Shulou(Shulou.com)06/03 Report--

The content of this article

1. Three official deployment methods

Environmental planning of Kubernetes platform

3. Self-signed SSL certificate Etcd database cluster deployment Node node installation DockerFlannel container cluster network deployment

7. Deploy Master components

8. Deploy the three official deployment methods provided by Node components

Minikube

Minikube is a tool that can be run quickly locally-a single point of Kubernetes for use only by users who are trying Kubemnetes or daily development. Deployment address: htps://kubernetese io/docs/setup/minikube/

Kubeadm

Kubeadm is also a tool for kubeadm init and ukubeadm join for rapid deployment of Kubermnetes clusters at htpst/:/ubee/es.cs/do/s/cference/scetup tos/kubedm/kubeadm/

Binary packet

It is recommended to download the release version of the binary package from the official, and deploy each component manually to form a Kubermetes cluster. Download address: htpts//github.com/kubemetes/kuberetes/teleases

Environmental planning of Kubernetes platform

Single Master cluster architecture diagram

Multi-Master cluster architecture diagram

The certificates used by the self-signed SSL certificate component are etcdcapem, server.pem, server-key.pemflannelca.pem,server.pem, server-key.pemkube-apiserverca.pem. Server.pem. Server-key.pemkubeletca.pem, ca-key.pemkube-proxyca.pem, kube-proxy pem, kube-proxy-key.pemkubectlca.pem, admin.pem, admin-key.pemEtcd database cluster deployment

Introduction to etcd

Etcd is an open source project launched by the CoreOS team in June 2013. its goal is to build a highly available distributed key value (key-value) database. Raft protocol is used as the consistency algorithm in etcd, and etcd is implemented based on GE language.

As a service discovery system, etcd has the following characteristics:

Simple: easy to install and configure, provide HTTP API to interact with each other, and easy to use

Security: support for SSL certificate verification

Fast: according to the official benchmark data, a single instance supports 2k + read operations per second

Reliable: using raft algorithm to realize the availability and consistency of distributed system data

Three pillars of Etcd

A highly consistent, highly available service storage directory.

Etcd based on Ralf algorithm is such a highly consistent and highly available service storage directory.

A mechanism for registering the health status of services and health services.

Users can register the service in etcd, configure key TTL for the registered service, and regularly maintain the heartbeat of the service to achieve the effect of monitoring health status.

A mechanism for finding and connecting services.

Services registered under the theme specified by etcd can be found under the corresponding topic. To ensure connectivity, we can deploy a proxy mode etcd on each service machine, which ensures that services accessing the etcd cluster can connect to each other. Etcd deployment mode

Binary package download address

Https://github.com/etcd-io/etcd/releases

View cluster status / opt/etcd/bin/etcdctl\-- a-file=ca.pem-crt-file=server.pem-- key-file= server-key.pem\-- endpoints=* https://192.168.0.x:2379.https://192.168.0.x:2379,https://192.168.0x:2379"\ cluster-healthNode installation Docker

The example demonstrates the software master (192.168.142.129Universe 24) kube-apiserver, kube-controller-manager, kube-scheduler, etcdnode01 (192.168.142.130Univer 24) kubelet, kube-proxy, docker, flannel, etcdnode02 (192.168.142.131) kubelet, kube-proxy, docker, flannel, etcd that the host needs to install in the deployment environment.

K8s official website address, click to get Oh!

ETCD binary packet address, click to get Oh!

Copy the above package to the following k8s directory to be created in centos7

Resource Kit links:

Https://pan.baidu.com/s/1QGvhsAVmv2SmbrWMGc3Bng extraction code: mlh51, Etcd database cluster deployment 1. Download the cfssl official package vim cfssl.shcurl-L https:#pkg.cfssl.org/R1.2/cfssl_linux-amd64-o / usr/local/bin/cfsslcurl-L https:#pkg.cfssl.org/R1.2/cfssljson_linux-amd64-o / usr/local/bin/cfssljsoncurl-L https:#pkg.cfssl.org/R1.2/cfssl-certinfo_linux-amd64-o by operating the mkdir k8scd k8s/mkdir etcd-certmv etcd-cert.sh etcd-cert editing script on the master side / usr/local/bin/cfssl-certinfochmod + x / usr/local/bin/cfssl / usr/local/bin/cfssljson / usr/local/bin/cfssl-certinfo execution script download cfssl official package bash cfssl.shcfssl generate certificate tool cfssljson generate certificate cfssl-certinfo view certificate information cd etcd-cert/ definition ca certificate cat > ca-config.json

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.