Bii o ṣe le Fi Iṣupọ Kubernetes sori CentOS 8

Ilana ti fifi Cluster Kubernetes sori CentOS 8 fẹrẹ jẹ ti CentOS 7 (eyiti o le kọja nipasẹ ibi), ṣugbọn ilana nibi ni awọn ayipada diẹ. Awọn ayipada wọnyi, pupọ julọ yika fifi sori ẹrọ ti Docker.

Bibẹrẹ lati CentOS 8 (ati nipasẹ itẹsiwaju RHEL 8), docker ti rọpo abinibi bayi nipasẹ podman ati buildah eyiti o jẹ awọn irinṣẹ lati Redhat. Gẹgẹbi ọrọ otitọ, package ti docker ti yọ bayi lati ibi ipamọ package aiyipada.

Pẹlu gbigbe yii, ẹgbẹ Redhat ni ifọkansi lati jẹ ki ilana ti ṣiṣẹda ati lilo awọn apoti rọrun, laisi nilo awọn igbanilaaye pataki, lakoko kanna, mimu ibaramu pẹlu awọn aworan docker ati ṣiṣẹ wọn laisi nilo daemon kan. Podman ṣe ileri lati funni ni irọrun diẹ sii nigbati o ba n ṣiṣẹ lori awọn agbegbe Kubernetes, ṣugbọn adajọ ṣi wa nibẹ.

Fun nkan yii, a yoo ṣiṣe nipasẹ ilana ti fifi Kubernetes sori ẹrọ lori pẹpẹ CentOS 8 kan, ti n ṣiṣẹ lori Docker-CE (Ẹya Agbegbe). Ninu nkan atẹle, a yoo tun ṣiṣẹ nipasẹ fifi sori iru, ni lilo podman fun awọn apoti wa.

  1. Awọn olupin mẹta ti n ṣiṣẹ CentOS 8 - 1 Node Titunto ati Awọn apa Iṣẹ 2.
  2. A ṣe iṣeduro pe awọn apa rẹ yẹ ki o ni o kere awọn Sipiyu 2 pẹlu Ramu 2GB tabi diẹ sii fun ẹrọ. Eyi kii ṣe ibeere ti o muna ṣugbọn o ni agbara pupọ nipasẹ awọn iwulo ti ohun elo ti o pinnu lati ṣiṣe.
    3. Asopọmọra Intanẹẹti lori gbogbo awọn apa rẹ. A yoo gba Kubernetes ati awọn idii docker lati ibi ipamọ. Bakanna, iwọ yoo nilo lati rii daju pe a ti fi oluṣakoso package DNF sori ẹrọ nipasẹ aiyipada ati pe o le mu awọn idii latọna jijin.
  3. Gbogbo awọn apa rẹ yẹ ki o tun ni anfani lati sopọ si ara wọn, boya lori ikọkọ tabi nẹtiwọọki ti gbogbo eniyan, eyikeyi ti o wa.
  4. Iwọ yoo tun nilo iraye si akọọlẹ kan pẹlu sudo tabi awọn anfaani root. Ninu ẹkọ yii, Emi yoo lo akọọlẹ gbongbo mi.

Pupọ awọn apa ni gbogbogbo wa pẹlu awọn adirẹsi MAC alailẹgbẹ, sibẹsibẹ, ni diẹ ninu awọn ọran alailẹgbẹ, diẹ ninu Awọn Ẹrọ Foju le ni awọn adirẹsi MAC kanna. Nitorina a ṣe iṣeduro pe ki o jẹrisi pe ọja_UUID ati adirẹsi MAC ko jẹ aami kanna ni eyikeyi awọn apa.

Kubernetes lo awọn iye wọnyi lati ṣe idanimọ awọn apa ninu iṣupọ ọtọ. Ti awọn iye wọnyi ko ba jẹ alailẹgbẹ si oju ipade kọọkan, ilana fifi sori ẹrọ le kuna.

Lati ṣayẹwo adirẹsi MAC ti wiwo nẹtiwọọki ki o ṣe afiwe rẹ.

# ip link

Lati ṣayẹwo ọja_uuid ati afiwe, ṣiṣe aṣẹ atẹle.

# cat /sys/class/dmi/id/product_uuid

Ti ṣe apẹrẹ fifi sori wa lati ni Titunto si-Node ti n ṣakoso Awọn apa. Ni ipari fifi sori ẹrọ yii, faaji ọgbọn ori wa yoo dabi nkan bi eleyi.

