Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
Next revisionBoth sides next revision
docker:kubernetes [2020/05/14 19:07] – [Calico] tmadedocker:kubernetes [2020/05/28 14:25] – [Script to add dashboaduser] tmade
Line 173: Line 173:
   no_proxy="localhost,127.0.0.1,IP-Master-Node,IP-Worker-Node,IP_Master-Node-Network,10.96.0.0/12,192.168.0.0,::1"   no_proxy="localhost,127.0.0.1,IP-Master-Node,IP-Worker-Node,IP_Master-Node-Network,10.96.0.0/12,192.168.0.0,::1"
  
-To start using your cluster, you need to run the following **as a regular user** with **sudo** rights:+To start using your cluster, you need to run the following **as a regular user** (**sudo rights required!**):
  
-  useradd -s /bin/bash -m kubernetes                                       +  useradd -s /bin/bash -m kubernetes 
 +  echo "kubernetes ALL=(ALL:ALL) NOPASSWD: ALL" >> /etc/sudoers                                       
   su - kubernetes   su - kubernetes
   #rm -r $HOME/.kube   #rm -r $HOME/.kube
Line 202: Line 203:
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.4+#version: 1.5
  
 USER="kubernetes" USER="kubernetes"
Line 213: Line 214:
 DASBOARD="/home/kubernetes/dashboard" DASBOARD="/home/kubernetes/dashboard"
 # filename such as "kubernetes-dashboard-v2.0.0-rc5.yaml" expected # filename such as "kubernetes-dashboard-v2.0.0-rc5.yaml" expected
-DASHVERS="v2.0.0-rc5"+DASHVERS="v2.0.1"
 PODNETWORKADDON="192.168.0.0/16" PODNETWORKADDON="192.168.0.0/16"
  
Line 219: Line 220:
 echo "Setup -------------k8s--------------" echo "Setup -------------k8s--------------"
 echo "" echo ""
-su - kubernetes -c "kubectl version"+su - kubernetes -c "kubectl version 2> /dev/null"
 echo "" echo ""
 su - kubernetes -c "read -s -n 1 -p \"Press any key to continue . . .\"" su - kubernetes -c "read -s -n 1 -p \"Press any key to continue . . .\""
Line 283: Line 284:
  
 echo "" echo ""
-read -p "Do you want to schedule pods on your master? Please enter \"y\" or \"n\": " SCHEDULE+while [ -z $SCHEDULE ] ; 
 +do 
 +      read -p "Do you want to schedule pods on your master? Please enter \"y\" or \"n\": " SCHEDULE 
 +      echo "Please enter \"y\" or \"n\"" 
 +done 
 + 
 +echo ""
 echo "You´ve entered:  \"$SCHEDULE\"" echo "You´ve entered:  \"$SCHEDULE\""
 echo "" echo ""
 +
 if [ $SCHEDULE = y ] if [ $SCHEDULE = y ]
 then then
Line 386: Line 394:
 #version: 1.2 #version: 1.2
  
-INTERFACE="ens160"+INTERFACE="eth0"
 CALICOURLVERSION="v3.11" CALICOURLVERSION="v3.11"
 FILE="calico.yaml" FILE="calico.yaml"
Line 418: Line 426:
 echo "renaming..." echo "renaming..."
 echo "" echo ""
-mv $HOME/$FILE $HOME/calico-${CALICOVERSION}.yaml+mv ${HOME}/${FILE${HOME}/calico-${CALICOVERSION}.yaml
 chown ${USER}:${USER} * chown ${USER}:${USER} *
 echo "done" echo "done"
Line 697: Line 705:
 #/bin/bash #/bin/bash
  
-echo "Important: The \"Common Name\" (CN) must be the same as the ServiceAccount name (e. g. tmade)!"+echo "" 
 +echo "Important: The \"Common Name\" (CN) must be the same as the ServiceAccount name (e. g. MyHostname)!"
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.3+#version: 1.4
  
 C="DE" C="DE"
 ST="BW" ST="BW"
 L="MyCity" L="MyCity"
-O="tmade+O="MyCompany
-OU="Cluster+OU="MyDepartment
-CN="tmade"+CN="MyHostname"
 MAIL="test@test.com" MAIL="test@test.com"
 CERT="$(echo ~/certs)" CERT="$(echo ~/certs)"
Line 724: Line 733:
 fi fi
  
-openssl req -out kubecfg-${CN}.csr -new -newkey rsa:4096 -nodes -keyout kubecfg-${CN}.key -subj "/\C=${C}/ST=${ST}/L=${L}/O=${O}/OU=${OU}/CN=${CN}/emailAddress=${MAIL}"+dd if=/dev/urandom of=~/.rnd bs=256 count=1 2> /dev/null 
 +openssl req -out kubecfg-${CN}.csr -new -newkey rsa:4096 -nodes -keyout kubecfg-${CN}.key -subj "/C=${C}/ST=${ST}/L=${L}/O=${O}/OU=${OU}/CN=${CN}/emailAddress=${MAIL}"
 sudo openssl x509 -req -in kubecfg-${CN}.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out kubecfg-${CN}.crt -days 1000 -sha256 sudo openssl x509 -req -in kubecfg-${CN}.csr -CA /etc/kubernetes/pki/ca.crt -CAkey /etc/kubernetes/pki/ca.key -CAcreateserial -out kubecfg-${CN}.crt -days 1000 -sha256
 openssl pkcs12 -export -clcerts -inkey kubecfg-${CN}.key -in kubecfg-${CN}.crt -out kubecfg-${CN}.p12 -name "kubernetes-client" openssl pkcs12 -export -clcerts -inkey kubecfg-${CN}.key -in kubecfg-${CN}.crt -out kubecfg-${CN}.p12 -name "kubernetes-client"
Line 1245: Line 1255:
  
 https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/ https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/annotations/
 +
 +https://github.com/nginxinc/kubernetes-ingress/blob/master/docs/nginx-ingress-controllers.md
  
