-
Notifications
You must be signed in to change notification settings - Fork 6
Installing Kubernetes with Contrail
Since Kubernetes 1.5 container runtimes are integrated through Container Runtime Interface, CRI. The CRI is a gRPC API which allows kubelet to interface with container runtime. Kubernetes can be deployed using a various container runtimes. I will refer here only to docker, containerd and cri-o. Read a versus about them here.
For a HA deployment, you will need a LB for K8s API. A HA Proxy node can be configured easily.
This is an example of a haproxy config.
Choose which container runtime you would like to use.
Prepare the nodes and install Kubernetes components.
Use any these scripts for Centos or these scripts for Ubuntu.
- Create K8s cluster
# kubeadm init --control-plane-endpoint "LOAD_BALANCER_DNS:LOAD_BALANCER_PORT" --upload-certs
In my case LOAD_BALANCER_DNS:LOAD_BALANCER_PORT is 172.16.125.120:6443
If you are using containerd or cri-o, you need to specify the container runtime endpoint.
# kubeadm init --cri-socket /run/containerd/containerd.sock
or
# kubeadm init --cri-socket /var/run/crio/crio.sock
- Once "kubeadm init" completes, save the "join" command that will be printed on the shell
kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345
- Run the following commands to setup the k8s cli
# mkdir -p $HOME/.kube
# sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
# sudo chown $(id -u):$(id -g) $HOME/.kube/config
- Join the Master node
# kubeadm join 192.168.122.17:6443 --token 1qvuih.2vxyozivdk35xw7j --discovery-token-ca-cert-hash sha256:54a3e182dfa4086549a6fc5a4276b04077d39283ec48e441dcb0dac179d79345
- Check if the nodes are joined
# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
m1k8c NotReady master 18h v1.18.5 192.168.122.17 <none> CentOS Linux 7 (Core) 3.10.0-1127.13.1.el7.x86_64 containerd://1.2.13
n1k8c NotReady worker 18h v1.18.5 192.168.122.20 <none> CentOS Linux 7 (Core) 3.10.0-1127.13.1.el7.x86_64 containerd://1.2.13
n2k8c NotReady worker 18h v1.18.5 192.168.122.70 <none> CentOS Linux 7 (Core) 3.10.0-1127.13.1.el7.x86_64 containerd://1.2.13
On Ubuntu it will look like this
# kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
m1k8u NotReady master 6m12s v1.18.5 192.168.122.30 <none> Ubuntu 18.04.4 LTS 4.15.0-109-generic containerd://1.2.13
n1k8u NotReady <none> 2m50s v1.18.5 192.168.122.31 <none> Ubuntu 18.04.4 LTS 4.15.0-109-generic containerd://1.2.13
n2k8u NotReady <none> 2m49s v1.18.5 192.168.122.32 <none> Ubuntu 18.04.4 LTS 4.15.0-109-generic containerd://1.2.13
- Create secret for downloading Contrail docker images
# kubectl create secret docker-registry contrail-registry --docker-server=hub.juniper.net/contrail-nightly --docker-username=JNPR-FieldUserXXX --docker-password=XXXXXXXXXXX [email protected] -n kube-system
- Install Contrail by applying the single yaml file. Change %MASTER_IP% variable with master ip address before applying
# kubectl apply -f [contrail_single.yaml](https://github.com/ovaleanujnpr/kubernetes/blob/master/single_yaml/contrail_single.yaml)
- Watch contrail pods being created
# watch -n5 kubectl get pods -A
Once is finished all the pods should be up and running
# kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system config-zookeeper-86jxv 1/1 Running 0 18h
kube-system contrail-agent-7k58d 3/3 Running 5 18h
kube-system contrail-agent-cmcwm 3/3 Running 5 18h
kube-system contrail-analytics-alarm-rrpxz 4/4 Running 4 18h
kube-system contrail-analytics-jlkcp 4/4 Running 2 18h
kube-system contrail-analytics-snmp-dh7kj 4/4 Running 7 18h
kube-system contrail-analyticsdb-tdv2j 4/4 Running 2 18h
kube-system contrail-configdb-cstt5 3/3 Running 2 18h
kube-system contrail-controller-config-zx7f6 6/6 Running 4 18h
kube-system contrail-controller-control-fg7vv 5/5 Running 1 18h
kube-system contrail-controller-webui-xgj5j 2/2 Running 0 18h
kube-system contrail-kube-manager-szlp6 1/1 Running 0 18h
kube-system coredns-66bff467f8-fqm7j 1/1 Running 0 19h
kube-system coredns-66bff467f8-glpv9 1/1 Running 0 19h
kube-system etcd-m1k8c 1/1 Running 0 19h
kube-system kube-apiserver-m1k8c 1/1 Running 0 19h
kube-system kube-controller-manager-m1k8c 1/1 Running 5 19h
kube-system kube-proxy-2sdh5 1/1 Running 0 19h
kube-system kube-proxy-7cpzc 1/1 Running 0 19h
kube-system kube-proxy-r7vx5 1/1 Running 0 19h
kube-system kube-scheduler-m1k8c 1/1 Running 5 19h
kube-system rabbitmq-md25d 1/1 Running 0 18h
kube-system redis-zl6tc 1/1 Running 0 18h
- Taint master to make no schedulable
# kubectl taint nodes m1k8u key=value:NoSchedule
crictl is a tool that is installed during installation of the Kubernetes components. For clusters using containerd or cri-o container runtime, use crictl to pull images, check containers or pods status.
To pull a image from a private docker repo use:
# crictl pull --creds JNPR-FieldUserXXX:XXXXXXXXXXX hub.juniper.net/contrail-nightly/contrail-status:master.latest
To check the status of images, containers
# crictl images
crictl ps
Check crictl help for more options.