Node Ọga - Ẹrọ yii ni gbogbogbo n ṣiṣẹ bi ọkọ ofurufu iṣakoso ati ṣiṣe ibi ipamọ data iṣupọ ati olupin API (eyiti kubectl CLI n ba sọrọ).

3-ipade wa Kublusetes Cluster yoo wo nkan bi eleyi:

Fifi sori ẹrọ Awọn iṣupọ Kubernetes lori Ọga-Node

Fun Kubernetes lati ṣiṣẹ, iwọ yoo nilo ẹrọ isomọ ohun elo. Gẹgẹbi a ti sọ tẹlẹ, a yoo lo Docker-CE.

Awọn ile-iṣẹ atẹle yoo ṣee ṣe lori CentOS 8 Master-Node.

Lori CentOS 8 Master-Node rẹ, ṣeto orukọ olupin eto ati imudojuiwọn DNS ninu faili rẹ/ati be be//.

# hostnamectl set-hostname master-node
# cat <<EOF>> /etc/hosts
192.168.0.47 master-node
192.168.0.48 node-1 worker-node-1
192.168.0.49 node-2 worker-node-2
EOF

Nigbamii ti, ping oṣiṣẹ-node-1 rẹ ati oṣiṣẹ-node-2 lati ṣayẹwo boya faili alejo ti o ni imudojuiwọn ba n ṣiṣẹ ni deede nipa lilo pipaṣẹ ping.

# ping 192.168.0.48
# ping 192.168.0.49

Nigbamii, mu Selinux kuro, nitori eyi ni a nilo lati gba awọn apoti laaye lati wọle si eto awọn faili ti o gbalejo, eyiti o nilo nipasẹ awọn nẹtiwọọki adarọ ati awọn iṣẹ miiran.

# setenforce 0

Ṣiṣeto ipilẹṣẹ si 0 daradara n ṣeto SELinux si iyọọda, eyiti o mu sisẹ SELinux ṣiṣẹ daradara titi di atunbere atẹle. Lati mu o ṣiṣẹ patapata, lo aṣẹ isalẹ ki o tun atunbere.

# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# reboot

Kubernetes lo lilo ọpọlọpọ awọn ibudo fun ibaraẹnisọrọ ati iraye si ati awọn ibudo wọnyi nilo lati ni iraye si Kubernetes ati pe ko ni opin nipasẹ ogiriina.

Tunto awọn ofin ogiriina lori awọn ibudo.

# firewall-cmd --permanent --add-port=6443/tcp
# firewall-cmd --permanent --add-port=2379-2380/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10251/tcp
# firewall-cmd --permanent --add-port=10252/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd --reload
# modprobe br_netfilter
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Iwọ yoo nilo lati ṣafikun ibi ipamọ Docker ni akọkọ nitori ko si ninu atokọ package aiyipada nipa lilo pipaṣẹ atunto dnf atẹle.

# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Tun fi sori ẹrọ packaged.io eyiti o wa bi daemon ti o nṣakoso igbesi aye eiyan pipe ti eto ile-iṣẹ rẹ, lati gbigbe aworan ati ibi ipamọ si ipaniyan eiyan ati abojuto si ibi ipamọ ipele-kekere si awọn asomọ nẹtiwọọki ati kọja.

# dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

Bayi fi sori ẹrọ ẹya tuntun ti package docker-ce.

# dnf install docker-ce

O le bayi muu ṣiṣẹ ati bẹrẹ iṣẹ docker.

# systemctl enable docker
# systemctl start docker

Nigbamii ti, iwọ yoo nilo lati ṣafikun awọn ibi ipamọ Kubernetes pẹlu ọwọ nitori wọn ko wa sori ẹrọ nipasẹ aiyipada lori CentOS 8.

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Kubeadm ṣe iranlọwọ fun ọ bata batapọ iṣupọ Kubernetes ti o ni agbara to kere julọ ti o baamu si awọn iṣe to dara julọ. Pẹlu kubeadm, iṣupọ rẹ yẹ ki o kọja awọn idanwo Iṣe Kubernetes.

Kubeadm tun ṣe atilẹyin awọn iṣẹ iṣupọ igbesi aye iṣupọ miiran, gẹgẹbi awọn iṣagbega, gbigbe silẹ, ati ṣiṣakoso awọn ami bata bata. Kubeadm tun jẹ ọrẹ iṣọpọ pẹlu awọn irinṣẹ irinṣẹ miiran bi Ansible ati Terraform.

