mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update software versions and fix a system corruption 

Update used software versions to the latest at the moment, including
the OS used in images. Fix config files to match options to the new
versions of software. Fix a corruption on systems where /bin is a symlink.
pull/461/head
Vladis Dronov 2019-05-17 15:32:19 +02:00
parent bf2850974e
commit 6e99e8f417
7 changed files with 46 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -14,11 +14,13 @@ The target audience for this tutorial is someone planning to support a productio
Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication. Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.
* [Kubernetes](https://github.com/kubernetes/kubernetes) 1.12.0 * [Kubernetes](https://github.com/kubernetes/kubernetes) 1.14.2
* [containerd Container Runtime](https://github.com/containerd/containerd) 1.2.0-rc.0 * [containerd Container Runtime](https://github.com/containerd/containerd) 1.2.6
* [CRI-Tools](https://github.com/kubernetes-sigs/cri-tools) 1.14.0
* [runc](https://github.com/opencontainers/runc) 1.0.0-rc8
* [gVisor](https://github.com/google/gvisor) 50c283b9f56bb7200938d9e207355f05f79f0d17 * [gVisor](https://github.com/google/gvisor) 50c283b9f56bb7200938d9e207355f05f79f0d17
* [CNI Container Networking](https://github.com/containernetworking/cni) 0.6.0 * [CNI Container Networking](https://github.com/containernetworking/cni) 0.8.0
* [etcd](https://github.com/coreos/etcd) v3.3.9 * [etcd](https://github.com/coreos/etcd) 3.3.13
* [CoreDNS](https://github.com/coredns/coredns) v1.2.2 * [CoreDNS](https://github.com/coredns/coredns) v1.2.2
## Labs ## Labs

6
docs/02-client-tools.md
View File

@ -75,7 +75,7 @@ The `kubectl` command line utility is used to interact with the Kubernetes API S
### OS X ### OS X
``` ```
curl -o kubectl https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/darwin/amd64/kubectl curl -o kubectl https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/darwin/amd64/kubectl
``` ```
``` ```
@ -89,7 +89,7 @@ sudo mv kubectl /usr/local/bin/
### Linux ### Linux
``` ```
wget https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kubectl wget https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kubectl
``` ```
``` ```
@ -111,7 +111,7 @@ kubectl version --client
> output > output
``` ```
Client Version: version.Info{Major:"1", Minor:"12", GitVersion:"v1.12.0", GitCommit:"0ed33881dc4355495f623c6f22e7dd0b7632b7c0", GitTreeState:"clean", BuildDate:"2018-09-27T17:05:32Z", GoVersion:"go1.10.4", Compiler:"gc", Platform:"linux/amd64"} Client Version: version.Info{Major:"1", Minor:"14", GitVersion:"v1.14.2", GitCommit:"66049e3b21efe110454d67df4fa62b08ea79a19b", GitTreeState:"clean", BuildDate:"2019-05-16T16:23:09Z", GoVersion:"go1.12.5", Compiler:"gc", Platform:"linux/amd64"}
``` ```
Next: [Provisioning Compute Resources](03-compute-resources.md) Next: [Provisioning Compute Resources](03-compute-resources.md)

4
docs/03-compute-resources.md
View File

@ -104,7 +104,7 @@ for i in 0 1 2; do
--async \ --async \
--boot-disk-size 200GB \ --boot-disk-size 200GB \
--can-ip-forward \ --can-ip-forward \
--image-family ubuntu-1804-lts \ --image-family ubuntu-1904 \
--image-project ubuntu-os-cloud \ --image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \ --machine-type n1-standard-1 \
--private-network-ip 10.240.0.1${i} \ --private-network-ip 10.240.0.1${i} \
@ -128,7 +128,7 @@ for i in 0 1 2; do
--async \ --async \
--boot-disk-size 200GB \ --boot-disk-size 200GB \
--can-ip-forward \ --can-ip-forward \
--image-family ubuntu-1804-lts \ --image-family ubuntu-1904 \
--image-project ubuntu-os-cloud \ --image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \ --machine-type n1-standard-1 \
--metadata pod-cidr=10.200.${i}.0/24 \ --metadata pod-cidr=10.200.${i}.0/24 \

6
docs/07-bootstrapping-etcd.md
View File

@ -22,15 +22,15 @@ Download the official etcd release binaries from the [coreos/etcd](https://githu
``` ```
wget -q --show-progress --https-only --timestamping \ wget -q --show-progress --https-only --timestamping \
"https://github.com/coreos/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz" "https://github.com/coreos/etcd/releases/download/v3.3.13/etcd-v3.3.13-linux-amd64.tar.gz"
``` ```
Extract and install the `etcd` server and the `etcdctl` command line utility: Extract and install the `etcd` server and the `etcdctl` command line utility:
``` ```
{ {
tar -xvf etcd-v3.3.9-linux-amd64.tar.gz tar -xvf etcd-v3.3.13-linux-amd64.tar.gz
sudo mv etcd-v3.3.9-linux-amd64/etcd* /usr/local/bin/ sudo mv etcd-v3.3.13-linux-amd64/etcd* /usr/local/bin/
} }
``` ```

