How to Get a Cluster Running¶
Installation and maintenance of cluster server is complicated and requires a dev-ops maintainer.
We highly recommend you to let your cluster installation to your server provider and consult this with professionals.
Minimal Setup for Testing¶
If you just want to try it out and you decided to install a cluster on your own you can follow these steps.
Install repositories required by Docker and Kubernetes:
yum install -y yum-utils device-mapper-persistent-data lvm2
Install Docker:
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce
systemctl enable docker && systemctl start docker
Add Kubernetes repository
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
Install Kubernetes and tools for controlling it (Kubelet, Kubectl, Kubeadm):
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Enable Kubelet as a service so it starts with the system reboot
systemctl enable kubelet && systemctl start kubelet
Kubernetes works with iptables rules for setting up traffic between pods. That's why there is a need to turn off some security processes to assure that Kubernetes will work properly.
Disable setenforce
process that is in conflict with Kubernetes:
setenforce 0
Disable swap
because Kubernetes works with memory used onto server, which cannot be controlled if swap is turned on:
swapoff -a
sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
Clean already created rules in iptables that can be in conflict with Kubernetes:
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system
For running Kubernetes without any problems you now need to disable firewalld service.
systemctl disable firewalld
systemctl stop firewalld
Create a cluster on your server and define IP range for pods.
kubeadm init --pod-network-cidr=192.168.0.0/16
Configure kubectl.
mkdir -p ~/.kube
sudo cp -i /etc/kubernetes/admin.conf ~/.kube/config
sudo chown $(id -u):$(id -g) ~/.kube/config
Install a network add-on. You can choose anything from the list. For the purpose of this guide, we will install Calico.
kubectl apply -f \
https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/etcd.yaml
kubectl apply -f \
https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/rbac.yaml
kubectl apply -f \
https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/calico.yaml
Make your server a master node:
kubectl taint nodes --all node-role.kubernetes.io/master-
Start Ingress nginx controller¶
To forward traffic into the pods you need to start a service that will be listening on the domain and forward traffic into the pods by domain names or ports.
For this we use Ingress Nginx Controller maintained by the Kubernetes community.
Download the manifest.
wget -P ~/.kube/ "https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml"
Open mandatory.yaml
and set hostPort
in spec -> template -> spec -> containers -> ports
.
Just add hostPort
after containerPort
with the same value of port for accessing http or https protocol.
Install Ingress Controller
kubectl apply -f ~/.kube/mandatory.yaml
This port is then set into environment variable $NGINX_INGRESS_CONTROLLER_HOST_PORT
.