Installing the kubernetes cluster

Installing the kubernetes cluster using kubeasz

kubeasz github https://github.com/easzlab/kubeasz

Configuration: 4 core 8GB memory (only master role 2G memory)
System: CentOS-7.6 1810 Minimal
 Be careful:
  1. Ensure system time is normal before installation.
  2. All commands need to be executed at the deployment node (192.168.2.71)
  3. Simply change the SERVER_NAM SERVER_IP variable in the configuration variable and automatically identify other parameters of the / etc/ansible/hosts configuration file in the form of variables.

Role information:
  etcd: 192.168.2.71 192.168.2.72 192.168.2.73
  kube-master: 192.168.2.71 192.168.2.72
  kube-node: 192.168.2.72 192.168.2.73 192.168.2.74
  chrony: 192.168.2.71
  • Configuration variables
# Replace the variable value with the actual IP address. Note that the host name and the number of IP should be separated by spaces.
SERVER_NAME=(node01 node02 node03 node04)
SERVER_IP=(192.168.2.71 192.168.2.72 192.168.2.73 192.168.2.74)
  • Setting up local Host parsing
# Clean up hosts (Keep only 2 rows of new k8s cluster hosts parsing)
sed -i '3,$d' /etc/hosts
echo -e "\n# k8s cluster" >> /etc/hosts
let SER_LEN=${#SERVER_IP[@]}-1
for ((i=0;i<=$SER_LEN;i++)); do
    echo "${SERVER_IP[i]}  ${SERVER_NAME[i]}" >> /etc/hosts
done
  • Configure ssh secret key login
# Replace the SSH_RROT_PASSWD value with the root SSH password
SSH_RROT_PASSWD=redhat
curl -sSL -o ssh-key-copy.sh https://dwz.cn/S0NQWllm
chmod +x ssh-key-copy.sh && ./ssh-key-copy.sh "$(echo ${SERVER_IP[@]})" root $SSH_RROT_PASSWD

# Synchronize hosts files
for node in ${SERVER_IP[@]}; do
    scp /etc/hosts $node:/etc/hosts
done
  • Setting Host Name
for node in ${SERVER_IP[@]}; do
    ssh -T $node <<'EOF'
    HOST_IF=$(ip route|grep default|cut -d ' ' -f5)
    HOST_IP=$(ip a|grep "$HOST_IF$"|awk '{print $2}'|cut -d'/' -f1)
    hostnamectl set-hostname $(grep $HOST_IP /etc/hosts | awk '{print $2}')
EOF
done
  • Optimization parameters
for node in ${SERVER_IP[@]}; do
    ssh -T $node <<'EOF'
    # Optimizing ssh connection speed
    sed -i "s/#UseDNS yes/UseDNS no/" /etc/ssh/sshd_config
    sed -i "s/GSSAPIAuthentication .*/GSSAPIAuthentication no/" /etc/ssh/sshd_config
    systemctl restart sshd

    # Configure yum source
    rm -f /etc/yum.repos.d/*.repo
    curl -so /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
    curl -so /etc/yum.repos.d/Centos-7.repo http://mirrors.aliyun.com/repo/Centos-7.repo
    sed -i '/aliyuncs.com/d' /etc/yum.repos.d/Centos-7.repo /etc/yum.repos.d/epel-7.repo
EOF
done
  • Close Deployer Firewall

The current deployment node sharing the same node with the k8s cluster to install the k8s cluster will delete the firewall and lead to failure deployment of the deployment container network

systemctl stop firewalld
systemctl disable firewalld
  • Download installation resources

Download easzup

export release=2.0.3
curl -C- -fLO --retry 3 https://github.com/easzlab/kubeasz/releases/download/${release}/easzup
chmod +x ./easzup

Replacement Mirror Acceleration Site

cp easzup .easzup
sed -i 's#"https://dockerhub.azk8s.cn",#"http://3272dd08.m.daocloud.io"#' easzup
sed -ni 'p;/3272dd08/n' easzup
sed -ni 'p;/3272dd08/n' easzup

Download resources

./easzup -D
  • Start installation

Start-up & Enter ansible-docker

# Synchronized container time zone
sed -i '280a\      --volume /etc/localtime:/etc/localtime \\' easzup

# Start-up & Enter
./easzup -S
docker exec -it kubeasz /bin/bash

Create an ansibel configuration file

# Copy template
cp /etc/ansible/example/hosts.multi-node /etc/ansible/hosts

# Manual modification of the following parameters of the configuration file/etc/ansible/host
vi /etc/ansible/hosts
[etcd]
192.168.2.71 NODE_NAME=etcd1
192.168.2.72 NODE_NAME=etcd2
192.168.2.73 NODE_NAME=etcd3

[kube-master]    # Fill in master IP here and do not run other pod s except k8s network container.
192.168.2.71
192.168.2.72

[kube-node]      # Fill in the work node IP here
192.168.2.72
192.168.2.73
192.168.2.74

[chrony]
192.168.2.71

Configuring private warehouses, docker acceleration

Configuration before installation (because modifying these configurations requires restarting the docker service)

# Modify docker acceleration address
sed -i "s#REG_MIRRORS:.*#REG_MIRRORS: '[\"http://3272dd08.m.daocloud.io\"]'#" /etc/ansible/roles/docker/defaults/main.yml

# Modify the trusted docker warehouse (modify the HARBOR variable to the local warehouse address)
HARBOR=192.168.2.75
sed -i "s#127.0.0.1/8#$HARBOR#" /etc/ansible/roles/docker/defaults/main.yml

install

cd /etc/ansible
ansible all -m ping                    # Verify Host Communication in Configuration File
ansible-playbook 90.setup.yml          # install
ansible-playbook 99.clean.yml          # Clean up (Installation Failure Restore Environment)
  • Installation Follow-up Processing

View login tokens

# admin login token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

# Read-only login token
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep read-user | awk '{print $1}')

# Write to configuration file
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}') | grep token: | sed 's#^token:    #    token:#' >> ~/.kube/config

# After installing lrzsz, use sz ~/.kube/config to the win host to use this file to log directly into the k8s web console

# Timely backup etcd
echo '0 */1 * * * /usr/bin/ansible-playbook /etc/ansible/23.backup.yml >> /tmp/etcd_backup.log' > /etc/crontab
crontab /etc/crontab

# Deployment Completion Deletes Deployment Containers
exit
docker rm -f kubeasz

Administration

Exit Re-login Terminal (Reason: Reread Environment Variables)

# View the dashboard port
kubectl -n kube-system get svc | grep kubernetes-dashboard

# Node state
kubectl get node
kubectl top node

Tags: ansible ssh Docker yum

Posted on Wed, 09 Oct 2019 01:33:48 -0700 by Saeven