This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
docker:kubernetes [2020/05/25 11:44] – [Master] tmade | docker:kubernetes [2021/01/08 02:38] – [helm] tmade | ||
---|---|---|---|
Line 3: | Line 3: | ||
====Install==== | ====Install==== | ||
- | Install repositories, | + | Install repositories, |
- | <code sh install-packages.sh> | + | <code sh install-k8s-packages.sh> |
#!/bin/bash | #!/bin/bash | ||
+ | |||
+ | # | ||
+ | #version: 1.5 | ||
- | # | + | RELEASE=$(lsb_release -cs) |
- | #version: 1.2 | + | |
+ | echo " | ||
+ | |||
+ | apt-get install \ | ||
+ | apt-transport-https \ | ||
+ | ca-certificates \ | ||
+ | curl \ | ||
+ | gnupg-agent \ | ||
+ | software-properties-common | ||
echo "" | echo "" | ||
Line 16: | Line 27: | ||
DOCKERINSTALL=$(echo $?) | DOCKERINSTALL=$(echo $?) | ||
echo "" | echo "" | ||
+ | |||
if [ ${DOCKERINSTALL} -eq " | if [ ${DOCKERINSTALL} -eq " | ||
then | then | ||
Line 24: | Line 35: | ||
curl -sSL https:// | curl -sSL https:// | ||
fi | fi | ||
+ | |||
echo "" | echo "" | ||
echo "check k8s installation:" | echo "check k8s installation:" | ||
Line 30: | Line 41: | ||
KUBEINSTALL=$(echo $?) | KUBEINSTALL=$(echo $?) | ||
echo "" | echo "" | ||
+ | |||
if [ ${KUBEINSTALL} -eq " | if [ ${KUBEINSTALL} -eq " | ||
then | then | ||
Line 37: | Line 48: | ||
echo " | echo " | ||
curl -s https:// | curl -s https:// | ||
- | | + | echo "deb http:// |
+ | #echo "deb http:// | ||
fi | fi | ||
+ | |||
echo "" | echo "" | ||
echo "Setup cgroupdriver as systemd" | echo "Setup cgroupdriver as systemd" | ||
echo "" | echo "" | ||
+ | |||
cat > / | cat > / | ||
{ | { | ||
Line 54: | Line 66: | ||
} | } | ||
EOF | EOF | ||
+ | |||
# Restart docker. | # Restart docker. | ||
+ | |||
mkdir -p / | mkdir -p / | ||
systemctl daemon-reload | systemctl daemon-reload | ||
systemctl restart docker | systemctl restart docker | ||
+ | |||
apt-get update | apt-get update | ||
- | apt-mark unhold kubernetes-cni kubeadm kubelet kubectl docker-ce | + | apt-mark unhold kubernetes-cni kubeadm kubelet kubectl docker-ce |
echo "" | echo "" | ||
echo "Up- or downgrade docker and k8s packages" | echo "Up- or downgrade docker and k8s packages" | ||
echo "" | echo "" | ||
+ | |||
apt-cache policy docker-ce | apt-cache policy docker-ce | ||
echo "" | echo "" | ||
Line 72: | Line 84: | ||
echo " | echo " | ||
echo "" | echo "" | ||
- | apt-get install -y docker-ce=${DVERSION} --allow-downgrades | + | apt-get install -y docker-ce=${DVERSION} docker-ce-cli=${DVERSION} --allow-downgrades |
echo "" | echo "" | ||
apt-cache policy kubeadm | apt-cache policy kubeadm | ||
Line 81: | Line 93: | ||
apt-get install -y kubeadm=${VERSION} kubelet=${VERSION} kubectl=${VERSION} --allow-downgrades | apt-get install -y kubeadm=${VERSION} kubelet=${VERSION} kubectl=${VERSION} --allow-downgrades | ||
echo "" | echo "" | ||
- | apt-mark hold kubelet kubeadm kubectl docker-ce | + | apt-mark hold kubelet kubeadm kubectl docker-ce |
