kubernetes-the-hard-way/docs/05-kubernetes-worker.md

223 lines
5.1 KiB
Markdown
Raw Normal View History

2016-07-07 19:55:01 +03:00
# Bootstrapping Kubernetes Workers
In this lab you will bootstrap 3 Kubernetes worker nodes. The following virtual machines will be used:
2016-07-07 19:55:01 +03:00
2016-09-11 09:15:57 +03:00
* worker0
* worker1
* worker2
2016-07-09 03:36:55 +03:00
2016-07-07 19:55:01 +03:00
## Why
Kubernetes worker nodes are responsible for running your containers. All Kubernetes clusters need one or more worker nodes. We are running the worker nodes on dedicated machines for the following reasons:
* Ease of deployment and configuration
* Avoid mixing arbitrary workloads with critical cluster components. We are building machine with just enough resources so we don't have to worry about wasting resources.
Some people would like to run workers and cluster services anywhere in the cluster. This is totally possible, and you'll have to decide what's best for your environment.
## Provision the Kubernetes Worker Nodes
2016-07-08 20:26:32 +03:00
Run the following commands on `worker0`, `worker1`, `worker2`:
2016-07-07 21:37:54 +03:00
2016-07-07 19:55:01 +03:00
#### Move the TLS certificates in place
```
2016-07-09 10:15:26 +03:00
sudo mkdir -p /var/lib/kubernetes
2016-07-07 19:55:01 +03:00
```
```
2016-09-27 15:23:35 +03:00
sudo cp ca.pem kubernetes-key.pem kubernetes.pem /var/lib/kubernetes/
2016-07-07 19:55:01 +03:00
```
#### Docker
2016-09-27 15:23:35 +03:00
Kubernetes should be compatible with the Docker 1.9.x - 1.12.x:
2016-07-07 19:55:01 +03:00
```
2016-09-27 15:23:35 +03:00
wget https://get.docker.com/builds/Linux/x86_64/docker-1.12.1.tgz
2016-07-07 19:55:01 +03:00
```
```
2016-09-27 15:23:35 +03:00
tar -xvf docker-1.12.1.tgz
2016-07-07 19:55:01 +03:00
```
```
2016-07-08 20:26:32 +03:00
sudo cp docker/docker* /usr/bin/
2016-07-07 19:55:01 +03:00
```
Create the Docker systemd unit file:
```
sudo sh -c 'echo "[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.io
[Service]
ExecStart=/usr/bin/docker daemon \
--iptables=false \
--ip-masq=false \
--host=unix:///var/run/docker.sock \
--log-level=error \
--storage-driver=overlay
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/docker.service'
```
```
sudo systemctl daemon-reload
sudo systemctl enable docker
sudo systemctl start docker
```
```
sudo docker version
```
2016-07-07 22:23:30 +03:00
2016-07-07 19:55:01 +03:00
#### kubelet
2016-07-07 21:00:56 +03:00
The Kubernetes kubelet no longer relies on docker networking for pods! The Kubelet can now use [CNI - the Container Network Interface](https://github.com/containernetworking/cni) to manage machine level networking requirements.
