Installazione KuberMatti: differenze tra le versioni

Da GazziNet.
Vai alla navigazione Vai alla ricerca
Nessun oggetto della modifica
Nessun oggetto della modifica
 
(13 versioni intermedie di uno stesso utente non sono mostrate)
Riga 14: Riga 14:
  systemctl disable firewalld
  systemctl disable firewalld
  systemctl stop firewalld
  systemctl stop firewalld
reboot
# Set SELinux in permissive mode (effectively disabling it)
  sudo setenforce 0
  sudo setenforce 0
  sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
  sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
  yum install net-tools -y;
  yum install net-tools -y;
  yum install curl -y;
  yum install curl -y;
  yum install wget -y;
  yum install wget -y;
dnf install -y iproute-tc;
  sudo yum install -y yum-utils;
  sudo yum install -y yum-utils;
reboot
  sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo;
  sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo;
  sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin;
  sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin;
Riga 31: Riga 30:
  sudo docker run hello-world;
  sudo docker run hello-world;


Nel file: /etc/containerd/config.toml mettere:
Mettere a posto il file hosts con la risoluzione dei nodi es.:
 
172.16.1.200 kuber01 kuber01.gazzi.net
172.16.1.201 kuber02 kuber02.gazzi.net
 
abilitare:  
 
[root@kuber02 containerd]# pwd
/etc/containerd
[root@kuber02 containerd]# ls
config.toml
 
 
enabled_plugins = ["cri"]
 


enabled_plugins = ["cri"]
[plugins."io.containerd.grpc.v1.cri".containerd]
  endpoint = "unix:///var/run/containerd/containerd.sock"


FATE SNAP!!
FATE SNAP!!
Riga 56: Riga 66:
  sudo systemctl enable --now kubelet
  sudo systemctl enable --now kubelet
   
   
sudo modprobe overlay
sudo modprobe br_netfilter
sudo sysctl --system
  sudo reboot
  sudo reboot


  kubectl edit configmap -n kube-system kube-proxy
ATTENZIONE SOLO SUL NODO PRINCIPALE:
 
kubeadm init (attenzione mettete l'opzione dell'ip)
 
 
 
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
 
 
--ngix--provate--
 
 
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.5/config/manifests/metallb-native.yaml 
 
  kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
 
Crea un file metallb-config.yaml
 
  apiVersion: metallb.io/v1beta1
  kind: IPAddressPool
  metadata:
    name: first-pool
    namespace: metallb-system
  spec:
    addresses:
    - 172.16.1.150-172.16.1.160
 
 
 
kubectl apply -f metallb-config.yaml
 
Crea un file YAML per il deployment di Nginx, chiamato nginx-deployment.yaml:
 
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80
 
kubectl apply -f nginx-deployment.yaml
 
 
Crea un file YAML per il servizio, chiamato nginx-service.yaml:
 
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: LoadBalancer
  loadBalancerIP: 172.16.1.150  # IP statico desiderato
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80
 
 
kubectl apply -f nginx-service.yaml
 
 
--- aGGIUNGERE ALTRO NODO:
 
da /root/.kube
 
scp config root@172.16.1.201:$PWD
 
 
guardare: https://www.youtube.com/watch?v=zNbqxPRTjFg


# see what changes would be made, returns nonzero returncode if different
https://goteleport.com/blog/troubleshooting-kubernetes-networking/
kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl diff -f - -n kube-system


# actually apply the changes, returns nonzero returncode on errors only
https://kube-vip.io/docs/troubleshooting/arp/
kubectl get configmap kube-proxy -n kube-system -o yaml | \
sed -e "s/strictARP: false/strictARP: true/" | \
kubectl apply -f - -n kube-system

Versione attuale delle 22:44, 17 mag 2024

Prereq: Iso Oracle linux 8.9 - 4VCPU 8Gbyte di RAM - 32Gbyte disco

Tutto in inglese solo tastiera e Timezone

Software selection: Minimal Install

Partizione: ol-root 30GiB - /boot 1024Mbyte

Settare in installazione IP e Hostname.

Settare Root Password

yum update -y;
systemctl disable firewalld
systemctl stop firewalld
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install net-tools -y;
yum install curl -y;
yum install wget -y;
dnf install -y iproute-tc;
sudo yum install -y yum-utils;
reboot


sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo;
sudo yum install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin;
sudo systemctl start docker;
sudo systemctl enable docker;
sudo docker run hello-world;

Mettere a posto il file hosts con la risoluzione dei nodi es.:

172.16.1.200 kuber01 kuber01.gazzi.net
172.16.1.201 kuber02 kuber02.gazzi.net

abilitare:

[root@kuber02 containerd]# pwd /etc/containerd [root@kuber02 containerd]# ls config.toml


enabled_plugins = ["cri"]


FATE SNAP!!

reboot


# This overwrites any existing configuration in /etc/yum.repos.d/kubernetes.repo
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet

sudo modprobe overlay
sudo modprobe br_netfilter


sudo sysctl --system

sudo reboot

ATTENZIONE SOLO SUL NODO PRINCIPALE:

kubeadm init (attenzione mettete l'opzione dell'ip)


kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml


--ngix--provate--


kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.5/config/manifests/metallb-native.yaml  
kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"

Crea un file metallb-config.yaml

 apiVersion: metallb.io/v1beta1
 kind: IPAddressPool
 metadata:
   name: first-pool
   namespace: metallb-system
 spec:
   addresses:
   - 172.16.1.150-172.16.1.160


kubectl apply -f metallb-config.yaml
Crea un file YAML per il deployment di Nginx, chiamato nginx-deployment.yaml:
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-deployment
spec:
  replicas: 3
  selector:
    matchLabels:
      app: nginx
  template:
    metadata:
      labels:
        app: nginx
    spec:
      containers:
      - name: nginx
        image: nginx:latest
        ports:
        - containerPort: 80
kubectl apply -f nginx-deployment.yaml


Crea un file YAML per il servizio, chiamato nginx-service.yaml:
apiVersion: v1
kind: Service
metadata:
  name: nginx-service
spec:
  type: LoadBalancer
  loadBalancerIP: 172.16.1.150  # IP statico desiderato
  selector:
    app: nginx
  ports:
    - protocol: TCP
      port: 80
      targetPort: 80 


kubectl apply -f nginx-service.yaml


--- aGGIUNGERE ALTRO NODO:

da /root/.kube

scp config root@172.16.1.201:$PWD


guardare: https://www.youtube.com/watch?v=zNbqxPRTjFg

https://goteleport.com/blog/troubleshooting-kubernetes-networking/

https://kube-vip.io/docs/troubleshooting/arp/