Kubernetes (k8s) cluster deployment (K8S Enterprise Docker container Cluster Management) series Deployment Master/node node components (iv)

Source: Internet
Author: User
Tags csr certificate node server k8s

0. Preface

Overall architecture directory: ASP. NET core distributed project-Directory

k8s Schema Catalog: Kubernetes (K8S) cluster deployment (K8S Enterprise Docker container cluster Management) series catalog

1. Deploy Master Components

The components of the master server are: Kube-apiserver, Kube-controller-manager, Kube-scheduler

So you need to download k8s master,:https://github.com/kubernetes/kubernetes/blob/master/changelog-1.9.md, of course you can download the later version.

We need to prepare these papers here.

Kubectl (administrative tool for running cluster commands): For specific reference: http://docs.kubernetes.org.cn/61.html Chinese documents.

kubeconfig.sh (used to generate the configuration files and certificates for node nodes), the k8s component of the master server

First step: Unpack the package unzip Master.zip

The inside of the Kube-apiserver, Kube-controller-manager, Kube-scheduler copied into the/opt/kubernetes/bin, and the bin folder below the file set to execute permissions, chmod +x/ops/kubernetes/bin/*

The second step: after the various components have been placed in the corresponding directory, into the folder I just extracted, the suffix. sh file is set to execute permissions because we are going to start the master component

chmod +x *.sh

Step Three:

Put the above-mentioned KUBECTL management tools into/ops/kubernetes/bin, as well as set executable permissions.

Then put the kubeconfig.sh in the previous article described in the/home/ssl directory, and then execute the following content, will generate the following files and certificates, mainly for the node component

Token.csv, Bootstrap.kubeconfig, Kube-proxy-key.pem, Kube-proxy.kubeconfig Kube-proxy.pem

Fourth step: Copy the generated token.csv file to/opt/kubernetes/cfg/because it needs to be used to run the Master component sh file. The fifth step: finally can run

./apiserver.sh 192.168.161.151 https://192.168.161.151:2379,https://192.168.161.152:2379,https://192.168.161.153:2379

./scheduler.sh 127.0.0.1

./controller-manager.sh 127.0.0.1

Then run to see the running state Ps-ef |grep kube, and you can see that all is running, so the master component is all running.

Run the following to view the health status of the cluster ETCD Kubectl get CS

2. Deploying node ComponentsThe first step: put the file created in SSL above

Bootstrap.kubeconfig,kube-proxy.kubeconfig

Copy to Node

Scp-r *kubeconfig [Email protected]:/opt/kubernetes/cfg
Scp-r *kubeconfig [Email protected]:/opt/kubernetes/cfg

Step Two: Locate the K8s file component required by the node server in the downloaded k8s and copy it to the server.

Then go to the folder and add the executable permission to the file with the suffix sh chmod +x *sh

Add Kubelet, Kube-proxy, and then copy the two files to/ops/kubernetes/bin

CP Kubelet kube-proxy/opt/kubernetes/bin/
chmod +x/opt/kubernetes/bin/*

Step three: Run kubelet.sh kube-proxy.sh (node Node2 also follow the same deployment)

./kubelet.sh 192.168.161.152 10.10.10.2


./proxy.sh 192.168.161.152

Fourth step: Run Kubelet and Kube-proxy

Found run error, OK, found no permissions

Solution: You need to create a role within the master node for the user User (Kubelet-bootstrap) within the requested users, Bootstrap.kubeconfig

Switch to master and execute the following command.

KUBECTL Create clusterrolebinding kubelet-bootstrap--clusterrole=system:node-bootstrapper--user=kubelet-bootstrap

Fifth step: Start Kubelet on the node server, you can view the CSR certificate on Master

After the certificate is generated, you need to allow the certificate

KUBECTL Certificate Approve certificate name (that is, the name value above)

Then you can see the status of the cluster.
KUBECTL Get node

At this point, the k8s cluster deployment is complete.

Next, we'll test the deployment WebUI.

See

3. Deploy WebUI

Three files required

DASHBOARD-RBAC.YAML:RBAC Permissions
Dashboard-deployment.yaml: Deploying Pods
Dashboard-service.yaml: Publishing Services

Execute separately:

Kubectl create-f Dashboard-rbac.yaml
Kubectl create-f Dashboard-deployment.yaml
Kubectl create-f Dashboard-service.yaml

After the execution, we look at the pod and discover that dashboard has been deployed successfully.

Now let's look at the port of the Publishing service

Big announcement into.

Github:fork Me

asp:787464275 Welcome Dabigatran AC
If you think this article is good or something, you can click on the "Recommend" button in the bottom right corner to support the spirit, because this support is the biggest motivation for me to continue to write and share!

Louieguo
Disclaimer: Original Blog Please keep the original link in the reprint or at the beginning of the article with my blog address, such as found errors, welcome criticism. Generally reproduced in my article, can not set up a reward function, if there are special needs please contact me!

Kubernetes (k8s) cluster deployment (K8S Enterprise Docker container Cluster Management) series Deployment Master/node node components (iv)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.