Pẹlu repo package ni bayi ti ṣetan, o le lọ siwaju ki o fi sori ẹrọ package kubeadm.

# dnf install kubeadm -y

Nigbati fifi sori ba pari ni aṣeyọri, mu ṣiṣẹ ki o bẹrẹ iṣẹ naa.

# systemctl enable kubelet
# systemctl start kubelet

Olukọni Kubernetes eyiti o ṣe bi ọkọ ofurufu iṣakoso fun iṣupọ nṣakoso awọn iṣẹ pataki diẹ ti o ṣe pataki fun iṣupọ naa. Bii eyi, ilana ipilẹṣẹ yoo ṣe lẹsẹsẹ awọn iṣayẹwo lati rii daju pe ẹrọ naa ti ṣetan lati ṣiṣẹ Kubernetes. Awọn iṣayẹwo wọnyi ṣafihan awọn ikilo ati ijade lori awọn aṣiṣe. kubeadm init lẹhinna awọn igbasilẹ ati awọn fifi sori ẹrọ awọn paati iṣakoso ọkọ ofurufu iṣupọ.

Bayi o to lati ṣe ipilẹṣẹ Kubernetes master, ṣugbọn ṣaju iyẹn, o gbọdọ mu swap ṣiṣẹ lati le ṣiṣẹ aṣẹ\"kubeadm init \".

# swapoff -a

Bibẹrẹ oluwa Kubernetes jẹ ilana adaṣe adaṣe patapata ti o ṣakoso nipasẹ aṣẹ\"kubeadm init \" bi o ti han.

# kubeadm init

Nigbamii, daakọ aṣẹ atẹle ki o tọju rẹ ni ibikan, bi a ti nilo lati ṣiṣe aṣẹ yii lori awọn apa oṣiṣẹ nigbamii.

kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5  \ --discovery-token-ca-cert-hash ha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf7

Imọran: Nigba miiran aṣẹ ti o wa loke le sọ awọn aṣiṣe nipa awọn ariyanjiyan ti o kọja, nitorina lati yago fun awọn aṣiṣe, o nilo lati yọ ohun kikọ ‘\’ ati aṣẹ ipari rẹ yoo dabi eleyi.

# kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5 –discovery token-ca-cert-hash sha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf7

Lọgan ti Kubernetes ti ipilẹṣẹ ni aṣeyọri, o gbọdọ jẹ ki olumulo rẹ lati bẹrẹ lilo iṣupọ. Ninu iṣẹlẹ wa, a yoo lo olumulo gbongbo. O tun le bẹrẹ iṣupọ lilo olumulo sudo bi o ti han.

Lati lo gbongbo, ṣiṣe:

# mkdir -p $HOME/.kube
# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# chown $(id -u):$(id -g) $HOME/.kube/config

Lati lo olumulo ti ṣiṣẹ sudo, ṣiṣe:

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Bayi jẹrisi pe aṣẹ kubectl ti muu ṣiṣẹ.

# kubectl get nodes

Ni akoko yii, iwọ yoo wo ipo ti ipade-ọga ni ‘NotReady’. Eyi jẹ nitori a ko sibẹsibẹ lati ran kaakiri nẹtiwọọki si iṣupọ.

Nẹtiwọọki podu jẹ nẹtiwọọki apọju fun iṣupọ, ti a fi ranṣẹ lori oke nẹtiwọọki oju-iwe bayi. A ṣe apẹrẹ lati gba sisopọ kọja adarọ ese.

Ṣiṣẹpọ iṣupọ nẹtiwọọki jẹ ilana irọrun irọrun ti o da lori awọn aini rẹ ati pe ọpọlọpọ awọn aṣayan wa. Niwọn igba ti a fẹ lati jẹ ki fifi sori ẹrọ wa rọrun bi o ti ṣee, a yoo lo ohun itanna Weavenet eyiti ko nilo iṣeto eyikeyi tabi koodu afikun ati pe o pese adirẹsi IP kan fun adarọ ese ti o jẹ nla fun wa. Ti o ba fẹ wo awọn aṣayan diẹ sii, jọwọ ṣayẹwo nibi.

Awọn ofin wọnyi yoo ṣe pataki lati gba iṣeto nẹtiwọọki adarọ ese.

