Last active
August 14, 2017 01:47
-
-
Save davistran86/87bc02eb6914349f8b2e1a0d7ca23511 to your computer and use it in GitHub Desktop.
Install K8s on CentOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| =============================== | |
| #0. Hosts in cluster | |
| =============================== | |
| #yum install -y net-tools nano wget | |
| #192.168.70.141 k8s-master | |
| #192.168.70.142 k8s-node | |
| #Edit hosts file on all hosts (master,node) | |
| cat <<EOF >> /etc/hosts | |
| 192.168.70.141 k8s-master | |
| 192.168.70.142 k8s-node | |
| EOF | |
| =============================== | |
| #1. Configuration (master,node) | |
| =============================== | |
| setenforce 0 | |
| systemctl stop firewalld | |
| systemctl disable firewalld | |
| yum install -y ntp | |
| systemctl start ntpd | |
| systemctl enable ntpd | |
| systemctl status ntpd | |
| =============================== | |
| #3. Add repo to all hosts (master,node) | |
| =============================== | |
| cat <<EOF > /etc/yum.repos.d/kubernetes.repo | |
| [kubernetes] | |
| name=Kubernetes | |
| baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 | |
| enabled=1 | |
| gpgcheck=1 | |
| repo_gpgcheck=1 | |
| gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg | |
| https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
| EOF | |
| #NOTE: IF YOU WANT TO INSTALL LATEST VERSION (CURRENTLY 1.7.3) | |
| #FOLLOW THIS GUIDE: https://gist.github.com/davistran86/c85d865abbf15e4f51365bee1a30c53e | |
| =============================== | |
| #4. Install | |
| =============================== | |
| #STEP 1 (master,node): | |
| =============================== | |
| yum -y install --enablerepo=kubernetes kubernetes etcd flannel | |
| #K8S 1.7.3: yum -y install --enablerepo=virt7-container-common-candidate kubernetes etcd flannel | |
| =============================== | |
| #STEP 2 (master,node): | |
| =============================== | |
| nano /etc/kubernetes/config | |
| # Comma separated list of nodes running etcd cluster | |
| KUBE_ETCD_SERVERS="--etcd-servers=http://192.168.70.141:2379" | |
| # Logging will be stored in system journal | |
| KUBE_LOGTOSTDERR="--logtostderr=true" | |
| # Journal message level, 0 is debug | |
| KUBE_LOG_LEVEL="--v=0" | |
| # Should this cluster be allowed to run privileged docker containers | |
| KUBE_ALLOW_PRIV="--allow-privileged=false" | |
| # Api-server endpoint used in scheduler and controller-manager | |
| KUBE_MASTER="--master=http://192.168.70.141:8080" | |
| #copy to node: scp /etc/kubernetes/config root@192.168.70.142:/etc/kubernetes/config | |
| =============================== | |
| #STEP 3 (master): | |
| =============================== | |
| nano /etc/etcd/etcd.conf | |
| #[member] | |
| ETCD_NAME=default | |
| ETCD_DATA_DIR="/var/lib/etcd/default.etcd" | |
| ETCD_LISTEN_CLIENT_URLS="http://0.0.0.0:2379" | |
| #[cluster] | |
| ETCD_ADVERTISE_CLIENT_URLS="http://0.0.0.0:2379" | |
| =============================== | |
| #STEP 4 (master): | |
| =============================== | |
| wget https://raw.githubusercontent.com/kubernetes/kubernetes/master/cluster/saltbase/salt/generate-cert/make-ca-cert.sh | |
| #edit cert_group in make-ca-cert.sh as below: | |
| nano make-ca-certh.sh | |
| cert_group=${CERT_GROUP:-kube} | |
| #RUN | |
| bash make-ca-cert.sh "192.168.70.141" "IP:192.168.70.141,IP:10.254.0.1,DNS:kubernetes,DNS:kubernetes.default,DNS:kubernetes.default.svc,DNS:kubernetes.default.svc.cluster.local" | |
| #10.254.0.1 is ip of K8s service | |
| =============================== | |
| #STEP 5 (master): | |
