Shulou(Shulou.com)06/03 Report--

The installation and deployment of Kubernetes is the most difficult, and each version is installed in a slightly different way. The author has been looking for a deployment solution that supports multiple platforms, is relatively simple, and is suitable for production environments. After a period of research, the following solutions have entered the author's field of vision:

Advantages and disadvantages of deployment scheme: Kubeadm official product deployment is troublesome, Kubespray official product is not transparent, deployment is simple, if you understand Ansible, RKE deployment is simple, it takes some time to understand RKE's cluster.yml configuration file is not transparent enough to manually deploy third party operation documents are completely transparent, configurable, easy to understand the relationship between components of K8s deployment is very troublesome, error-prone

Other solutions, such as Kops, have been pass by me due to their inability to cross platforms or other factors.

In the end, the author decided to deploy the Kubernetes cluster using Kubespray. I also hope that we can discuss it together and sum up a better deployment plan.

Don't talk too much nonsense, here are the steps.

Note: at the time of writing, the author temporarily rented several overseas Aliyun machines, so there is no problem of being unable to connect to gcr.io. If your server is in China, please:

Consider scientifically surfing the Internet to modify the gcr address in Kubespray to other warehouse addresses, such as Aliyun image address (just modify roles/download/defaults/main.yml). First, create an overseas environment. After installing Kubernetes, docker save the image, and then docker load it to a domestic server. Host planning IP function 172.21.240.64ansibleMurclient 172.21.240.65 masterpoint Node172.21.240.66 masterre Node172.21.240.67node172.21.240.68node172.21.240.69node preparation work to close selinux

All machines must shut down selinux, just execute the following command.

~] # setenforce 0~] # sed-I-- follow-symlinks 's pick SELINUXPRERENFING / etc/sysconfig/selinux network is configured on the master machine ~] # firewall-cmd-- permanent-- add-port=6443/tcp~] # firewall-cmd-- permanent-- add-port=2379-2380 firewall-cmd-- permanent-- add-port=10250/tcp~] # firewall-cmd-permanent-- add-port=10251/tcp~] # firewall-cmd-permanent-add-port=10252/tcp~] # Firewall-cmd-permanent-add-port=10255/tcp~] # firewall-cmd-reload~] # modprobe br_netfilter~] # echo'1' > / proc/sys/net/bridge/bridge-nf-call-iptables~] # sysctl-w net.ipv4.ip_forward=1

If the firewall is turned off, only the bottom three lines need to be executed.

On the node machine, ~] # firewall-cmd-- permanent-- add-port=10250/tcp~] # firewall-cmd-- permanent-- add-port=10255/tcp~] # firewall-cmd-- permanent-- add-port=30000-32767 TCPB] # firewall-cmd-- permanent-- add-port=6783/tcp~] # firewall-cmd-- reload~] # modprobe br_netfilter~] # echo'1' > / proc/sys/net/bridge/bridge-nf-call-iptables~] # sysctl-w net.ipv4.ip_forward=1

If the firewall is turned off, only the bottom two lines need to be executed.

[optional] turn off firewall systemctl stop firewalld install prerequisite software on ansible-client machine # install epel source ~] # sudo yum install-y epel-release# install ansible~] # sudo yum install-y ansible# install Python 3.6 ~] # sudo yum install-y python36 configure password-free login on ansible-client machine to generate ssh public key and private key

Execute on the ansible-cilent machine:

~] # ssh-keygen

Then enter three times to generate the ssh public key and private key.

Establish an one-way ssh channel

Execute on the ansible-cilent machine:

~] # ssh-copy-id root@172.21.240.65 # distribute the public key to 88 machines ~] # ssh-copy-id root@172.21.240.66~] # ssh-copy-id root@172.21.240.67~] # ssh-copy-id root@172.21.240.68~] # ssh-copy-id root@172.21.240.69 installs kubespray on ansible-client machines

Download kubespray

TIPS:

At the time of writing, the latest RELEASE is the 2.8.3 release version download address:) strongly everyone uses the RELEASE branch for deployment, especially in a production environment! The Master branch may not be deployed successfully. Recently, some children's shoes can not be successfully deployed because of the Master branch used. ~] # git clone https://github.com/kubernetes-incubator/kubespray.git~]# cd kubespray~] # git checkout v2.8.3

Install the packages required by kubespray:

~] # sudo pip install-r requirements.txt

Copy inventory/sample and name it inventory/mycluster. Mycluster can be changed to any other name you like.