27
docs/08-bootstrapping-kubernetes-controllers.md
View File

@ -28,10 +28,10 @@ Download the official Kubernetes release binaries:
``` ```
wget -q --show-progress --https-only --timestamping \ wget -q --show-progress --https-only --timestamping \
"https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kube-apiserver" \ "https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kube-apiserver" \
"https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kube-controller-manager" \ "https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kube-controller-manager" \
"https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kube-scheduler" \ "https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kube-scheduler" \
"https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kubectl" "https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kubectl"
``` ```
Install the Kubernetes binaries: Install the Kubernetes binaries:
@ -82,14 +82,13 @@ ExecStart=/usr/local/bin/kube-apiserver \\
--authorization-mode=Node,RBAC \\ --authorization-mode=Node,RBAC \\
--bind-address=0.0.0.0 \\ --bind-address=0.0.0.0 \\
--client-ca-file=/var/lib/kubernetes/ca.pem \\ --client-ca-file=/var/lib/kubernetes/ca.pem \\
--enable-admission-plugins=Initializers,NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \\ --enable-admission-plugins=NamespaceLifecycle,NodeRestriction,LimitRanger,ServiceAccount,DefaultStorageClass,ResourceQuota \\
--enable-swagger-ui=true \\
--etcd-cafile=/var/lib/kubernetes/ca.pem \\ --etcd-cafile=/var/lib/kubernetes/ca.pem \\
--etcd-certfile=/var/lib/kubernetes/kubernetes.pem \\ --etcd-certfile=/var/lib/kubernetes/kubernetes.pem \\
--etcd-keyfile=/var/lib/kubernetes/kubernetes-key.pem \\ --etcd-keyfile=/var/lib/kubernetes/kubernetes-key.pem \\
--etcd-servers=https://10.240.0.10:2379,https://10.240.0.11:2379,https://10.240.0.12:2379 \\ --etcd-servers=https://10.240.0.10:2379,https://10.240.0.11:2379,https://10.240.0.12:2379 \\
--event-ttl=1h \\ --event-ttl=1h \\
--experimental-encryption-provider-config=/var/lib/kubernetes/encryption-config.yaml \\ --encryption-provider-config=/var/lib/kubernetes/encryption-config.yaml \\
--kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \\ --kubelet-certificate-authority=/var/lib/kubernetes/ca.pem \\
--kubelet-client-certificate=/var/lib/kubernetes/kubernetes.pem \\ --kubelet-client-certificate=/var/lib/kubernetes/kubernetes.pem \\
--kubelet-client-key=/var/lib/kubernetes/kubernetes-key.pem \\ --kubelet-client-key=/var/lib/kubernetes/kubernetes-key.pem \\
@ -127,7 +126,7 @@ Documentation=https://github.com/kubernetes/kubernetes
[Service] [Service]
ExecStart=/usr/local/bin/kube-controller-manager \\ ExecStart=/usr/local/bin/kube-controller-manager \\
--address=0.0.0.0 \\ --bind-address=0.0.0.0 \\
--cluster-cidr=10.200.0.0/16 \\ --cluster-cidr=10.200.0.0/16 \\
--cluster-name=kubernetes \\ --cluster-name=kubernetes \\
--cluster-signing-cert-file=/var/lib/kubernetes/ca.pem \\ --cluster-signing-cert-file=/var/lib/kubernetes/ca.pem \\
@ -159,7 +158,7 @@ Create the `kube-scheduler.yaml` configuration file:
``` ```
cat <<EOF | sudo tee /etc/kubernetes/config/kube-scheduler.yaml cat <<EOF | sudo tee /etc/kubernetes/config/kube-scheduler.yaml
apiVersion: componentconfig/v1alpha1 apiVersion: kubescheduler.config.k8s.io/v1alpha1
kind: KubeSchedulerConfiguration kind: KubeSchedulerConfiguration
clientConnection: clientConnection:
kubeconfig: "/var/lib/kubernetes/kube-scheduler.kubeconfig" kubeconfig: "/var/lib/kubernetes/kube-scheduler.kubeconfig"
@ -397,12 +396,12 @@ curl --cacert ca.pem https://${KUBERNETES_PUBLIC_ADDRESS}:6443/version
``` ```
{ {
"major": "1", "major": "1",
"minor": "12", "minor": "14",
"gitVersion": "v1.12.0", "gitVersion": "v1.14.2",
"gitCommit": "0ed33881dc4355495f623c6f22e7dd0b7632b7c0", "gitCommit": "66049e3b21efe110454d67df4fa62b08ea79a19b",
"gitTreeState": "clean", "gitTreeState": "clean",
"buildDate": "2018-09-27T16:55:41Z", "buildDate": "2019-05-16T16:14:56Z",
"goVersion": "go1.10.4", "goVersion": "go1.12.5",
"compiler": "gc", "compiler": "gc",
"platform": "linux/amd64" "platform": "linux/amd64"
} }

