Shulou(Shulou.com)06/03 Report--

Kubeadm installs k8s cluster version 1.17. Installation requirements:

The following conditions are met

One or more machines, operating system CentOS7.x-86_x64

Hardware configuration: 2GB or more RAM,2 CPU or more CPU, hard disk 30GB or more

Network interworking between all machines in the cluster

You can access the public network, and you need to pull the image

Prohibit swap partitioning

Speaking above, kubeadm is a tool officially launched by K8s for the rapid deployment of a set of K8s cluster, and there are also companies produced on kubeadm in recent years, but for all aspects of cluster management and secondary development, most of them use the binary method to deploy the K8s cluster in production, as the K8s version is updated frequently, such as some testing operations for K8s cluster. Usually want to be able to quickly deploy a set of testing, and for binary and Ansible deployment, of course, can also be deployed, but binary is much slower, like ansible, then you need a server to take out as a management node, for us usually take the virtual machine to test, if our own machine is tight, kubeadm is also a good choice, in addition, try a new version of K8s Follow in the footsteps of the official new version.

Don't say much, get to the point.

There are two important commands in kubeadm, one is kubeadm init, the other is kubeadm join, the main implementation of init is to create a master node, and after running init, it will first run a series of outputs, first of all, it will check whether your docker version or your swap is closed, because docker must be run first. In K8s cluster, docker is used to start our container and image download, while swap needs to be closed. This is a default rule put forward by K8s official. After k8s-1.8, you are required to close swap, otherwise an error will occur. The purpose of opening swap will take up a lot of memory and have a great impact on performance.

Second, it will generate a CA certificate used to authenticate calls between K8s components, there are two sets of certificates, the first is the K8s certificate, the other is the etcd certificate, and this certificate kubeadm installation places the certificate under / etc/kubernetes/pki.

Third, it will write the configuration files of kubelet, controller-manager, scheduler and other components to the / etc/kubernets/ directory, which contains some certificate files, which are mainly used to connect to api-server. In addition to the above configuration files, it will also generate a management-related admin.conf file.

Fourth, it will generate a token file, which will be used if other nodes join the master.

Fifth, set up some necessary actions that allow nodes to join the cluster in Bootstrap Tokens) and TLS bootstrapping.

Set the mechanism for csr to request automatic authentication. In this case, kubeadm is self-made, and those who have deployed binaries should know that when node joins, we need to authorize approve to it and manually allow it to join the cluster.

Sixth, deploy the dns service, the kube-proxy plug-in, of course, the general DNS service requires us to deploy the flannel network plug-in before the service can run

The general process is like this. For more information, please see the official website documentation.

Https://kubernetes.io/

2. Cluster configuration k8s-master 192.168.1.15k8s-node1 192.168.1.11k8s-node2 192.168.1.14

System initialization configuration (each node needs to be configured)

Turn off the firewall:

# systemctl stop firewalld#systemctl disable firewalld

Turn off selinux:

# sed-I 'setenforce setenforce' / etc/selinux/config # permanent # temporary

Turn off swap:

# swapoff-a # temporary # vim / etc/fstab # permanent

Set hostname: the hostname uses this command according to its own host

# hostnamectl set-hostname

Add hosts for each host:

# cat > > / etc/hosts / etc/sysctl.d/k8s.conf / etc/yum.repos.d/kubernetes.repo

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.