echo "" | echo "" | ||
echo "k8s packages are installed!" | echo "k8s packages are installed!" | ||
Line 87: | Line 99: | ||
</ | </ | ||
- | See also on https:// | + | Check also on https:// |
Line 161: | Line 173: | ||
====Master==== | ====Master==== | ||
- | ===Manually=== | + | ===Manually |
Run **only on master**: | Run **only on master**: | ||
Line 167: | Line 179: | ||
kubeadm config images pull #pulling images before setup k8s | kubeadm config images pull #pulling images before setup k8s | ||
kubeadm init --apiserver-advertise-address=192.168.10.5 --pod-network-cidr=192.168.0.0/ | kubeadm init --apiserver-advertise-address=192.168.10.5 --pod-network-cidr=192.168.0.0/ | ||
- | kubeadm init --pod-network-cidr=192.168.0.0/ | + | kubeadm init --pod-network-cidr=192.168.0.0/ |
| | ||
**Hint: If you are running your system behind a proxy, you have to make an proxy-exclude ("/ | **Hint: If you are running your system behind a proxy, you have to make an proxy-exclude ("/ | ||
Line 178: | Line 190: | ||
echo " | echo " | ||
su - kubernetes | su - kubernetes | ||
- | #rm -r $HOME/.kube | ||
mkdir -p $HOME/.kube | mkdir -p $HOME/.kube | ||
sudo cp -i / | sudo cp -i / | ||
Line 191: | Line 202: | ||
===Setup-Script=== | ===Setup-Script=== | ||
- | Setup k8s - packages have to be installed previously! | + | Setup k8s - packages |
Check out https:// | Check out https:// | ||
+ | |||
+ | Additionally the k8s-user has to exist with sudo rights (e. g. " | ||
Download calico.yaml and dashboard.yaml and create required folderstructure (check variables). | Download calico.yaml and dashboard.yaml and create required folderstructure (check variables). | ||
Line 202: | Line 215: | ||
#!/bin/bash | #!/bin/bash | ||
- | # | + | # |
- | #version: 1.4 | + | #version: 1.5 |
USER=" | USER=" | ||
Line 214: | Line 227: | ||
DASBOARD="/ | DASBOARD="/ | ||
# filename such as " | # filename such as " | ||
- | DASHVERS=" | + | DASHVERS=" |
PODNETWORKADDON=" | PODNETWORKADDON=" | ||
Line 220: | Line 233: | ||
echo "Setup -------------k8s--------------" | echo "Setup -------------k8s--------------" | ||
echo "" | echo "" | ||
- | su - kubernetes -c " | + | su - kubernetes -c " |
echo "" | echo "" | ||
su - kubernetes -c "read -s -n 1 -p \" | su - kubernetes -c "read -s -n 1 -p \" | ||
Line 284: | Line 297: | ||
echo "" | echo "" | ||
- | read -p "Do you want to schedule pods on your master? Please enter \" | + | while [ -z $SCHEDULE ] ; |
+ | do | ||
+ | | ||
+ | echo " | ||
+ | done | ||
+ | |||
+ | echo "" | ||
echo " | echo " | ||
echo "" | echo "" | ||
+ | |||
if [ $SCHEDULE = y ] | if [ $SCHEDULE = y ] | ||
then | then | ||
Line 352: | Line 372: | ||
#!/bin/bash | #!/bin/bash | ||
- | # | + | # |
#version: 1.1 | #version: 1.1 | ||
Line 384: | Line 404: | ||
#!/bin/bash | #!/bin/bash | ||
- | # | + | # |
#version: 1.2 | #version: 1.2 | ||
Line 442: | Line 462: | ||
#!/bin/bash | #!/bin/bash | ||
- | # | + | # |
- | #version: 1.2 | + | #version: 1.3 |
