Installing Kubernetes with Contrail

Installing Kubernetes on Master and Worker nodes

Since Kubernetes 1.5 container runtimes are integrated through Container Runtime Interface, CRI. The CRI is a gRPC API which allows kubelet to interface with container runtime. Kubernetes can be deployed using a various container runtimes. I will refer here only to docker, containerd and cri-o. Read a versus about them here.

Choose which container runtime you would like to use.

On all nodes

Prepare the nodes and install Kubernetes components.

Use any these scripts for Centos or these scripts for Ubuntu.

On the master

6. Create K8s cluster

# kubeadm init

If you are using containerd or cri-o, you need to specify the container runtime endpoint.

# kubeadm init --cri-socket /run/containerd/containerd.sock

or

# kubeadm init --cri-socket /var/run/crio/crio.sock

7. Once "kubeadm init" completes, save the "join" command that will be printed on the shell

kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345

8. Run the following commands to setup the k8s cli

# mkdir -p $HOME/.kube
# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# sudo chown $(id -u):$(id -g) $HOME/.kube/config

On the Workers

9. Join the Master node

# kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345

On the master

10. Check if the nodes are joined

# kubectl get nodes -o wide
NAME    STATUS        ROLES    AGE   VERSION   INTERNAL-IP      EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION               CONTAINER-RUNTIME
m1k8c   NotReady      master   18h   v1.18.5   192.168.122.17   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   containerd://1.2.13
n1k8c   NotReady      worker   18h   v1.18.5   192.168.122.20   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   containerd://1.2.13
n2k8c   NotReady      worker   18h   v1.18.5   192.168.122.70   <none>        CentOS Linux 7 (Core)   3.10.0-1127.13.1.el7.x86_64   containerd://1.2.13

On Ubuntu it will look like this

# kubectl get nodes -o wide
NAME    STATUS     ROLES    AGE     VERSION   INTERNAL-IP      EXTERNAL-IP   OS-IMAGE             KERNEL-VERSION       CONTAINER-RUNTIME
m1k8u   NotReady   master   6m12s   v1.18.5   192.168.122.30   <none>        Ubuntu 18.04.4 LTS   4.15.0-109-generic   containerd://1.2.13
n1k8u   NotReady   <none>   2m50s   v1.18.5   192.168.122.31   <none>        Ubuntu 18.04.4 LTS   4.15.0-109-generic   containerd://1.2.13
n2k8u   NotReady   <none>   2m49s   v1.18.5   192.168.122.32   <none>        Ubuntu 18.04.4 LTS   4.15.0-109-generic   containerd://1.2.13

11. Create secret for downloading Contrail docker images

# kubectl create secret docker-registry contrail-registry --docker-server=hub.juniper.net/contrail-nightly --docker-username=JNPR-FieldUserXXX --docker-password=XXXXXXXXXXX [email protected] -n kube-system

12. Install Contrail by applying the single yaml file. Change %MASTER_IP% variable with master ip address before applying

# kubectl apply -f [contrail_single.yaml](https://github.com/ovaleanujnpr/kubernetes/blob/master/single_yaml/contrail_single.yaml)

13. Watch contrail pods being created

# watch -n5 kubectl get pods -A

Once is finished all the pods should be up and running

# kubectl get pods -A
NAMESPACE     NAME                                READY   STATUS    RESTARTS   AGE
kube-system   config-zookeeper-86jxv              1/1     Running   0          18h
kube-system   contrail-agent-7k58d                3/3     Running   5          18h
kube-system   contrail-agent-cmcwm                3/3     Running   5          18h
kube-system   contrail-analytics-alarm-rrpxz      4/4     Running   4          18h
kube-system   contrail-analytics-jlkcp            4/4     Running   2          18h
kube-system   contrail-analytics-snmp-dh7kj       4/4     Running   7          18h
kube-system   contrail-analyticsdb-tdv2j          4/4     Running   2          18h
kube-system   contrail-configdb-cstt5             3/3     Running   2          18h
kube-system   contrail-controller-config-zx7f6    6/6     Running   4          18h
kube-system   contrail-controller-control-fg7vv   5/5     Running   1          18h
kube-system   contrail-controller-webui-xgj5j     2/2     Running   0          18h
kube-system   contrail-kube-manager-szlp6         1/1     Running   0          18h
kube-system   coredns-66bff467f8-fqm7j            1/1     Running   0          19h
kube-system   coredns-66bff467f8-glpv9            1/1     Running   0          19h
kube-system   etcd-m1k8c                          1/1     Running   0          19h
kube-system   kube-apiserver-m1k8c                1/1     Running   0          19h
kube-system   kube-controller-manager-m1k8c       1/1     Running   5          19h
kube-system   kube-proxy-2sdh5                    1/1     Running   0          19h
kube-system   kube-proxy-7cpzc                    1/1     Running   0          19h
kube-system   kube-proxy-r7vx5                    1/1     Running   0          19h
kube-system   kube-scheduler-m1k8c                1/1     Running   5          19h
kube-system   rabbitmq-md25d                      1/1     Running   0          18h
kube-system   redis-zl6tc                         1/1     Running   0          18h

14. Taint master to make no schedulable

# kubectl taint nodes m1k8u key=value:NoSchedule

crictl is a tool that is installed during installation of the Kubernetes components. For clusters using containerd or cri-o container runtime, use crictl to pull images, check containers or pods status.

To pull a image from a private docker repo use:

# crictl pull --creds JNPR-FieldUserXXX:XXXXXXXXXXX hub.juniper.net/contrail-nightly/contrail-status:master.latest

To check the status of images, containers

# crictl images

crictl ps

Check crictl help for more options.