Cp-rfp inventory/sample inventory/mycluster

Initialize the inventory file using inventory_builder

# declare-an IPS= (172.21.240.65 172.21.240.66 172.21.240.67 172.21.240.67 172.21.240.68 172.21.240.69) ~] # CONFIG_FILE=inventory/mycluster/hosts.ini python36 contrib/inventory_builder/inventory.py ${IPS [@]}

At this point, you will see that the content of the inventory/mycluster/host.ini file is similar to the following:

[all] node1 ansible_host=172.21.240.65 ip=172.21.240.65node2 ansible_host=172.21.240.66 ip=172.21.240.66node3 ansible_host=172.21.240.67 ip=172.21.240.67node4 ansible_host=172.21.240.68 ip=172.21.240.68node5 ansible_host=172.21.240.69 ip=172.21.240.69 [kube-master] node1 node2 [etcd] node1 node2 node3 [kube-node] node1 node2 node3 Node4 node5 [k8s-cluster:children] kube-master kube-node [calico-rr] [vault] node1 node2 node3

Deploy kubespray using ansible playbook

~] # ansible-playbook-I inventory/mycluster/hosts.ini-- become--become-user=root cluster.yml wait about 20 minutes before Kubernetes can be installed. Verification 1: view Node status

The main purpose is to verify that each Node is normal.

] # kubectl get nodesNAME STATUS ROLES AGE VERSIONnode1 Ready master,node 8m41s v1.12.5node2 Ready master,node 7m32s v1.12.5node3 Ready node 6m59s v1.12.5node4 Ready node 6m59s v1.12.5node5 Ready node 6m59s v1.12.5

Each node is ready, indicating OK.

Validation 2: deploy a NGINX

The main purpose is to verify whether the network is normal, and the steps are as follows.

On the node where Master is located (172.21.240.66 is used in this article), prepare a file called nginx.yaml, which reads as follows:

Kind: ServiceapiVersion: v1metadata:name: nginx-servicespec:selector: app: nginxtype: NodePortports: # Protocol:-protocol: TCP # service port, write port: 80 targetPort: 80 nodePort: 32000---apiVersion: apps/v1kind: Deploymentmetadata:name: nginx-deployment# to describe the Deployment tag, making Deployment readable labels: app: nginxspec:replicas: 3selector: # label selector tag selector He will find all the pod matchLabels: app: nginxtemplate: # Pod templates with app: nginx. Start with metadata: # define which tags these pod carry: labels: app: nginx spec: containers:-name: nginx image: nginx:1.7.9 ports:-containerPort: 80

Create Service and Deployment by executing the following command in the directory where the file is located

Kubectl create-f nginx.yaml

As shown in the content, the NGINX is exposed to the outside of the Kubernetes cluster as NodePort, with port 32000.

Execute the following command to verify:

# View nginx service details ~] # kubectl get svc nginx-serviceNAME TYPE CLUSTER-IP EXTERNAL-IP PORT (S) AGEnginx-service NodePort 10.233.59.132 80:32000/TCP 4m56s# access test. If you can return the NGINX home page normally, it is normal ~] # curl 172.21.240.66 AGEnginx-service NodePort 32000 uninstall Kubespray] # ansible-playbook-I inventory/mycluster/hosts.ini reset.yml reference document:

Kubespray-10 Simple Steps for Installing a Production-Ready, Multi-Master HA Kubernetes Cluster:

TIPS: the main reference documentation, which also explains some of the configuration of Kubespray, possible problems and solutions, and so on.

Use Kubespray to deploy kubernetes highly available clusters:

Kubespray (ansible) automatic installation of k8s cluster: /

TIPS: it shows how to replace the gcr image with the domestic image

Installing Kubernetes On-premises/Cloud Providers with Kubespray:Docker and Kubernetes Open Source Book Gitee:GitHub: the first release of this article

Http://www.itmuch.com/install/kubernetes-deploy-by-kubespray2.8.3/

Practical information sharing

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.