Category Archives: Kubernetes

kubeadmin kubernetes mit weave unter Ubuntu

title: “kubeadmin kubernetes mit weave unter Ubuntu”
date: 2018-01-10T13:19:28
slug: kubeadmin-kubernetes-mit-weave-unter-ubuntu

apt-get install -y docker.io

cat << EOF > /etc/docker/daemon.json
{
“exec-opts”: [“native.cgroupdriver=systemd”]
}
EOF

apt-get update && apt-get install -y apt-transport-https
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add –
cat </etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
kubeadm init –pod-network-cidr=172.16.0.0/16 –service-cidr=172.17.0.0/18

vi /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
-> add “–pod-cidr=172.16.0.0/16 –cgroup-driver=systemd –register-with-taints=node-role.kubernetes.io/master=:PreferNoSchedule” to KUBELET_NETWORK_ARGS
-> set –cluster-dns=172.17.0.10

systemctl daemon-reload
systemctl restart kubelet

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

sysctl net.bridge.bridge-nf-call-iptables=1
export kubever=$(kubectl version | base64 | tr -d ‘
’)
kubectl apply -f “https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d ‘
’)&env.IPALLOC_RANGE=172.16.0.0/16″
kubectl get nodes

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/alternative/kubernetes-dashboard.yaml

kubectl describe svc kubernetes-dashboard -n kube-system

Check the “IP” and the “Endpoints:” IP Addresses, should be from the pod and service cidr

Get cni binaries

title: “Get cni binaries”
date: 2017-09-05T13:30:22
slug: get-cni-binaries

mkdir -p /opt/cni/bin/
curl -fsSL ‘https://github.com/containernetworking/cni/releases/download/v0.4.0/cni-amd64-v0.4.0.tgz’ | tar xvz -C /opt/cni/bin/

New Contabo Server (NFS, Kubernetes, openvpn)

title: “New Contabo Server (NFS, Kubernetes, openvpn)”
date: 2017-02-02T09:25:41
slug: new-contabo-server-nfs-kubernetes-openvpn

Add to .bashrc

export LC\_ALL=en\_US.UTF-8
export LANG=en\_US.UTF-8
export LANGUAGE=en\_US.UTF-8

Add Kubernetes Repository

echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list

apt-get install curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
apt-get install -y apt-transport-https && apt-get update && apt-get install -y vim mc nfs-kernel-server openvpn docker.io kubelet kubeadm kubectl kubernetes-cni

Add SSH Keys from old server

vi .ssh/authorized\_keys

Copy content from old server

tar zcPf - /STORAGE /etc/openvpn /etc/exports /etc/hostname /etc/rc.local /var/spool/cron/crontabs /root/.docker | ssh root@178.238.228.154 'tar zxpPf - '

Install Kubernetes on Ubuntu 16

title: “Install Kubernetes on Ubuntu 16”
date: 2016-12-06T11:27:28
slug: install-kubernetes-on-ubuntu-16

Install Kubernetes I

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF > /etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
# Install docker if you don't have it already.
apt-get install -y docker.io
apt-get install -y kubelet kubeadm kubectl kubernetes-cni

Enable docker

systemctl enable docker
docker ps

Install Kubernetes & Network Overlay II

kubeadm init
kubectl apply -f https://git.io/weave-kube
ifconfig -a #Should show a wave interafce with address 10.32.0.2

Create a client Certificate

title: “Create a client Certificate”
date: 2016-10-11T19:37:42
slug: create-a-client-certificate

Extract the Certs from the kube config (base64 -d)

openssl pkcs12 -export -clcerts -inkey client.key -in client.crt -out kubecfg.p12 -name "kubernetes-client"

Kubernetes Master on Coreos

title: “Kubernetes Master on Coreos”
date: 2016-09-20T08:31:55
slug: kubernetes-master-on-coreos

vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO=none
ONBOOT=yes
NETWORK=172.31.4.0
NETMASK=255.255.252.0
IPADDR=172.31.4.5
USERCTL=no

mkdir /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/apiserver.pem /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/apiserver-key.pem /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/ca.pem /etc/ssl/kubernetes

Install etcd and Kubernetes through yum:

yum -y install etcd kubernetes

/etc/etcd/etcd.conf

ETCD\_NAME=default
ETCD\_DATA\_DIR="/var/lib/etcd/default.etcd"
ETCD\_LISTEN\_CLIENT\_URLS="http://0.0.0.0:2379"
ETCD\_ADVERTISE\_CLIENT\_URLS="http://localhost:2379"

/etc/kubernetes/apiserver

KUBE\_API\_ADDRESS="--address=0.0.0.0"
KUBE\_API\_PORT="--port=8080"
KUBELET\_PORT="--kubelet\_port=10250"
KUBE\_ETCD\_SERVERS="--etcd\_servers=http://127.0.0.1:2379"
KUBE\_SERVICE\_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE\_ADMISSION\_CONTROL="--admission\_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
KUBE\_API\_ARGS="--tls-cert-file='/etc/ssl/kubernetes/apiserver.pem' --tls-private-key-file='/etc/ssl/kubernetes/apiserver-key.pem' --secure-port=443"

vi /etc/kubernetes/controller-manager

KUBE\_CONTROLLER\_MANAGER\_ARGS="--service-account-private-key-file=/etc/ssl/kubernetes/apiserver-key.pem --root-ca-file=/etc/ssl/kubernetes/ca.pem"

Start and enable etcd, kube-apiserver, kube-controller-manager and kube-scheduler:

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do
 systemctl restart $SERVICES
 systemctl enable $SERVICES
 systemctl status $SERVICES
done

etcdctl mk /coreos.com/network/config '{"Network":"10.2.0.0/16"}'

curl -H "Content-Type: application/json" -XPOST -d'{"apiVersion":"v1","kind":"Namespace","metadata":{"name":"kube-system"}}' "http://127.0.0.1:8080/api/v1/namespaces"