# export kubever=$(kubectl version | base64 | tr -d '\n')
# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"

Bayi ti o ba ṣayẹwo ipo ipade-oluwa rẹ, o yẹ ki o ‘Ṣetan’.

# kubectl get nodes

Nigbamii ti, a ṣafikun awọn apa oṣiṣẹ si iṣupọ.

Fifi Awọn apa Osise si Iṣupọ Kubernetes

Awọn itọnisọna wọnyi ni yoo ṣe lori oju ipade oṣiṣẹ kọọkan nigbati o ba darapọ mọ iṣupọ Kubernetes.

Ni akọkọ ṣeto orukọ ogun lori oṣiṣẹ-node rẹ-1 ati ipade-osise-2, ati lẹhinna ṣafikun awọn titẹ sii alejo si faili/ati be be/awọn ogun.

# hostnamectl set-hostname 'node-1'
# cat <<EOF>> /etc/hosts
192.168.0.47 master-node
192.168.0.48 node-1 worker-node-1
192.168.0.49 node-2 worker-node-2
EOF

Nigbamii ti, ping ipade ọga rẹ lati awọn apa oṣiṣẹ lati jẹrisi pe faili alejo rẹ ti o ni imudojuiwọn n ṣiṣẹ daradara nipa lilo pipaṣẹ ping.

# 192.168.0.47

Nigbamii, mu SElinux ṣiṣẹ ki o mu awọn ofin ogiriina rẹ ṣe.

# setenforce 0
# sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# firewall-cmd --permanent --add-port=6783/tcp
# firewall-cmd --permanent --add-port=10250/tcp
# firewall-cmd --permanent --add-port=10255/tcp
# firewall-cmd --permanent --add-port=30000-32767/tcp
# firewall-cmd --reload
# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

Ṣafikun ibi ipamọ Docker lakọkọ nipa lilo oluṣeto atunto DNF.

# dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

Nigbamii, ṣafikun apo eiyan dddio.

# dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm

Pẹlu awọn idii meji wọnyi ti fi sori ẹrọ, fi ẹya tuntun ti docker-ce sori ẹrọ.

# dnf install docker-ce

Jeki ki o bẹrẹ iṣẹ docker.

# systemctl enable docker
# systemctl start docker

Iwọ yoo nilo lati ṣafikun awọn ibi ipamọ Kubernetes pẹlu ọwọ nitori wọn ko wa ni fifi sori ẹrọ tẹlẹ lori CentOS 8.

# cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Pẹlu repo package ni bayi ti ṣetan, o le lọ siwaju ki o fi kubeadm sii.

# dnf install kubeadm -y

Bẹrẹ ki o mu iṣẹ naa ṣiṣẹ.

# systemctl enable kubelet
# systemctl start kubelet

Bayi a nilo ami ti kubeadm init ti ipilẹṣẹ, lati darapọ mọ iṣupọ naa. O le daakọ ati lẹẹ mọ si oju ipade rẹ-1 ati node-2 ti o ba ti daakọ nibikan.

# kubeadm join 192.168.0.47:6443 --token nu06lu.xrsux0ss0ixtnms5  --discovery-token-ca-cert-hash sha256:f996ea35r4353d342fdea2997a1cf8caeddafd6d4360d606dbc82314683478hjmf78

Gẹgẹbi a ṣe daba lori laini ti o kẹhin, lọ pada si oju ipade oluwa rẹ ki o ṣayẹwo bi oju ipade oṣiṣẹ ati node osise-2 ti darapọ mọ iṣupọ pẹlu lilo pipaṣẹ atẹle.

# kubectl get nodes

Ti gbogbo awọn igbesẹ ba ṣiṣẹ ni aṣeyọri, lẹhinna, o yẹ ki o wo oju ipade-1 ati oju ipade-2 ni ipo imurasilẹ lori ipade-oluwa. Ni aaye yii, o ti ṣaṣeyọri ni iṣupọ iṣupọ Kubernetes lori CentOS 8.

Iṣeduro Iṣeduro: Bii a ṣe le ran Nginx lọwọ lori Iṣupọ Kubernetes

Iṣupọ ti a ti ṣẹda nibi ni oju ipade Ọga kan, ati bi iru bẹẹ, ti oju ipade Titunto ba kuna, iṣupọ rẹ le padanu data ati pe o le nilo lati tun pada lati ibere.

Fun idi eyi, Mo ṣeduro iṣeto Wa Giga.