Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "the initialization method of Kubernetes cluster environment". Many people will encounter such a dilemma in the operation of actual cases, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

Concept

K8s/kubernetes

Containerized deployment

To solve the problem of container orchestration, kubernetes is the leader of container orchestration software.

Kubernets is a set of server clusters

Function

Self-healing one container crashes, another container up.

Elastic expansion adjusts the number of containers as needed

The form of service discovery automatic discovery to find the required dependencies

Load balancers share traffic together

Version fallback there is a problem with the new version, go back to the original version immediately

Storage choreography can automatically create storage volumes according to the needs of the container itself.

....

K8s component

K8s is composed of control node and working node.

Components of the master node

Responsible for cluster management

ApiServer: the only intersection for resource operations is to accept orders, and management operations are all through this intersection.

Scheduler: who is responsible for assigning the work according to the algorithm?

ControllerManager: scheduling and scheduling work

Etcd: supervisors keep track of who is doing what

Components of the node node

Responsible for providing the operating environment

Kubelet: accept the information from the control node, arrange the work, and control the docker operation

Kubeproxy: provide external access, run the program access program.

Docker: responsible for operation

An example nginx is used to illustrate the component scheduling relationship.

Both master and node information are stored in etcd to identify how many workers are working at the control node.

Let the service run in k8srecoverapiserver to accept orders.

Start calculating who will complete the service request by reading the node information

If you know who will do it, use controller-manager to send the request

Kubelet is waiting to pick up the job and arrange for docker to start a prod. (at present, prod and docker are the same thing, both start the program. Prod is the smallest unit of the container)

Users outside kubeproxy can access nignx.

Master: at least one cluster control node

Node: workload node, doer

Pod:kubernets minimum storage unit, the container runs in the pod, a pod has multiple containers (control the container and then control the program by controlling the pod)

Controller: start pod and stop pod scaling pod

Service: multiple pod of the same type can be maintained under the unified intersection of external services. To whom does the traffic flow go?

Label: classify pod and label the same type of pod. Service controls traffic by tagging.

Namespace: isolates the operating environment of pod

Cluster environment planning

The cluster is divided into two types: one master and multi-slave, and multi-master and multi-slave.

One master, more than one slave, what if the server goes down? The cluster is completely finished. Can only be a test environment

Multi-master and multi-slave, the security is very high? It is troublesome to build and is suitable for production environment.

Minikube one for single-node testing

Kubeadm quickly set up kubernets Cluster

Binary package downloads components in turn, compiles and installs, and certificates are generated between components.

Vm virtual three servers are selected for environment construction.

Can interconnect the network, modify the hostname

Note that all three hosts need to do 1. Environment initialization

Centos needs to be above 7.5

Cat / etc/redhat-release

two。 Domain name resolution of etchosts in test environment it is recommended to use dns for domain name resolution in real environment

192.168.100.128 master master.example.com

192.168.100.130 node1 node1.example.com

192.168.100.129 node2 node2.example.com

3. Cluster time must be synchronized. It is recommended that enterprises set up their own time servers.

Systemctl start chronyd

Date

4. You must be careful to disable the firewall of iptables and firewalld production environment

Kubernetes and Docker will generate a large number of iptables rules, in order not to confuse the system rules, directly shut down the system rules

Systemctl-now disable firewalld

Systemctl stop iptables

Systemctl disable iptables

(I don't have an iptables)

5. Disable selinux

6. Disable swap Partition

Virtual memory Partition physical memory is used up, you can virtualize the physical space into memory. Enabling swap devices can have a very negative impact on the performance of the system. You can also tell kubernetes that I have to open this partition.

7. Modify linux kernel parameters

Kubernetes forces you to do this by adding bridge filtering and address forwarding.

Overload configuration

Sysctl-p

Load bridge filter module

Modprobe br_netfilter

Check to see if the bridge filter module is loaded successfully

8. Configure ipvs Featur

Service does the interface to expose load balancing reverse proxy one kind of iptables A kind of ipvs has higher performance than ipvs and needs to load the ipvs module manually.

Install ipvsadm ipset

Add a shell script to load the module

[root@master ~] # cat > / etc/sysconfig/modules/ipvs.modules #! / bin/bash > modprobe-- ip-vs > modprobe-- ip_vs_rr > modprobe-- ip_vs_wrr > modprobe-- ip_vs_sh > modprobe-- nf_conntrack_ipv4 > Q

For the content of ipvs

Check whether the corresponding module is loaded successfully

The Centos version is too high to cause an error.

Modprobe: FATAL: Module nf_conntrack_ipv4 not found in directory / lib/modules/4.18.0-373.el8.x86_64

Solve the error report

Successfully loaded the module

Pay attention to all three servers.

Finally restart

This is the end of the content of "initialization method of Kubernetes Cluster Environment". Thank you for reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.