infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity
kubernetes/setup/README.md

103 lines
2.3 KiB
Markdown
Raw Blame History

# Cluster Setup
* Fedora 35
* Fedora Kubernetes packages 1.22
## Machine Setup
Add to *pyrocufflink.blue* domain:
```sh
ansible-playbook \
-l k8s-amd64-ctrl0.pyrocufflink.blue \
remount.yml \
bootstrap.yml \
pyrocufflink.yml \
-e ansible_host=172.30.0.167/28 \
-u root \
-e @join.creds
```
Set up Kubernetes agent (`kubelet`):
```sh
ansible-playbook -l k8s-amd64-ctrl0.pyrocufflink.blue kubelet.yml -b
```
## Initialize cluster
Run on *k8s-ctrl0.pyrocufflink.blue*:
```sh
kubeadm init \
--control-plane-endpoint kubernetes.pyrocufflink.blue \
--upload-certs \
--kubernetes-version=$(rpm -q --qf '%{V}' kubernetes-node) \
--pod-network-cidr=10.149.0.0/16
```
## Configure Pod Networking
[Calico] seems to be the best choice, based on its feature completeness, and
a couple of performance benchmarks put it basically at the top.
```sh
curl -fL\
-O 'https://projectcalico.docs.tigera.io/manifests/tigera-operator.yaml' \
-O 'https://projectcalico.docs.tigera.io/manifests/custom-resources.yaml'
sed -i 's/192\.168\.0\.0\/16/10.149.0.0\/16/' custom-resources.yaml
kubectl create -f tigera-operator.yaml
kubectl create -f custom-resources.yaml
```
Wait for Calico to deploy completely, then restart CoreDNS:
```sh
kubectl wait -n calico-system --for=condition=ready \
$(kubectl get pods -n calico-system -l k8s-app=calico-node -o name)
kubectl -n kube-system rollout restart deployment coredns
unset calico_node
```
## Add Worker Nodes
```sh
kubeadm join kubernetes.pyrocufflink.blue:6443 \
--token xxxxxx.xxxxxxxxxxxxxxxx \
--discovery-token-ca-cert-hash sha256:…
```
## Add Control Plane Nodes
```sh
kubeadm join kubernetes.pyrocufflink.blue:6443 \
--token xxxxxx.xxxxxxxxxxxxxxxxx \
--discovery-token-ca-cert-hash sha256:… \
--control-plane \
--certificate-key …
```
[Calico]: https://projectcalico.docs.tigera.io/getting-started/kubernetes/self-managed-onprem/onpremises
## Create Admin user
```sh
cat < kubeadm-user.yaml <<EOF
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
clusterName: kubernetes
controlPlaneEndpoint: kubernetes.pyrocufflink.blue:6443
certificatesDir: /etc/kubernetes/pki
EOF
kubeadm kubeconfig user \
--client-name dustin \
--config kubeadm-user.yaml \
--org system:masters \
> dustin.kubeconfig
```
View Git Blame Copy Permalink