[Kubernetes] Kubernetes Initialize Lab k8s (Part 1)

2 minute read

بِسْمِ اللَّهِ الرَّحْمَنِ الرَّحِيم


Lab ini kita akan ngoprek Kubernetes. Saya disini menggunakan public cloud Azure untuk membangun node yang saya butuhkan untuk ngoprek lab ini.

berikut list node yang saya gunakan :

pod-master

  • Interface: eth0
  • IP Address: 10.0.0.4/24
  • Gateway: 10.0.0.1
  • DNS Resolver: 10.0.0.1

pod-worker

  • Interface: eth0
  • IP Address: 10.0.0.5/24
  • Gateway: 10.0.0.1
  • DNS Resolver: 10.0.0.1

pod-storage

  • Interface: eth0
  • IP Address: 10.0.0.6/24
  • Gateway: 10.0.0.1
  • DNS Resolver: 10.0.0.1

Kubernetes Clustring Provisioning

Eksekusi di semua pod

Upgrade paket, instal docker dan k8s Versi (v1.15.4)

sudo apt update; sudo apt upgrade -y; sudo apt autoremove -y
sudo apt install -y docker.io; sudo docker version

Instal kubectl, kubelet & kubeadm

sudo apt install -y apt-transport-https; curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
nano kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main

Copy kubernetes.list ke repo list

sudo mv kubernetes.list /etc/apt/sources.list.d/kubernetes.list
sudo apt update; sudo apt install -y kubectl=1.15.4-00 kubelet=1.15.4-00 kubeadm=1.15.4-00
sudo apt-mark hold kubelet kubeadm kubectl

Cek versi

[email protected]:~# kubeadm version
kubeadm version: &version.Info{Major:"1", Minor:"15", GitVersion
:"v1.15.4", GitCommit:"67d2fcf276fcd9cf743ad4be9a9ef5828adc082f", GitTreeState:"clean", BuildDate:"2019-09-18T14:48:18Z", GoVersion:"go1.12.9", Compiler:"gc", Platform:"linux/amd64"}

Eksekusi di pod master

Inisialisasi Master (verifikasi dan matikan swap lebih dulu)

swapon -s
sudo swapoff -a
sudo kubeadm init --pod-network-cidr=10.244.3.0/16
Membuat secret sebelum itu kita harus menyalakan docker swarm

Salin konfigurasi admin kubernetes

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Instal POD Network Flannel

wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

kubectl apply -f kube-flannel.yml
kubectl get pods --all-namespaces --watch
[email protected] :~# kubectl get pods --all-namespaces --watch
NAMESPACE     NAME                                 READY   STATUS    RESTARTS   AGE
kube-system   coredns-5c98db65d4-ncfbn             1/1     Running   0          5m45s
kube-system   coredns-5c98db65d4-xfzmg             1/1     Running   0          5m45s
kube-system   etcd-pod-master                      1/1     Running   0          4m47s
kube-system   kube-apiserver-pod-master            1/1     Running   0          4m58s
kube-system   kube-controller-manager-pod-master   1/1     Running   0          4m58s
kube-system   kube-flannel-ds-amd64-jdf4f          1/1     Running   0          3m55s
kube-system   kube-proxy-kjpwz                     1/1     Running   0          5m45s
kube-system   kube-scheduler-pod-master            1/1     Running   0          4m59s

Verifikasi config dan cluster

kubectl config view
kubectl cluster-info
[email protected] :~# kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://10.0.0.4:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: [email protected]
current-context: [email protected]
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

[email protected] :~# kubectl cluster-info
Kubernetes master is running at https://10.0.0.4:6443
KubeDNS is running at https://10.0.0.4:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

Tampilkan Token dan token-ca-cert-hash

sudo kubeadm token list
sudo openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl  rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
[email protected] :~# kubeadm token list

TOKEN                     TTL       EXPIRES                USAGES                   DESCRIPTION                                                EXTRA GROUPS
ihk6ha.vlih4iuykm0y68i3   23h       2019-10-11T12:51:38Z   authentication,signing   The default bootstrap token generated by 'kubeadm init'.   system:bootstrappers:kubeadm:default-node-token

[email protected] :~# openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'
de9c723b4b3d10e54cbb4cbc55d9abd007fa9edaf0076577827b5d33b59e79c4
  • token master ihk6ha.vlih4iuykm0y68i3
  • TOKEN-CA-CERT-HASH de9c723b4b3d10e54cbb4cbc55d9abd007fa9edaf0076577827b5d33b59e79c4

Ekseskusi di pod-worker

Join Node Worker ke Master (verifikasi dan matikan swap lebih dulu)

swapon -s
sudo swapoff -a
sudo kubeadm join --token [TOKEN] [NODE-MASTER]:6443 --discovery-token-ca-cert-hash sha256:[TOKEN-CA-CERT-HASH]
[email protected]:~# sudo kubeadm join --token ihk6ha.v
lih4iuykm0y68i3 pod-master:6443 --discovery-token-ca-cert-hash sha256:de9c723b4b3d10e54cbb4cbc55d9abd007fa9edaf0076577827b5d33b59e79c

Eksekusi di pod master

verifikasi nodes

kubectl get nodes
[email protected] :~# kubectl get nodes 
NAME          STATUS   ROLES    AGE   VERSION
pod-master    Ready    master   31m   v1.15.4
pod-worker    Ready    <none>   15m   v1.15.4

Happy, Enjoy Ngoprek ~

Comments