ṣe ipilẹṣẹ oluwa kubernetes, ṣugbọn ṣaju eyi o nilo lati mu pipaarọ kuro lati le ṣiṣẹ aṣẹ\"kubeadm init \".

# swapoff -a

Bibẹrẹ Alakoso Kubernetes jẹ ilana adaṣe ni kikun ti o ṣakoso nipasẹ aṣẹ\"kubeadm init \" eyiti iwọ yoo ṣiṣẹ.

# kubeadm init

O le fẹ lati daakọ laini ti o kẹhin ki o fi pamọ si ibikan nitori iwọ yoo nilo lati ṣiṣẹ lori awọn apa oṣiṣẹ.

kubeadm join 10.128.0.27:6443 --token nu06lu.xrsux0ss0ixtnms5  \ --discovery-token-ca-cert-hash sha256:f996ea3564e6a07fdea2997a1cf8caeddafd6d4360d606dbc82314688425cd41

Imọran: Nigba miiran aṣẹ yii le ṣe ẹdun nipa awọn ariyanjiyan (args) ti o kọja, nitorinaa satunkọ rẹ lati yago fun awọn aṣiṣe eyikeyi. Nitorinaa, iwọ yoo paarẹ ohun kikọ ‘\’ ti o tẹle --afihan ati aṣẹ ipari rẹ yoo dabi eleyi.

kubeadm join 10.128.0.27:6443 --token nu06lu.xrsux0ss0ixtnms5  --discovery-token-ca-cert-hash sha256:f996ea3564e6a07fdea2997a1cf8caeddafd6d4360d606dbc82314688425cd41

Nini ipilẹṣẹ Kubernetes ni aṣeyọri, iwọ yoo nilo lati gba olumulo rẹ laaye lati bẹrẹ lilo iṣupọ naa. Ninu ọran wa, a fẹ lati ṣiṣẹ fifi sori ẹrọ yii bi olumulo olumulo, nitorinaa a yoo lọ siwaju ati ṣiṣe awọn ofin wọnyi bi gbongbo. O le yipada si olumulo ti o ṣiṣẹ sudo ti o fẹ ki o ṣiṣẹ ni isalẹ nipa lilo sudo.

Lati lo gbongbo, ṣiṣe:

# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config

Lati lo olumulo ti ṣiṣẹ sudo, ṣiṣe:

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Bayi ṣayẹwo lati rii boya aṣẹ kubectl ti muu ṣiṣẹ.

# kubectl get nodes

Ni aaye yii, iwọ yoo tun ṣe akiyesi pe ipo ti ipade-ọga ni 'NotReady'. Eyi jẹ nitori a ko sibẹsibẹ lati ran kaakiri nẹtiwọọki si iṣupọ.

Nẹtiwọọki podu jẹ nẹtiwọọki apọju fun iṣupọ, ti a fi ranṣẹ lori oke nẹtiwọọki oju-iwe bayi. A ṣe apẹrẹ lati gba sisopọ kọja adarọ ese.

Ṣiṣẹpọ iṣupọ nẹtiwọọki jẹ ilana irọrun irọrun ti o da lori awọn aini rẹ ati pe ọpọlọpọ awọn aṣayan wa. Niwọn igba ti a fẹ lati jẹ ki fifi sori ẹrọ wa rọrun bi o ti ṣee, a yoo lo ohun itanna Weavenet eyiti ko nilo iṣeto eyikeyi tabi koodu afikun ati pe o pese adirẹsi IP kan fun adarọ ese ti o jẹ nla fun wa. Ti o ba fẹ wo awọn aṣayan diẹ sii, jọwọ ṣayẹwo nibi.

Awọn ofin wọnyi yoo ṣe pataki lati gba iṣeto nẹtiwọọki adarọ ese.

# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

Bayi ti o ba ṣayẹwo ipo ipade-oluwa rẹ, o yẹ ki o ‘Ṣetan’.

