title: “Kubernetes Master on Coreos”
date: 2016-09-20T08:31:55
slug: kubernetes-master-on-coreos

vi /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE="eth1"
BOOTPROTO=none
ONBOOT=yes
NETWORK=172.31.4.0
NETMASK=255.255.252.0
IPADDR=172.31.4.5
USERCTL=no

mkdir /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/apiserver.pem /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/apiserver-key.pem /etc/ssl/kubernetes
scp root@hostingvalley.de:/root/certs/ca.pem /etc/ssl/kubernetes

Install etcd and Kubernetes through yum:

yum -y install etcd kubernetes

/etc/etcd/etcd.conf

ETCD\_NAME=default
ETCD\_DATA\_DIR="/var/lib/etcd/default.etcd"
ETCD\_LISTEN\_CLIENT\_URLS="http://0.0.0.0:2379"
ETCD\_ADVERTISE\_CLIENT\_URLS="http://localhost:2379"

/etc/kubernetes/apiserver

KUBE\_API\_ADDRESS="--address=0.0.0.0"
KUBE\_API\_PORT="--port=8080"
KUBELET\_PORT="--kubelet\_port=10250"
KUBE\_ETCD\_SERVERS="--etcd\_servers=http://127.0.0.1:2379"
KUBE\_SERVICE\_ADDRESSES="--service-cluster-ip-range=10.254.0.0/16"
KUBE\_ADMISSION\_CONTROL="--admission\_control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"
KUBE\_API\_ARGS="--tls-cert-file='/etc/ssl/kubernetes/apiserver.pem' --tls-private-key-file='/etc/ssl/kubernetes/apiserver-key.pem' --secure-port=443"

vi /etc/kubernetes/controller-manager

KUBE\_CONTROLLER\_MANAGER\_ARGS="--service-account-private-key-file=/etc/ssl/kubernetes/apiserver-key.pem --root-ca-file=/etc/ssl/kubernetes/ca.pem"

Start and enable etcd, kube-apiserver, kube-controller-manager and kube-scheduler:

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler; do
 systemctl restart $SERVICES
 systemctl enable $SERVICES
 systemctl status $SERVICES
done

etcdctl mk /coreos.com/network/config '{"Network":"10.2.0.0/16"}'

curl -H "Content-Type: application/json" -XPOST -d'{"apiVersion":"v1","kind":"Namespace","metadata":{"name":"kube-system"}}' "http://127.0.0.1:8080/api/v1/namespaces"