Jumat, 11 Oktober 2024

K8S-rocky linux9

 

https://linuxnaija.com/deploying-kubernetes-cluster-on-rocky-linux-9/

In this article, I will be setting up a Kubernetes cluster in my home lab environment. This will be a high available worker nodes clustered environment which will host multiple applications and services. 

For this purpose of this lab, I have 4 nodes 

  • Master Node – 192.168.0.175 
  • WorkerNode-1 – 192.168.0.101 
  • WorkerNode-2 – 192.168.0.189 
  • WorkerNode-3 – 192.168.0.140 

Note – All nodes are configured with a static IP Address

Configure hostname on all nodes

cat <<EOF>> /etc/hosts 
192.168.0.175 master-node
192.168.0.101 node-1 worker-node-1
192.168.0.189 node-2 worker-node-2
192.168.0.140 node-3 worker-node-3
EOF

Disable Selinux and Swap on all nodes

setenforce 0 
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
swapoff -a

Configure network on all nodes

modprobe overlay 
modprobe br_netfilter
tee /etc/sysctl.d/k8s.conf<<EOF
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF

sysctl –system

Enable firewall and configure firewall rules on all nodes

yum -y install firewalld 
systemctl enable firewalld –now

firewall-cmd --permanent --add-port=6443/tcp
firewall-cmd --permanent --add-port=2379-2380/tcp
firewall-cmd --permanent --add-port=10250/tcp
firewall-cmd --permanent --add-port=10251/tcp
firewall-cmd --permanent --add-port=10252/tcp
firewall-cmd --permanent --add-port=10255/tcp
firewall-cmd –reload

Once the basic setup is done, then we install docker on all nodes

Install Docker

dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo 
dnf install docker-ce
systemctl enable docker
systemctl start docker

Next, we install Kubernetes 

Add the Kubernetes repository on all nodes

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo 
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.28/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF

Install Kubernetes packages

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes 
sudo systemctl enable --now kubelet

Initialize the Control plane. (This should only be done on the master Node) 

kubeadm init

Note down the token to add worker nodes to the cluster. In my case this is 

kubeadm join 192.168.0.175:6443 --token wp3mss.0izqdsx9qrfnum25 --discovery-token-ca-cert-hash sha256:50b4ff57a716452a0a6d3e5a7230f704cbdb55751ea07cc45d3fdbc4c8e58f0b

To use your cluster and control as a regular user and not root, run the command on the user account 

mkdir -p $HOME/.kube 
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

Once all is done, we can now check nodes

Kubectl get nodes

Next we will add our 3 worker nodes to the cluster. On each of the nodes we will run the kubectl join command and token

kubeadm join 192.168.0.175:6443 --token wp3mss.0izqdsx9qrfnum25 --discovery-token-ca-cert-hash sha256:50b4ff57a716452a0a6d3e5a7230f704cbdb55751ea07cc45d3fdbc4c8e58f0b

Lets confirm nodes have been added. On the Control Node

kubectl get nodes

Here we see the master node is in a NotReady state, this is because the Pod network has not been configured. Let’s configure this. 

Configure POD Network

export kubever=$(kubectl version | base64 | tr -d '\n') 
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
kubectl cluster-info

Now Network is configured, and we can access the URL (Will show how to configure the dashboard in another article) 

Now we have successfully deployed our Kubernetes cluster. We can now deploy our favorite applications. In more articles I will explain on how to deploy apps on Kubernetes. You can check how to modify node roles here: https://linuxnaija.com/modifying-node-roles-label-in-kubernetes/

Tidak ada komentar:

Posting Komentar