# kubectl get nodes

Nigbamii ti, a ṣafikun awọn apa oṣiṣẹ si iṣupọ.

Ṣiṣeto Awọn apa Osise lati Darapọ mọ Awọn iṣupọ Kubernetes

Awọn igbesẹ wọnyi yoo ṣiṣẹ lori awọn apa oṣiṣẹ. Awọn igbesẹ wọnyi yẹ ki o ṣiṣẹ lori gbogbo oju ipade oṣiṣẹ nigbati o ba darapọ mọ iṣupọ Kubernetes.

Lori oṣiṣẹ-node-1 rẹ ati oṣiṣẹ-node-2, ṣeto orukọ ogun ati pe bi o ko ba ni olupin DNS kan, lẹhinna tun ṣe imudojuiwọn oluwa rẹ ati awọn apa oṣiṣẹ lori/ati be be lo/ogun awọn faili.

# hostnamectl set-hostname 'node-1'
# cat <<EOF>> /etc/hosts
10.128.0.27 master-node
10.128.0.29 node-1 worker-node-1
10.128.0.30 node-2 worker-node-2
EOF

O le ping oluwa-ipade lati ṣe idanwo ti olupin ile-iṣẹ imudojuiwọn rẹ ba dara.

Nigbamii, mu SElinux ṣiṣẹ ki o mu awọn ofin ogiriina rẹ ṣe.

# setenforce 0
# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

Ṣeto awọn ofin ogiriina atẹle lori awọn ibudo. Rii daju pe gbogbo awọn ofin ogiri-cmd, ṣe aṣeyọri aṣeyọri.

# firewall-cmd --permanent --add-port=6783/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd --permanent --add-port=30000-32767/tcp
# firewall-cmd  --reload
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Iwọ yoo nilo lati ṣafikun awọn ibi ipamọ Kubernetes pẹlu ọwọ nitori wọn ko wa ni fifi sori ẹrọ tẹlẹ lori CentOS 7.

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Pẹlu repo package ni bayi ti ṣetan, o le lọ siwaju ki o fi kubeadm ati awọn idii docker sori ẹrọ.

# yum install kubeadm docker -y

Bẹrẹ ati mu awọn iṣẹ mejeeji ṣiṣẹ.

# systemctl enable docker
# systemctl start docker
# systemctl enable kubelet
# systemctl start kubelet

Bayi a nilo ami ti kubeadm init ti ipilẹṣẹ, lati darapọ mọ iṣupọ naa. O le daakọ ati lẹẹ mọ si oju ipade rẹ-1 ati node-2 ti o ba ti daakọ nibikan.

# kubeadm join 10.128.0.27:6443 --token nu06lu.xrsux0ss0ixtnms5  --discovery-token-ca-cert-hash sha256:f996ea3564e6a07fdea2997a1cf8caeddafd6d4360d606dbc82314688425cd41

Gẹgẹbi a daba ni laini ti o kẹhin, pada si oju ipade oluwa rẹ ki o ṣayẹwo boya oju ipade oṣiṣẹ-1 ati oju ipade oṣiṣẹ-2 ti darapọ mọ iṣupọ pẹlu lilo pipaṣẹ atẹle.

# kubectl get nodes

Ti gbogbo awọn igbesẹ ba ṣiṣẹ ni aṣeyọri, lẹhinna, o yẹ ki o wo oju ipade-1 ati oju ipade-2 ni ipo imurasilẹ lori ipade-oluwa.

Iṣeduro Iṣeduro: Bii a ṣe le ran Nginx lọwọ lori Iṣupọ Kubernetes

Ni aaye yii, a ti ṣaṣeyọri fifi sori ẹrọ ti iṣupọ Kubernetes kan lori Centos 7 ati pe a ti ṣaṣeyọri ni wiwọ awọn apa meji ti oṣiṣẹ. O le bẹrẹ bayi lati ṣẹda awọn adarọ ese rẹ ki o ran awọn iṣẹ rẹ lọwọ.