Dustin
f7d01f3d03
|
||
|---|---|---|
| .. | ||
| README.md | ||
README.md
Cluster Setup
- Fedora 35
- Fedora Kubernetes packages 1.22
Machine Setup
Add to pyrocufflink.blue domain:
ansible-playbook \
-l k8s-amd64-ctrl0.pyrocufflink.blue \
remount.yml \
bootstrap.yml \
pyrocufflink.yml \
-e ansible_host=172.30.0.167/28 \
-u root \
-e @join.creds
Set up Kubernetes agent (kubelet):
ansible-playbook -l k8s-amd64-ctrl0.pyrocufflink.blue kubelet.yml -b
Initialize cluster
Run on k8s-ctrl0.pyrocufflink.blue:
kubeadm init \
--control-plane-endpoint kubernetes.pyrocufflink.blue \
--upload-certs \
--kubernetes-version=$(rpm -q --qf '%{V}' kubernetes-node) \
--pod-network-cidr=10.149.0.0/16
Configure Pod Networking
Calico seems to be the best choice, based on its feature completeness, and a couple of performance benchmarks put it basically at the top.
curl -fL\
-O 'https://projectcalico.docs.tigera.io/manifests/tigera-operator.yaml' \
-O 'https://projectcalico.docs.tigera.io/manifests/custom-resources.yaml'
sed -i 's/192\.168\.0\.0\/16/10.149.0.0\/16/' custom-resources.yaml
kubectl create -f tigera-operator.yaml
kubectl create -f custom-resources.yaml
Wait for Calico to deploy completely, then restart CoreDNS:
kubectl wait -n calico-system --for=condition=ready \
$(kubectl get pods -n calico-system -l k8s-app=calico-node -o name)
kubectl -n kube-system rollout restart deployment coredns
unset calico_node
Add Worker Nodes
kubeadm join kubernetes.pyrocufflink.blue:6443 \
--token xxxxxx.xxxxxxxxxxxxxxxx \
--discovery-token-ca-cert-hash sha256:…
Add Control Plane Nodes
kubeadm join kubernetes.pyrocufflink.blue:6443 \
--token xxxxxx.xxxxxxxxxxxxxxxxx \
--discovery-token-ca-cert-hash sha256:… \
--control-plane \
--certificate-key …
Create Admin user
cat < kubeadm-user.yaml <<EOF
apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
clusterName: kubernetes
controlPlaneEndpoint: kubernetes.pyrocufflink.blue:6443
certificatesDir: /etc/kubernetes/pki
EOF
kubeadm kubeconfig user \
--client-name dustin \
--config kubeadm-user.yaml \
--org system:masters \
> dustin.kubeconfig