- | DASHBOARDURLVERSION=" | + | DASHBOARDURLVERSION=" |
FILE=" | FILE=" | ||
URL=" | URL=" | ||
Line 698: | Line 718: | ||
#/bin/bash | #/bin/bash | ||
- | echo " | + | #author: tmade |
+ | #version: 1.5 | ||
- | # | + | echo "" |
- | #version: 1.3 | + | echo " |
C=" | C=" | ||
ST=" | ST=" | ||
L=" | L=" | ||
- | O="tmade" | + | O="MyCompany" |
- | OU="Cluster" | + | OU="MyDepartment" |
- | CN="tmade" | + | CN="MyHostname" |
MAIL=" | MAIL=" | ||
CERT=" | CERT=" | ||
Line 725: | Line 746: | ||
fi | fi | ||
- | openssl req -out kubecfg-${CN}.csr -new -newkey rsa:4096 -nodes -keyout kubecfg-${CN}.key -subj "/\C=${C}/ | + | read -p " |
+ | echo "" | ||
+ | echo "Your password set to: \" | ||
+ | echo "" | ||
+ | |||
+ | dd if=/ | ||
+ | openssl req -out kubecfg-${CN}.csr -new -newkey rsa:4096 -nodes -keyout kubecfg-${CN}.key -subj "/ | ||
sudo openssl x509 -req -in kubecfg-${CN}.csr -CA / | sudo openssl x509 -req -in kubecfg-${CN}.csr -CA / | ||
- | openssl pkcs12 -export -clcerts -inkey kubecfg-${CN}.key -in kubecfg-${CN}.crt -out kubecfg-${CN}.p12 -name " | + | openssl pkcs12 -export -clcerts -inkey kubecfg-${CN}.key -in kubecfg-${CN}.crt -out kubecfg-${CN}.p12 -name " |
echo "" | echo "" | ||
Line 770: | Line 797: | ||
namespace: kube-system | namespace: kube-system | ||
EOF | EOF | ||
+ | |||
+ | echo "" | ||
+ | echo "get the bearer token by running:" | ||
+ | echo "" | ||
+ | echo " | ||
+ | echo "" | ||
</ | </ | ||
- | ====Minicube - Pods on Master==== | + | ====Running |
Remove the taints on the master so that you can schedule pods on it (doesn´t work on default): | Remove the taints on the master so that you can schedule pods on it (doesn´t work on default): | ||
Line 867: | Line 900: | ||
kubectl get serviceaccounts myuser -o yaml | kubectl get serviceaccounts myuser -o yaml | ||
kubectl get secret | grep myuser | kubectl get secret | grep myuser | ||
- | kubectl get secret myuser-token-1yvwg -o yaml #the exact name from " | + | kubectl get secret myuser-token-1yvwg -o yaml #the exact name of " |
kubectl delete serviceaccount -n kube-system kubernetes-dashboard | kubectl delete serviceaccount -n kube-system kubernetes-dashboard | ||
Line 956: | Line 989: | ||
</ | </ | ||
- | ====Reset Cluster ==== | + | ====Reset Cluster |
- | If you wanna **reset the whole cluster** to the state after a fresh install, just run this on each node: | + | |
- | + | ||
- | sudo kubeadm reset -f | + | |
iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X | iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X | ||
- | Delete: | + | Delete |
kubectl drain < | kubectl drain < | ||
kubectl delete node < | kubectl delete node < | ||
+ | |||
+ | ====Reset k8s==== | ||
+ | |||
+ | If you wanna **reset the whole cluster** to the state after a fresh install, just run this on each node: | ||
+ | |||
+ | <code sh reset-k8s.sh> | ||
+ | #!/bin/bash | ||
+ | |||
+ | # | ||
+ | #version: 1.2 | ||
+ | |||
+ | HOME="/ | ||
+ | |||