2016-07-07 20:59:14 +03:00
Download and install CNI plugins
```
sudo mkdir -p /opt/cni
```
```
2016-09-27 15:23:35 +03:00
wget https://storage.googleapis.com/kubernetes-release/network-plugins/cni-07a8a28637e97b22eb8dfe710eeae1344f69d16e.tar.gz
2016-07-07 20:59:14 +03:00
```
```
2016-09-27 15:23:35 +03:00
sudo tar -xvf cni-07a8a28637e97b22eb8dfe710eeae1344f69d16e.tar.gz -C /opt/cni
2016-07-07 20:59:14 +03:00
```
2016-07-07 19:55:01 +03:00
Download and install the Kubernetes worker binaries:
```
wget https://storage.googleapis.com/kubernetes-release/release/v1.5.1/bin/linux/amd64/kubectl
2016-09-27 15:23:35 +03:00
```
```
wget https://storage.googleapis.com/kubernetes-release/release/v1.5.1/bin/linux/amd64/kube-proxy
2016-09-27 15:23:35 +03:00
```
```
wget https://storage.googleapis.com/kubernetes-release/release/v1.5.1/bin/linux/amd64/kubelet
2016-07-07 19:55:01 +03:00
```
```
2016-07-08 14:37:03 +03:00
chmod +x kubectl kube-proxy kubelet
2016-07-07 19:55:01 +03:00
```
```
2016-07-08 14:37:03 +03:00
sudo mv kubectl kube-proxy kubelet /usr/bin/
2016-07-07 19:55:01 +03:00
```
```
2016-07-07 22:23:30 +03:00
sudo mkdir -p /var/lib/kubelet/
2016-07-07 19:55:01 +03:00
```
```
sudo sh -c 'echo "apiVersion: v1
kind: Config
clusters:
- cluster:
2016-07-09 10:15:26 +03:00
certificate-authority: /var/lib/kubernetes/ca.pem
2016-09-27 15:23:35 +03:00
server: https://10.240.0.10:6443
2016-07-07 19:55:01 +03:00
name: kubernetes
contexts:
- context:
cluster: kubernetes
user: kubelet
name: kubelet
current-context: kubelet
users:
- name: kubelet
user:
token: chAng3m3" > /var/lib/kubelet/kubeconfig'
```
Create the kubelet systemd unit file:
```
sudo sh -c 'echo "[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
After=docker.service
Requires=docker.service
[Service]
ExecStart=/usr/bin/kubelet \
--allow-privileged=true \
2016-09-27 15:23:35 +03:00
--api-servers=https://10.240.0.10:6443,https://10.240.0.11:6443,https://10.240.0.12:6443 \
2016-07-07 20:59:14 +03:00
--cloud-provider= \
2016-07-07 19:55:01 +03:00
--cluster-dns=10.32.0.10 \
--cluster-domain=cluster.local \
--container-runtime=docker \
--docker=unix:///var/run/docker.sock \
2016-07-07 20:59:14 +03:00
--network-plugin=kubenet \
2016-07-07 19:55:01 +03:00
--kubeconfig=/var/lib/kubelet/kubeconfig \
--reconcile-cidr=true \
--serialize-image-pulls=false \
2016-07-09 10:15:26 +03:00
--tls-cert-file=/var/lib/kubernetes/kubernetes.pem \
--tls-private-key-file=/var/lib/kubernetes/kubernetes-key.pem \
2016-07-07 19:55:01 +03:00
--v=2
2017-03-24 18:36:09 +03:00
2016-07-07 19:55:01 +03:00
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/kubelet.service'
```
2017-03-24 18:36:09 +03:00
- Note: If you are deploying this on AWS then you should add ``--cloud-provider=aws`` in the ``kubelet.service`` unit file's [Service] section. If you are adding this before ``--v=2`` line , remember to add ``\`` character at the end.
2016-07-07 19:55:01 +03:00
```
sudo systemctl daemon-reload
sudo systemctl enable kubelet
sudo systemctl start kubelet
```
```
2016-07-08 20:26:32 +03:00
sudo systemctl status kubelet --no-pager
2016-07-07 19:55:01 +03:00
```
2016-07-07 21:37:54 +03:00
#### kube-proxy
```
sudo sh -c 'echo "[Unit]
Description=Kubernetes Kube Proxy
Documentation=https://github.com/GoogleCloudPlatform/kubernetes
[Service]
ExecStart=/usr/bin/kube-proxy \
2016-09-27 15:23:35 +03:00
--master=https://10.240.0.10:6443 \
2016-07-07 21:37:54 +03:00
--kubeconfig=/var/lib/kubelet/kubeconfig \
--proxy-mode=iptables \
--v=2
2017-03-24 18:36:09 +03:00
2016-07-07 21:37:54 +03:00
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/kube-proxy.service'
```
```
sudo systemctl daemon-reload
sudo systemctl enable kube-proxy
sudo systemctl start kube-proxy
```
```
2016-07-08 20:26:32 +03:00
sudo systemctl status kube-proxy --no-pager
2016-07-07 21:37:54 +03:00
```
2016-07-09 03:37:48 +03:00
> Remember to run these steps on `worker0`, `worker1`, and `worker2`