Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Kubenetes (k8s) study notes

2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >

Share

Shulou(Shulou.com)06/02 Report--

kubernetes(K8S) google

Features:

1. Lightweight: consumes little resources

2. Open source

3. Auto Scaling

4. Load Balancer

Highly available cluster replica data is preferably>= 3 odd

Component Description:

Main components:

APISERVER: Unified entry point for all services

CrontrollerManager: Maintain expected number of copies

Scheduler: responsible for introducing tasks and selecting appropriate nodes to assign tasks

ETCD: Key-value pair database stores all important information of K8S cluster (persistent)

Kubelet: Interact directly with the container engine to implement container lifecycle management

Kube-proxy: responsible for writing rules to IPTABLES, IPVS to implement service mapping access

Other plug-ins:

COREDNS: You can create a domain name IP mapping for SVC in the cluster

DASHBOARD: Provides a B/S access architecture for K8S clusters

INGRESS CONTROLLER: The official can only achieve four-layer proxy, INGRESS can achieve seven-layer proxy

FEDERATION: Provides a unified management function for multiple K8S across cluster centers

PROMETHEUS: Provides monitoring capabilities for K8S clusters

ELK: Provides unified analysis access platform for K8S cluster logs

k8s installation deployment:

System initialization of each node: the environment here is

k8s-master01 172.20.120.187

k8s-node01 172.20.120.184

k8s-node02 172.20.120.183

harbor 172.20.120.182

1. Set hostname and hostname ip resolution

# hostnamectl set-hostname k8s-node01

# vi /etc/hosts

172.20.120.187 k8s-master01

172.20.120.184 k8s-node01

172.20.120.183 k8s-node02

172.20.120.182 hub.nice.com

2. Install dependency packages

# yum install epel-release -y

# yum install conntrack ntp ipvsadm ipset jq iptables curl sysstat libseccomp wget vim net-tools git -y

3. Set firewall to iptables and clear rules

# systemctl stop firewalld && systemctl disable firewalld

# yum -y install iptables-services && systemctl start iptables && systemctl enable iptables && iptables -F && service iptables save

Turn off virtual memory and selinux

# swapoff -a && sed -i '/ swap / s/^\(.*\)$/#\ 1/g' /etc/fstab

# setenforce 0 && sed -i 's/^SELINUX=.*/ SELINUX=disabled/' /etc/selinux/config

5. Adjust kernel parameters

# vim /etc/sysctl.d/kubernetes.conf

Required parameters:

net.bridge.bridge-nf-call-iptables=1

net.bridge.bridge-nf-call-ip6tables=1

net.ipv6.conf.all.disable_ipv6=1

Optional optimization parameters:

net.ipv4.ip_forward=1

net.ipv4.tcp_tw_recycle=0

vm. swap =0 #Disables swap space, only allows it when the system is in oom

vm.overcommit_memory=1 #Do not check if physical memory is sufficient

vm.panic_on_oom=0 #Open oom

fs.inotify.max_user_instances=8192

fs.inotify.max_user_watches=1048576

fs.file-max=52706963

fs.nr_open=52706963

net.netfilter.nf_conntrack_max=2310720

6. Adjust the system time zone

# timedatectl set-timezone Asia/Shanghai

# timedatectl set-local-rtc 0

# systemctl restart rsyslog crond

7. Close services that are not needed by the system

# systemctl stop postfix && systemctl disable postfix

8. Set rsyd and systemd journald

# mkdir /var/log/journal #Persist the directory where logs are saved

# mkdir /etc/systemd/journald.conf.d

# cat > /etc/systemd/journald.conf.d/99-prophet.conf kubeadm-config.yaml

# vim kubeadm-config.yaml

localAPIEndpoint:

advertiseAddress: 172.20.120.187 #modified to master IP address

kubernetesVersion: v1.15.1 #modified to correct version information

networking:

dnsDomain: cluster.local

podSubnet: 10.244.0.0/16 #Add default address for pod subnet provided by flannnel network plugin

serviceSubnet: 10.96.0.0/12

--- #Change default scheduling mode to ipvs mode

apiVersion: kubeproxy.config.k8s.io/v1alpha1

kind: KubeProxyConfiguration

featureGates:

SupportIPVSProxyMode: true

mode: ipvs

# kubeadm init --config=kubeadm-config.yaml --experimental-upload-certs |tee kubeadm-initlog #kubeadm initializes and logs information

# mkdir -p $HOME/.kube

# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

# chown $(id -u):$(id -g) $HOME/.kube/config

# kubectl get node #Get node status, status is noready because there is no flat network;

Deploying networks:

# mkdir -pv install-k8s/{core,plugin}

# mv kubeadm-initlog kubeadm-config.yaml install-k8s/core #kubeadm-initlog kubeadm-config.yaml needs to be preserved

# mkdir install-k8s/plugin/flannel

# cd install-k8s/plugin/flannel

# wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

# kubectl create -f kube-flannel.yml

Verification:

# kubectl get pod -n kube-system #View pod status with kube-system namespace

# kubectl get node #Here the status is ready

# ifconfig |grep -A6 flannel #flannel network info

Add additional nodes to the master node, execute on the node that needs to be added: (command obtained in log at kubeadm initialization)

# kubeadm join 172.20.120.187:6443 --token abcdef.0123456789abcdef \

--discovery-token-ca-cert-hash sha256:d968d2936e8d3af4e2765805fa041621c90447217281d761cdb17ca5e5eb9a40

Verification:

# kubectl get pod -n kube-system -o wide #support-w for surveillance

# kubectl get nodes #status should be ready, support-w for monitoring

Enterprise docker private repository: harbour, installed separately on harbour node here

https://github.com/goharbor/harbor/blob/master/docs/installation_guide.md

Requirements:

Docker engine version 17.06.0-ce+ or higher https://docs.docker.com/install/linux/docker-ce/centos/

Docker Compose version 1.18.0 or higher https://docs.docker.com/compose/install/

Openssllatest is preferred

Install docker:

# yum install -y yum-utils device-mapper-persistent-data lvm2

# yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

# yum install -y docker-ce

# systemctl start docker && systemctl enable docker

##Configure deamon

# cat > /etc/docker/daemon.json

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Container node resource cluster storage information status run configuration log service domain name data mirror balance file system authentication success type vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple Apple Huawei Shulou Information MariaDB vpn OPPO Reno NVidia Docker Xiaomi macOS Shulou Technology Shulou Tech Info Microsoft Linux Redmi MySQL Apple Huawei Shulou Information MariaDB vpn OPPO Reno NVidia Docker Xiaomi macOS Shulou Technology Shulou Tech Info Microsoft Linux Redmi MySQL

Share To

Related

Servers

More Servers >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report