+ | sudo kubeadm reset -f | ||
+ | iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X | ||
+ | rm -r ${HOME}/ | ||
+ | </ | ||
====Single-Node-Cluster==== | ====Single-Node-Cluster==== | ||
Line 1250: | Line 1298: | ||
=== Install nginx ingress-controller === | === Install nginx ingress-controller === | ||
+ | |||
+ | Check also on https:// | ||
<code sh install-nginx-ingress-controller.sh> | <code sh install-nginx-ingress-controller.sh> | ||
#!/bin/bash | #!/bin/bash | ||
- | # | + | # |
- | #version: 1.1 | + | #version: 1.3 |
VERSION=" | VERSION=" | ||
- | HOME="/ | + | USER=" |
+ | HOME="/ | ||
FILE=" | FILE=" | ||
- | if [ -f $FILE ] | + | if [ -d ${FILE} ] |
then | then | ||
- | echo " | ||
- | else | ||
echo "" | echo "" | ||
echo " | echo " | ||
Line 1270: | Line 1319: | ||
mv ${FILE} ${FILE}.bak | mv ${FILE} ${FILE}.bak | ||
+ | else | ||
+ | echo "" | ||
+ | echo " | ||
+ | echo "" | ||
fi | fi | ||
+ | cd ${HOME} | ||
git clone https:// | git clone https:// | ||
cd kubernetes-ingress/ | cd kubernetes-ingress/ | ||
git checkout v${VERSION} | git checkout v${VERSION} | ||
+ | chown -R ${USER}: | ||
echo "" | echo "" | ||
Line 1280: | Line 1335: | ||
echo "" | echo "" | ||
- | kubectl apply -f common/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
Line 1286: | Line 1341: | ||
echo "" | echo "" | ||
- | kubectl apply -f rbac/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
Line 1292: | Line 1347: | ||
echo "" | echo "" | ||
- | kubectl apply -f common/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
Line 1298: | Line 1353: | ||
echo "" | echo "" | ||
- | kubectl apply -f common/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
Line 1304: | Line 1359: | ||
echo "" | echo "" | ||
- | kubectl apply -f common/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
Line 1311: | Line 1366: | ||
#kubectl apply -f deployment/ | #kubectl apply -f deployment/ | ||
- | kubectl apply -f daemon-set/ | + | su - ${USER} -c "kubectl apply -f ~/ |
echo "" | echo "" | ||
echo " | echo " | ||
+ | echo "" | ||
+ | echo " | ||
echo "" | echo "" | ||
- | kubectl get pods -A -o wide | + | watch kubectl get pods -A -o wide |
</ | </ | ||
Line 1381: | Line 1438: | ||
# servicePort: | # servicePort: | ||
+ | </ | ||
+ | |||
+ | Another example: | ||
+ | |||
+ | < | ||
+ | apiVersion: networking.k8s.io/ | ||
+ | kind: Ingress | ||
+ | metadata: | ||
+ | name: simple-fanout-example | ||
+ | annotations: | ||
+ | nginx.ingress.kubernetes.io/ | ||
+ | spec: | ||
+ | rules: | ||
+ | - host: foo.bar.com | ||
+ | http: | ||
+ | paths: | ||
+ | - path: /foo | ||
+ | backend: | ||
+ | serviceName: | ||
+ | servicePort: | ||
+ | - path: /bar | ||
+ | backend: | ||
+ | serviceName: | ||
+ | servicePort: | ||
</ | </ | ||
Line 1428: | Line 1509: | ||
kubectl delete -f file.yaml | kubectl delete -f file.yaml | ||
kubectl autoscale deployment foo --min=2 --max=10 | kubectl autoscale deployment foo --min=2 --max=10 | ||
+ | kubectl cp file-name pod-name: | ||