| =============================== | |
| nano /etc/kubernetes/apiserver | |
| # Bind kube API server to this IP | |
| KUBE_API_ADDRESS="--address=0.0.0.0" | |
| # Port that kube api server listens to. | |
| KUBE_API_PORT="--port=8080" | |
| # Port kubelet listen on | |
| KUBELET_PORT="--kubelet-port=10250" | |
| # Address range to use for services(Work unit of Kubernetes) | |
| KUBE_SERVICE_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16" | |
| # default admission control policies | |
| #KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota" | |
| # Add your own! | |
| KUBE_API_ARGS="--client-ca-file=/srv/kubernetes/ca.crt --tls-cert-file=/srv/kubernetes/server.cert --tls-private-key-file=/srv/kubernetes/server.key" | |
| =============================== | |
| #STEP 6 (master): | |
| =============================== | |
| nano /etc/kubernetes/controller-manager | |
| # Add your own! | |
| KUBE_CONTROLLER_MANAGER_ARGS="--root-ca-file=/srv/kubernetes/ca.crt --service-account-private-key-file=/srv/kubernetes/server.key" | |
| =============================== | |
| #STEP 7 (nodes): | |
| =============================== | |
| nano /etc/kubernetes/kubelet | |
| # kubelet bind ip address(Provide private ip of minion) | |
| KUBELET_ADDRESS="--address=0.0.0.0" | |
| # port on which kubelet listen | |
| KUBELET_PORT="--port=10250" | |
| # leave this blank to use the hostname of server | |
| KUBELET_HOSTNAME="--hostname-override=k8s-node1" | |
| # Location of the api-server | |
| KUBELET_API_SERVER="--api-servers=http://k8s-master:8080" | |
| # Add your own! | |
| KUBELET_ARGS="" | |
| =============================== | |
| #STEP 8 (master): | |
| =============================== | |
| systemctl start etcd | |
| etcdctl mkdir /kube-centos/network | |
| etcdctl mk /kube-centos/network/config "{ \"Network\": \"172.30.0.0/16\", \"SubnetLen\": 24, \"Backend\": { \"Type\": \"vxlan\" } }" | |
| =============================== | |
| #STEP 9 (master,node): | |
| =============================== | |
| nano /etc/sysconfig/flanneld | |
| # etcd URL location. Point this to the server where etcd runs | |
| FLANNEL_ETCD="http://192.168.70.141:2379" | |
| # etcd config key. This is the configuration key that flannel queries | |
| # For address range assignment | |
| FLANNEL_ETCD_PREFIX="/kube-centos/network" | |
| # Any additional options that you want to pass | |
| FLANNEL_OPTIONS="" | |
| #copy to node: scp /etc/sysconfig/flanneld root@192.168.70.142:/etc/sysconfig/flanneld | |
| =============================== | |
| #STEP 10 (master): | |
| =============================== | |
| for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler flanneld; do | |
| systemctl restart $SERVICES | |
| systemctl enable $SERVICES | |
| systemctl status $SERVICES | |
| done | |
| =============================== | |
| #STEP 11 (nodes): | |
| =============================== | |
| for SERVICES in kube-proxy kubelet flanneld docker; do | |
| systemctl restart $SERVICES | |
| systemctl enable $SERVICES | |
| systemctl status $SERVICES | |
| done | |
| =============================== | |
| #STEP 12 (master,nodes): | |
| =============================== | |
| kubectl config set-cluster default-cluster --server=http://k8s-master:8080 | |
| kubectl config set-context default-context --cluster=default-cluster --user=default-admin | |
| kubectl config use-context default-context | |
| =============================== | |
| #TODO: Install DNS and Dashboard | |
| =============================== |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment