Giter Site home page Giter Site logo

k8s_lab's Introduction


Logo

Kubernetes Stack Config (Single Node Master)

Stack

  • Docker
  • K8S
  • Dashboard
  • Grafana
  • Prometheus

S.O

  • CentOS 7.0 x64

Installation Dependences

sudo yum clean all
sudo yum update -y
sudo yum groupinstall 'Development Tools'
sudo yum install wget
sudo yum install bash-completion bash-completion-extras

Desabilitando SELINUX & Firewall

sudo setenforce 0
sudo sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
sudo systemctl stop firewalld
sudo systemctl disable firewalld

Desabilitando SWAP

sudo swapoff -a
vim /etc/fstab
  • Devemos comentar(#) a seguinte linha para não habilitar mais o swap
  • #/dev/mapper/centos-swap swap swap defaults 0 0

Configuração de módulos de kernel

sudo vim /etc/modules-load.d/k8s.conf

-Acrescentar as seguintes linhas de modulos:

  • br_netfilter
  • ip_vs
  • ip_vs_rr
  • ip_vs_sh
  • ip_vs_wrr
  • nf_conntrack_ipv4

Installation Docker & Kubernetes

curl -fsSL https://get.docker.com | bash
sudo systemctl enable docker
sudo systemctl start docker
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo groupadd docker
sudo usermod -aG docker $USER
  • Criar arquivo para o repositorio do CentOS para adicionar o repo do K8S
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
  • Salvar o Conteúdo acima em :
vim /etc/yum.repos.d/kubernetes.repo
  • Instalando K8S
sudo yum install -y kubelet kubeadm kubectl
sudo systemctl enable kubelet && sudo systemctl start kubelet

-Configurar alguns parâmetros de kernel no sysctl

Em vim /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

Configuração Cgroup

sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
  • Iniciando K8S
sudo sysctl --system
sudo systemctl daemon-reload
sudo systemctl restart kubelet
  • Iniciando o Master Node
kubeadm init --apiserver-advertise-address $(hostname -i)
  • Terminando Configuração dando permissão ao usuario
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
  • Instalando Pod Network
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
kubectl get pods -n kube-system

Dashboard K8S

Criando SSL assinado com Let's Encrypt

sudo yum install epel-release
sudo yum install certbot
certbot certonly --standalone -d meudominio.com --staple-ocsp -m [email protected] --agree-tos

Certificando DashBoard Kubernetes

  • Necessário criar o diretorio /certs e dentro da pasta copiar os certificados com extensão .crt e .key
kubectl create namespace kubernetes-dashboard
kubectl create secret generic kubernetes-dashboard-certs --from-file=/certs -n kubernetes-dashboard
  • Implantação do DASHBOARD K8S
  • Necessário fazer a seguinte alteração no YAML recomended do DashBoard
  • Substituir --auto-generate-certificate e colocar as seguintes linhas em seu lugar:
  - --tls-cert-file=dashboard.crt
  - --tls-key-file=dashboard.key

-Atenção não executar diretamente esse YAML, pois a certificação não irá funcionar sem a substituição acima, causando problemas no deploy do POD

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml
  • Definindo do IP Externo para o serviço dashboard
kubectl patch svc -n kubernetes-dashboard kubernetes-dashboard -p '{"spec":{"externalIPs":["x.x.x.x"]}}'
  • Criar usuário e dar permissão para o token gerenciar o DASHBOARD
cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
EOF
cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
EOF
  • Adquirir o token
kubectl describe secret admin-user-token-lsjgt -n kubernetes-dashboard

Configuração Extra

  • Permitir com o Master Node instale YAMLS nele.
kubectl taint nodes --all node-role.kubernetes.io/master-

Instando Helm 3.0

tar -zxvf helm-v3.0.0-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm

Instalando GRAFANA

helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
helm install grafana grafana/grafana --namespace=monitoring
kubectl patch svc grafana-svc -n monitoring  -p '{"spec":{"externalIPs":["x.x.x.x"]}}'

Instalando PROMETHEUS

helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm install my-prom-release bitnami/prometheus-operator
kubectl patch svc prometheus-svc -n monitoring  -p '{"spec":{"externalIPs":["x.x.x.x"]}}'

Enable kubectl autocompletion (run shell with sudo su)

echo 'source <(kubectl completion bash)' >>~/.bashrc
kubectl completion bash >/etc/bash_completion.d/kubectl

k8s_lab's People

Contributors

hazkall avatar edwinbustillos avatar

Stargazers

Roman avatar avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.