Logging: | Logging: | ||
Line 1433: | Line 1515: | ||
kubectl get events | kubectl get events | ||
kubectl get events -n default | kubectl get events -n default | ||
+ | kubectl get events -w --all-namespaces | ||
kubectl delete events --all | kubectl delete events --all | ||
kubectl logs -n kube-system -p calico-node-xxxxx -c calico-node | kubectl logs -n kube-system -p calico-node-xxxxx -c calico-node | ||
Line 1441: | Line 1524: | ||
====Alias==== | ====Alias==== | ||
- | echo "alias kg=' | + | < |
+ | cat >> / | ||
+ | #personal | ||
+ | alias ..='cd ../ | ||
+ | alias ...=' | ||
+ | alias kc=' | ||
+ | EOF | ||
+ | </code> | ||
+ | |||
+ | Activate: | ||
+ | |||
+ | source | ||
Line 1475: | Line 1569: | ||
# | # | ||
- | #version: 1.1 | + | #version: 1.2 |
echo " | echo " | ||
Line 1484: | Line 1578: | ||
apt-get update | apt-get update | ||
- | apt-cache policy kubeadm | + | apt-cache policy kubeadm |
echo "" | echo "" | ||
Line 1591: | Line 1685: | ||
# | # | ||
- | #version: 1.1 | + | #version: 1.3 |
echo " | echo " | ||
echo "" | echo "" | ||
- | su - kubernetes -c "kubectl version" | + | kubectl version |
echo "" | echo "" | ||
read -s -n 1 -p "Press any key to continue . . ." | read -s -n 1 -p "Press any key to continue . . ." | ||
#su - kubernetes -c "read -s -n 1 -p \" | #su - kubernetes -c "read -s -n 1 -p \" | ||
apt-get update | apt-get update | ||
- | apt-cache policy kubeadm | + | apt-cache policy kubeadm |
echo "" | echo "" | ||
Line 1628: | Line 1722: | ||
# | # | ||
- | #version: 1.2 | + | #version: 1.3 |
echo "" | echo "" | ||
Line 1634: | Line 1728: | ||
echo "" | echo "" | ||
- | VERSION=" | + | VERSION=" |
HOME="/ | HOME="/ | ||
FILE=" | FILE=" | ||
Line 1648: | Line 1742: | ||
echo "" | echo "" | ||
sleep 3 | sleep 3 | ||
+ | su - kubernetes -c "cat <<EOF | kubectl create -f - | ||
+ | apiVersion: storage.k8s.io/ | ||
+ | kind: StorageClass | ||
+ | metadata: | ||
+ | name: trident-ontap-gold | ||
+ | provisioner: | ||
+ | parameters: | ||
+ | backendType: | ||
+ | #media: " | ||
+ | provisioningType: | ||
+ | allowVolumeExpansion: | ||
+ | reclaimPolicy: | ||
+ | EOF" | ||
su - kubernetes -c "wget https:// | su - kubernetes -c "wget https:// | ||
su - kubernetes -c "mv ~/ | su - kubernetes -c "mv ~/ | ||
Line 1662: | Line 1769: | ||
- | ====Reset k8s==== | ||
- | <code sh reset-k8s.sh> | + | ====helm==== |
- | #!/bin/bash | + | |
- | # | ||
- | #version: 1.1 | ||
- | HOME="/home/kubernetes" | + | https://helm.sh/ |
- | sudo kubeadm reset -f | + | Download and install: |
- | iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X | + | |
- | rm -r ${HOME}/ | + | |
- | </ | + | |
- | ====helm==== | + | |
+ | <code sh helm.sh> | ||
+ | #!/bin/bash | ||
- | https:// | + | # https://github.com/helm/ |
+ | |||
+ | wget https:// | ||
+ | tar -xzf helm-v3.4.2-linux-amd64.tar.gz | ||
+ | cp linux-amd64/helm / | ||
+ | rm -r helm-v3.4.2-linux-amd64.tar.gz linux-amd64/ | ||
+ | </code> | ||