26
docs/09-bootstrapping-kubernetes-workers.md
View File

@ -31,14 +31,14 @@ Install the OS dependencies:
``` ```
wget -q --show-progress --https-only --timestamping \ wget -q --show-progress --https-only --timestamping \
https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.12.0/crictl-v1.12.0-linux-amd64.tar.gz \ https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.14.0/crictl-v1.14.0-linux-amd64.tar.gz \
https://storage.googleapis.com/kubernetes-the-hard-way/runsc-50c283b9f56bb7200938d9e207355f05f79f0d17 \ https://storage.googleapis.com/kubernetes-the-hard-way/runsc-50c283b9f56bb7200938d9e207355f05f79f0d17 \
https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64 \ https://github.com/opencontainers/runc/releases/download/v1.0.0-rc8/runc.amd64 \
https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz \ https://github.com/containernetworking/plugins/releases/download/v0.8.0/cni-plugins-linux-amd64-v0.8.0.tgz \
https://github.com/containerd/containerd/releases/download/v1.2.0-rc.0/containerd-1.2.0-rc.0.linux-amd64.tar.gz \ https://github.com/containerd/containerd/releases/download/v1.2.6/containerd-1.2.6.linux-amd64.tar.gz \
https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kubectl \ https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kubectl \
https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kube-proxy \ https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kube-proxy \
https://storage.googleapis.com/kubernetes-release/release/v1.12.0/bin/linux/amd64/kubelet https://storage.googleapis.com/kubernetes-release/release/v1.14.2/bin/linux/amd64/kubelet
``` ```
Create the installation directories: Create the installation directories:
@ -61,9 +61,9 @@ Install the worker binaries:
sudo mv runc.amd64 runc sudo mv runc.amd64 runc
chmod +x kubectl kube-proxy kubelet runc runsc chmod +x kubectl kube-proxy kubelet runc runsc
sudo mv kubectl kube-proxy kubelet runc runsc /usr/local/bin/ sudo mv kubectl kube-proxy kubelet runc runsc /usr/local/bin/
sudo tar -xvf crictl-v1.12.0-linux-amd64.tar.gz -C /usr/local/bin/ sudo tar -xvf crictl-v1.14.0-linux-amd64.tar.gz -C /usr/local/bin/
sudo tar -xvf cni-plugins-amd64-v0.6.0.tgz -C /opt/cni/bin/ sudo tar -xvf cni-plugins-linux-amd64-v0.8.0.tgz -C /opt/cni/bin/
sudo tar -xvf containerd-1.2.0-rc.0.linux-amd64.tar.gz -C / sudo tar --strip-components=1 -xvf containerd-1.2.6.linux-amd64.tar.gz -C /bin/
} }
``` ```
@ -296,9 +296,9 @@ gcloud compute ssh controller-0 \
``` ```
NAME STATUS ROLES AGE VERSION NAME STATUS ROLES AGE VERSION
worker-0 Ready <none> 35s v1.12.0 worker-0 Ready <none> 11s v1.14.2
worker-1 Ready <none> 36s v1.12.0 worker-1 Ready <none> 15s v1.14.2
worker-2 Ready <none> 36s v1.12.0 worker-2 Ready <none> 13s v1.14.2
``` ```
Next: [Configuring kubectl for Remote Access](10-configuring-kubectl.md) Next: [Configuring kubectl for Remote Access](10-configuring-kubectl.md)

10
docs/10-configuring-kubectl.md
View File

@ -55,16 +55,16 @@ etcd-0 Healthy {"health":"true"}
List the nodes in the remote Kubernetes cluster: List the nodes in the remote Kubernetes cluster:
``` ```
kubectl get nodes kubectl get nodes -o wide
``` ```
> output > output
``` ```
NAME STATUS ROLES AGE VERSION NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
worker-0 Ready <none> 117s v1.12.0 worker-0 Ready <none> 3m42s v1.14.2 10.240.0.20 <none> Ubuntu 19.04 5.0.0-1006-gcp containerd://1.2.6
worker-1 Ready <none> 118s v1.12.0 worker-1 Ready <none> 3m46s v1.14.2 10.240.0.21 <none> Ubuntu 19.04 5.0.0-1006-gcp containerd://1.2.6
worker-2 Ready <none> 118s v1.12.0 worker-2 Ready <none> 3m44s v1.14.2 10.240.0.22 <none> Ubuntu 19.04 5.0.0-1006-gcp containerd://1.2.6
``` ```
Next: [Provisioning Pod Network Routes](11-pod-network-routes.md) Next: [Provisioning Pod Network Routes](11-pod-network-routes.md)