Installing Kubernetes with Contrail

Installing Kubernetes on Master and Worker nodes

Since Kubernetes 1.5 container runtimes are integrated through Container Runtime Interface, CRI. The CRI is a gRPC API which allows kubelet to interface with container runtime. Kubernetes can be deployed using a various container runtimes. I will refer here only to docker, containerd and cri-o. Read a versus about them here.

Choose which container runtime you would like to use.

On all nodes

Prepare the nodes and install Kubernetes components.

Use any these scripts for Centos or these scripts for Ubuntu.

On the master

6. Create K8s cluster

# kubeadm init

If you are using containerd or cri-o, you need to specify the container runtime endpoint.

# kubeadm init --cri-socket /run/containerd/containerd.sock

or

# kubeadm init --cri-socket /var/run/crio/crio.sock

7. Once "kubeadm init" completes, save the "join" command that will be printed on the shell

kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345

8. Run the following commands to setup the k8s cli

# mkdir -p $HOME/.kube
# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# sudo chown $(id -u):$(id -g) $HOME/.kube/config

On the Workers

9. Join the Master node

# kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345

On the master

10. Check if the nodes are joined

# kubectl get nodes -o wide
NAME    STATUS     ROLES    AGE   VERSION   INTERNAL-IP      EXTERNAL-IP   OS-IMAGE                KERNEL-VERSION               CONTAINER-RUNTIME
m1k8c   NotReady      master   18h   v1.18.3   192.168.122.17   <none>        CentOS Linux 7 (Core)   3.10.0-1127.8.2.el7.x86_64   containerd://1.2.13
n1k8c   NotReady      worker   18h   v1.18.3   192.168.122.20   <none>        CentOS Linux 7 (Core)   3.10.0-1127.8.2.el7.x86_64   containerd://1.2.13
n2k8c   NotReady      worker   18h   v1.18.3   192.168.122.70   <none>        CentOS Linux 7 (Core)   3.10.0-1127.8.2.el7.x86_64   containerd://1.2.13

11. Label the worker nodes.

# kubectl label node n1k8c node-role.kubernetes.io/worker=
# kubectl label node n2k8c node-role.kubernetes.io/worker=
# kubectl get nodes --show-labels
NAME    STATUS     ROLES    AGE   VERSION   LABELS
m1k8c   NotReady   master   19h   v1.18.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=m1k8c,kubernetes.io/os=linux,node-role.kubernetes.io/master=
n1k8c   Ready      worker   19h   v1.18.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=n1k8c,kubernetes.io/os=linux,node-role.kubernetes.io/worker=
n2k8c   Ready      worker   19h   v1.18.3   beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/arch=amd64,kubernetes.io/hostname=n2k8c,kubernetes.io/os=linux,node-role.kubernetes.io/worker=

12. Create secret for downloading Contrail docker images

# kubectl create secret docker-registry contrail-registry --docker-server=hub.juniper.net/contrail-nightly --docker-username=JNPR-FieldUserXXX --docker-password=XXXXXXXXXXX [email protected] -n kube-system

13. Install Contrail by applying the single yaml file

# kubectl apply -f contrail_m1k8c.yaml

14. Watch contrail pods being created

# watch -n5 kubectl get pods -A

Once is finished all the pods should be up and running

# kubectl get pods -A
NAMESPACE     NAME                                READY   STATUS    RESTARTS   AGE
kube-system   config-zookeeper-86jxv              1/1     Running   0          18h
kube-system   contrail-agent-7k58d                3/3     Running   5          18h
kube-system   contrail-agent-cmcwm                3/3     Running   5          18h
kube-system   contrail-analytics-alarm-rrpxz      4/4     Running   4          18h
kube-system   contrail-analytics-jlkcp            4/4     Running   2          18h
kube-system   contrail-analytics-snmp-dh7kj       4/4     Running   7          18h
kube-system   contrail-analyticsdb-tdv2j          4/4     Running   2          18h
kube-system   contrail-configdb-cstt5             3/3     Running   2          18h
kube-system   contrail-controller-config-zx7f6    6/6     Running   4          18h
kube-system   contrail-controller-control-fg7vv   5/5     Running   1          18h
kube-system   contrail-controller-webui-xgj5j     2/2     Running   0          18h
kube-system   contrail-kube-manager-szlp6         1/1     Running   0          18h
kube-system   coredns-66bff467f8-fqm7j            1/1     Running   0          19h
kube-system   coredns-66bff467f8-glpv9            1/1     Running   0          19h
kube-system   etcd-m1k8c                          1/1     Running   0          19h
kube-system   kube-apiserver-m1k8c                1/1     Running   0          19h
kube-system   kube-controller-manager-m1k8c       1/1     Running   5          19h
kube-system   kube-proxy-2sdh5                    1/1     Running   0          19h
kube-system   kube-proxy-7cpzc                    1/1     Running   0          19h
kube-system   kube-proxy-r7vx5                    1/1     Running   0          19h
kube-system   kube-scheduler-m1k8c                1/1     Running   5          19h
kube-system   rabbitmq-md25d                      1/1     Running   0          18h
kube-system   redis-zl6tc                         1/1     Running   0          18h

crictl is a tool that is installed during installation of the Kubernetes components. For clusters using containerd or cri-o container runtime, use crictl to pull images, check containers or pods status.

To pull a image from a private docker repo use:

crictl pull --creds JNPR-FieldUserXXX:XXXXXXXXXXX hub.juniper.net/contrail-nightly/contrail-status:master.latest

To check the status of images, containers

crictl images

crictl ps

Check crictl help for more options.