 === Install nginx ingress-controller === === Install nginx ingress-controller ===
 +
 +Check also on https://docs.nginx.com/nginx-ingress-controller/installation/installation-with-manifests/
  
 <code sh install-nginx-ingress-controller.sh> <code sh install-nginx-ingress-controller.sh>
Line 1252: Line 1266:
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.1+#version: 1.2
  
 VERSION="1.6.3" VERSION="1.6.3"
-HOME="/home/kubernetes"+USER="kubernetes" 
 +HOME="/home/${USER}"
 FILE="${HOME}/kubernetes-ingress" FILE="${HOME}/kubernetes-ingress"
  
-if  [ -$FILE ]+if  [ -${FILE]
 then then
-        echo "Downloading Ingress..." 
-else 
         echo ""         echo ""
         echo "${FILE} exists, renaming..."         echo "${FILE} exists, renaming..."
Line 1267: Line 1280:
  
         mv ${FILE} ${FILE}.bak         mv ${FILE} ${FILE}.bak
 +else
 +        echo ""
 +        echo "Downloading Ingress..."
 +        echo ""
 fi fi
  
 +cd ${HOME}
 git clone https://github.com/nginxinc/kubernetes-ingress/ git clone https://github.com/nginxinc/kubernetes-ingress/
 cd kubernetes-ingress/deployments cd kubernetes-ingress/deployments
 git checkout v${VERSION} git checkout v${VERSION}
 +chown -R ${USER}:${USER} ${FILE}
  
 echo "" echo ""
Line 1277: Line 1296:
 echo "" echo ""
  
-kubectl apply -f common/ns-and-sa.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/common/ns-and-sa.yaml"
  
 echo "" echo ""
Line 1283: Line 1302:
 echo "" echo ""
  
-kubectl apply -f rbac/rbac.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/rbac/rbac.yaml"
  
 echo "" echo ""
Line 1289: Line 1308:
 echo "" echo ""
  
-kubectl apply -f common/default-server-secret.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/common/default-server-secret.yaml"
  
 echo "" echo ""
Line 1295: Line 1314:
 echo "" echo ""
  
-kubectl apply -f common/nginx-config.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/common/nginx-config.yaml"
  
 echo "" echo ""
Line 1301: Line 1320:
 echo "" echo ""
  
-kubectl apply -f common/custom-resource-definitions.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/common/custom-resource-definitions.yaml"
  
 echo "" echo ""
Line 1308: Line 1327:
  
 #kubectl apply -f deployment/nginx-ingress.yaml #kubectl apply -f deployment/nginx-ingress.yaml
-kubectl apply -f daemon-set/nginx-ingress.yaml+su - kubernetes -c "kubectl apply -f ~/kubernetes-ingress/deployments/daemon-set/nginx-ingress.yaml"
  
 echo "" echo ""
 echo "Ingress Controller has been installed." echo "Ingress Controller has been installed."
 +echo ""
 +echo "Status - please press \"ctrl + c\" when all pods are running"
 echo "" echo ""
  
-kubectl get pods -A -o wide+watch kubectl get pods -A -o wide
 </code> </code>
  
Line 1438: Line 1459:
 ====Alias====  ====Alias==== 
  
-  echo "alias kg='kubectl get'" >> /etc/bash.bashrc+<code> 
 +cat >> /etc/bash.bashrc <<EOF 
 +#A41 
 +alias ..='cd ../.' 
 +alias ...='cd ../../.' 
 +alias kc='kubectl' 
 +EOF 
 +</code> 
 + 
 +Activate: 
 + 
 +  source /etc/bash.bashrc
  
  
Line 1472: Line 1504:
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.1+#version: 1.2
  
 echo "You´re running version:" echo "You´re running version:"
Line 1481: Line 1513:
  
 apt-get update apt-get update
-apt-cache policy kubeadm+apt-cache policy kubeadm  | head -n 30
  
 echo "" echo ""
Line 1588: Line 1620:
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.1+#version: 1.3
  
 echo "You´re running version:" echo "You´re running version:"
 echo "" echo ""
-su - kubernetes -c "kubectl version"+kubectl version 2> /dev/null
 echo "" echo ""
 read -s -n 1 -p "Press any key to continue . . ." read -s -n 1 -p "Press any key to continue . . ."
 #su - kubernetes -c "read -s -n 1 -p \"Press any key to continue . . .\"" #su - kubernetes -c "read -s -n 1 -p \"Press any key to continue . . .\""
 apt-get update apt-get update
-apt-cache policy kubeadm+apt-cache policy kubeadm | head -n 30
  
 echo "" echo ""
Line 1665: Line 1697:
  
 #author:  Thomas Roehm #author:  Thomas Roehm
-#version: 1.1+#version: 1.2
  
 HOME="/home/kubernetes" HOME="/home/kubernetes"
Line 1671: Line 1703:
 sudo kubeadm reset -f sudo kubeadm reset -f
 iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
-rm -r ${HOME}/.kube+rm -r ${HOME}/.kube 2> /dev/null
 </code> </code>
 ====helm==== ====helm====
docker/kubernetes.txt · Last modified: 2022/10/03 15:49 by tmade
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki