Instalar o KUBERNETES

MASTER 192.168.0.1

WORKER01 192.168.0.2

WORKER01 192.168.0.2

SO BASE: CENTOS 7

Fonte: https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

Em todos os servidores

Desabilitar Firewall e SELinux

systemctl disable firewalld && systemctl stop firewalld && systemctl status firewalld

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config && reboot

Instalar pacotes necessários

yum install -y epel-release bash-completion nano htop net-tools wget tar xz unzip curl ipset

Instalar Docker (Recomendado)

yum install -y docker

Instalar o Docker-CE (Opcional)

Fonte: https://docs.docker.com/install/linux/docker-ce/centos/

yum remove -y docker docker-client docker-client-latest docker-common docker-latest docker-latest-logrotate docker-logrotate docker-engine

yum install -y yum-utils device-mapper-persistent-data lvm

yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

yum install -y docker-ce docker-ce-cli containerd.io

Habilitar e Inicializar o Docker

systemctl enable docker

systemctl start docker

Instalar o Kubernetes

cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

Para utilizar a vers?o do ambiente (Recomendado)

yum --disableexcludes kubernetes --showduplicates list kubelet kubeadm kubectl | grep 1.14.9

yum install -y kubelet-1.14.9-0 kubeadm-1.14.9-0 kubectl-1.14.9-0 --disableexcludes=kubernetes

Instalados:
  kubeadm.x86_64 0:1.14.9-0                           kubectl.x86_64 0:1.14.9-0                           kubelet.x86_64 0:1.14.9-0

Para utilizar a última vers?o (Opcional)

yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

systemctl enable --now kubelet

Para habilitar Autocompletion

$ source /usr/share/bash-completion/bash_completion

$ echo 'source <(kubectl completion bash)' >> ~/.bashrc

$ sudo su - -c "kubectl completion bash > /etc/bash_completion.d/kubectl"

Para habilitar o modo Bridge

nano -c /etc/sysctl.d/k8s.conf

#KUBERNETES
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1

sysctl -p

Desabilitar a SWAP

swapoff -a

Observa??o: Comente a linha referente a swap no "/etc/fstab".

nano -c /etc/fstab

De

/dev/mapper/centos-swap swap                    swap    defaults        0 0

Para

#/dev/mapper/centos-swap swap                    swap    defaults        0 0

Com o usuário Administrador no master inicie o cluster

No Master:

$ sudo hostnamectl set-hostname master

$ sudo kubeadm init --pod-network-cidr=10.244.0.0/16 > secrets.txt

Observa??o: Salve o conteúdo do aquivo secrets.txt em um local para utiliza??o posterior.

Resultado:

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

  mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 192.168.0.1:6443 --token n9b0ae.nqhprprvyxofzr1v \
    --discovery-token-ca-cert-hash sha256:17e384d4ab10871bc810e692d3dadf34bfb714f5ff065bf733d0aef5eeaa9101

$ mkdir -p $HOME/.kube

$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Instalando o Weave Net

$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Para verificar se o Weave Net está sendo executado

$ kubectl get pods --all-namespaces

Resultado:

[administrador@master ~]$ kubectl get pods --all-namespaces
NAMESPACE     NAME                             READY   STATUS    RESTARTS   AGE
kube-system   coredns-5644d7b6d9-69gvh         1/1     Running   0          1m
kube-system   coredns-5644d7b6d9-wg4qx         1/1     Running   0          1m
kube-system   etcd-master                      1/1     Running   0          1m
kube-system   kube-apiserver-master            1/1     Running   0          1m
kube-system   kube-controller-manager-master   1/1     Running   0          1m
kube-system   kube-proxy-qgx8f                 1/1     Running   0          1m
kube-system   kube-proxy-tv5ws                 1/1     Running   0          1m
kube-system   kube-proxy-z7bpc                 1/1     Running   0          1m
kube-system   kube-scheduler-master            1/1     Running   0          1m
kube-system   weave-net-4xl7d                  2/2     Running   0          1m
kube-system   weave-net-57gvz                  2/2     Running   1          1m
kube-system   weave-net-xws2w                  2/2     Running   0          1m

Observa??o: O Weave Net cria uma rede virtual que conecta os contêineres Docker em vários hosts e permite a descoberta automática.

Fonte: https://www.weave.works/docs/net/latest/overview/

Verifique o estado do nó master

$ kubectl get nodes

Resultado:

[administrador@master ~]$ kubectl get nodes
NAME       STATUS   ROLES    AGE     VERSION
master     Ready    master   1m     v1.14.9

Com o usuário Administrador nos nós worker01 e worker02 conecte-os ao master

No Worker01:

$ sudo hostnamectl set-hostname worker01

No Worker02:

$ sudo hostnamectl set-hostname worker02

Em ambos os nós:

$ sudo kubeadm join 192.168.0.1:6443 --token n9b0ae.nqhprprvyxofzr1v \
    --discovery-token-ca-cert-hash sha256:17e384d4ab10871bc810e692d3dadf34bfb714f5ff065bf733d0aef5eeaa9101

Observa??es:

1: Substitua o IP "192.168.0.1" pelo IP configurado no seu servidor master.

2: Substitua o token "n9b0ae.nqhprprvyxofzr1v" pelo token gerado durante o "kubeadm init".

3: Substitua o ca-cert "17e384d4ab10871bc810e692d3dadf34bfb714f5ff065bf733d0aef5eeaa9101" pelo ca-cert gerado durante o "kubeadm init".

Ou de forma insegura...

$ sudo kubeadm join --token n9b0ae.nqhprprvyxofzr1v 192.168.0.1:6443 --discovery-token-unsafe-skip-ca-verification

Resultado:

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

Com o usuário Administrador no master verifique se os nós se conectaram ao master no cluster

$ kubectl get nodes

Resultado:

[administrador@master ~]$ kubectl get nodes
NAME       STATUS   ROLES    AGE   VERSION
master     Ready    master   1h    v1.14.9
worker01   Ready    <none>   1h    v1.14.9
worker02   Ready    <none>   1h    v1.14.9

Com o usuário Administrador no master adicione o dashboard (Opcional)

$ kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/aio/deploy/recommended.yaml

$ kubectl proxy --address 0.0.0.0 --accept-hosts '.*' &

Para acessar o Dashboard

https://192.168.0.1:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/#/login

Instalar Cockpit com suporte a Docker e Kubernetes (Opcional)

yum install -y cockpit cockpit-docker cockpit-kubernetes

usermod -aG dockerroot $(whoami)

systemctl enable cockpit

systemctl enable --now cockpit.socket

systemctl start cockpit

systemctl start --now cockpit.socket

Para acessar o Cockpit: https://192.168.0.1:9090/