seem to work ). The Kubernetes cluster depends on two third-party components: etcd and docker. The former provides status storage, and the two are used to manage containers. Clusters can also use distributed storage to provide storage space for containers. Displays the components of the current system:
Kubernetes proxy nodes Kubelet and Kube-proxy run on the pr
corresponding.Modify its configuration file/etc/sysconfig/flanneld content as follows:# Flanneld configuration options # ETCD URL location. Point the server where Etcd runsflannel_etcd_endpoints="https://10.10.90.105:2379,https://10.10.90.106:2379,https://10.10.90.107:2379"# ETCD config key. This is the configuration key, which flannel queries# for address range
KUBERNETES cluster to build the basic environmentSystem Environment # Cat/etc/redhat-releasecentos Linux release 7.3.1611 (Core)
Host name Settings Centos-master 192.168.59.135centos-minion1 192.168.59.132centos-minion2 192.168.59.133Restart server after SELinux and Firewalld are turned off# systemctl Stop firewalld# systemctl disable firewalld# setenforce 0# sed-i ' s/^selinux=.*/selinux=disableds/'/etc/seli Nux/configMaster Node Installation D
Kubernetes introduced Kubeadm from 1.3 to try to simplify its complex installation. But Kubeadm is still not stable, and I personally think Kubeadm instead of trouble, rather than directly with the script or other automated tools to install the neat. There are also alternatives to HA for KUBEADM configuration master, such as using highly available cluster software such as keepalived or Corosync. So in this document, I will still use the traditional wa
]DNS.1 = kubernetesDNS.2 = kubernetes.defaultDNS.3 = kubernetes.default.svcDNS.4 = kubernetes.default.svc.cluster.localDNS.5 = kubernets-node1.example.comIP.1 = 169.169.0.1IP.2 = 192.168.142.161Generates SERVER.CSR and SERVER.CRT based on MASTER_SSL.CNF.when generating SERVER.CSR, the name specified/cn in the-SUBJ parameter needs to be the host name where Master resides .openssl req -new -key server.key -subj "/CN=kubernets-node1.example.com" -config /etc/ku
Before installation, the three CENTOS7 servers are banned from the firewall, and the mirror that needs to be started 2 node machines must be kept consistent, otherwise the pod will not start1 has three CENTOS7 servers: 10.1.1.170 (Master), 10.1.1.169 node1,10.1.1.171 Node22 Install NTP service on three machines to ensure all time can be synchronized#yum-y Install NTP#systemctl Start NTPD#systemctl Enable NTPD3 Installing Kubernetes Master on 10.1.1.17
hypernetes:bringing Security and Multi-tenancy to KubernetesApplication ArchitectureMicroserviceHere's a Chinese blog about what to select Open Source tools for building a micorservice.Https://mp.weixin.qq.com/s/bsuveX-E6E2fKZ24mj03nQServcie MeshLinkerdEnvoyIstioTrainingKnowledgekubernetsDocumentKubernetes Handbook (Chinese Version)ETCDFor more information, please see ETCD Document.ContainterDockerFor Moe information, please see https://docs.docker.c
Deploy Kubernetes in Docker
Kubernetes is an open-source container management framework of Google. It provides a series of functions such as host, cluster management, container deployment, high availability, and auto scaling of Docker containers; kubernetes's design goals include putting the container cluster in the desired state at any time. Therefore, a complete cluster management mechanism is established
1. Single ETCD node (for test development)Before I have been developing a test that has been used for a ETCD node, then the Start command has been directly hitting a ETCD (I have added the bin directory of the ETCD installation directory to the PATH environment variable), and then the boot information shows
First, prerequisites1, first you will have ready-made kubernetes cluster, if you have nothing now, please refer to:http://zlyang.blog.51cto.com/1196234/19510102, the proposed use ETCD cluster, the construction process please refer to:http://zlyang.blog.51cto.com/1196234/1951164Ii. Deployment of Kubernetes-dashboard[All machines: Master, Node1, Node2]1, install fl
, but each label key can only correspond to one value;The entire system is associated with a label to get the target that really needs to be manipulated.5. ProxyProxy not only solves the same host service port conflict problem, also provides service forwarding service port to provide services, the proxy backend using a random, round-robin load balancing algorithm.Third, kubernetes related componentsKubernetes mainly include: Kubectl, Kube-apiserver, K
service designed by the CoreOS team for kubernetes, which simply means that the Docker container created by the different node hosts in the cluster has a unique virtual IP address for the complete cluster. It also creates an overlay network between these IP addresses, which, through this overlay network, passes the packets intact to the target container (Overlay).Here is a schematic diagram of its network:As you can see, flannel first creates a bridg
Preface
The previous article talked about some common cluster operations in ETCD, which mainly covered some common problems that might be encountered, after all, the God (Operational dimension) perspective always sees the problem and then recovers.
For a cluster, it is common to process crashes, physical machine downtime, data migration backups, capacity reduction, and so on. The rest of the operation is nothing more than some common problem-handling
This blog from my space reproduced over, http://user.qzone.qq.com/29185807/blog/1458542207Code is GITHUB.COM/COREOS/GO-ETCD/ETCDNote: This version is the ETCD client used in k8s v1.1.1.First I look at how the next k8s is used. Location in K8s.io\kubernetes\cmd\kube-apiserver\app\server.goCode directory, from this point of view, the code is very clearSo we're goin
This is a creation in
Article, where the information may have evolved or changed.
"Editor's note" This article compares three service discovery tools for zookeeper, ETCD, and Consul, and explores the best solution for service discovery, for informational purposes only.
If you use a predefined port, the more services you have, the greater the likelihood of a conflict, after all, it is impossible to have two services listening on the same port. Managin
information consistency and other information, CPU and memory resources such as monitoring we use cadvisor and our internal monitoring system to achieve.
Auto scale, we did not use the automatic expansion mechanism of the Kubernetes itself, but developed it separately, mainly to support a more flexible scaling strategy.
Configuration Layer (ETCD)The configuration information required by the applic
dashboard is "naked", there is no security to say:-Dashboard UI does not have access management mechanism, any access can take over the dashboard completely;-At the same time behind, dashboard accesses the apiserver through Insecure-port, without using the encryption mechanism.
Second, dashboard through the Kubeconfig file information access Apiserver
Let's start by establishing a secure communication mechanism between dashboard and apiserver.
The startup parameters for Kube-apiserver on the cu
Recently tried a little etcd to do the registration discovery of the service
"Etcd Service"
Download the binary file from Etcd's official website and allocate three machines to do the cluster
10.0.1.98 etcd-001
10.0.1.205 etcd-002
10.0.1.182 etcd-003
Then start the service
Yum-y Install ETCD Docker flannel kubenetesGeneral will encounter no k8s source problem, first Yum update-y see if it is effective, if still useless to create a Yum source, and then install KubenetesDo the following:Create a Yum sourcevi virt7-docker-common-release.repoAdd the following content:[virt7-docker-common-release]name=virt7-docker-common-releasebaseurl=http://cbs.centos.org/repos/virt7-docker-common-release/x86_64/os/gpgcheck=0Installation
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.