Kubernetes : Kubeadm : Configure Master Node
2018/04/07 |
Install Kubeadm to Configure Multi Nodes Kubernetes Cluster.
On this example, Configure
This example is based on the emvironment like follows.
For System requirements, each Node has uniq Hostname, MAC address, Product_uuid.
MAC address and Product_uuid are generally already uniq one if you installed OS on phisical machine or virtula machine with common procedure. You can see Product_uuid with the command [dmidecode -s system-uuid]. -----------+---------------------------+--------------------------+------------ | | | eth0|10.0.0.30 eth0|10.0.0.51 eth0|10.0.0.52 +----------+-----------+ +-----------+----------+ +-----------+----------+ | [ dlp.srv.world ] | | [ node01.srv.world ] | | [ node02.srv.world ] | | Master Node | | Worker Node | | Worker Node | +----------------------+ +----------------------+ +----------------------+ |
Configure Master Node on this section.
|
|
[1] |
[2] |
Configure initial setup on Master Node.
For [--apiserver-advertise-address] option, specify the IP address Kubernetes API server listens.
For [--pod-network-cidr] option, specify network which Pod Network uses.
There are some plugins for Pod Network. (refer to details below)
⇒ https://kubernetes.io/docs/concepts/cluster-administration/networking/
On this example, select Flannel. For Flannel, specify [--pod-network-cidr=10.244.0.0/16] to let Pod Network work normally.
|
[root@dlp ~]# kubeadm init --apiserver-advertise-address=10.0.0.30 --pod-network-cidr=10.244.0.0/16
[init] Using Kubernetes version: v1.10.0
[init] Using Authorization modes: [Node RBAC]
[preflight] Running pre-flight checks.
[WARNING Firewalld]: firewalld is active, please ensure ports [6443 10250] are open or your cluster may not function correctly
[preflight] Starting the kubelet service
[certificates] Generated ca certificate and key.
[certificates] Generated apiserver certificate and key.
[certificates] apiserver serving cert is signed for DNS names [dlp.srv.world kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 10.0.0.30]
.....
.....
[bootstraptoken] Configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstraptoken] Configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstraptoken] Creating the "cluster-info" ConfigMap in the "kube-public" namespace
[addons] Applied essential addon: kube-dns
[addons] Applied essential addon: kube-proxy
Your Kubernetes master has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
You can now join any number of machines by running the following on each node
as root:
# the command below is necessary to run on Worker Node when he joins to the cluster, so remember it
kubeadm join 10.0.0.30:6443 --token ivcdtn.r9qt329oe49nb3b7 --discovery-token-ca-cert-hash sha256:2a2bdff5648e6f17bbc60889e8b47656795f2cb2ea959c8dc10b5dcb09d48be5
# set cluster admin user # if you set common user as cluster admin, login with it and run [sudo cp/chown ***] [root@dlp ~]# mkdir -p $HOME/.kube [root@dlp ~]# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config [root@dlp ~]# chown $(id -u):$(id -g) $HOME/.kube/config
|
[3] | Configure Pod Network with Flannel. |
[root@dlp ~]#
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml clusterrole.rbac.authorization.k8s.io "flannel" created clusterrolebinding.rbac.authorization.k8s.io "flannel" created serviceaccount "flannel" created configmap "kube-flannel-cfg" created daemonset.extensions "kube-flannel-ds" created # show state (OK if STATUS = Ready) [root@dlp ~]# kubectl get nodes NAME STATUS ROLES AGE VERSION dlp.srv.world Ready master 18m v1.10.0 # show state (OK if all are Running) [root@dlp ~]# kubectl get pods --all-namespaces NAMESPACE NAME READY STATUS RESTARTS AGE kube-system etcd-dlp.srv.world 1/1 Running 0 17m kube-system kube-apiserver-dlp.srv.world 1/1 Running 0 17m kube-system kube-controller-manager-dlp.srv.world 1/1 Running 0 17m kube-system kube-dns-86f4d74b45-rtrgd 3/3 Running 0 18m kube-system kube-flannel-ds-8lhqq 1/1 Running 0 1m kube-system kube-proxy-cqmfz 1/1 Running 0 18m kube-system kube-scheduler-dlp.srv.world 1/1 Running 0 17m |