Difference between revisions of "Initializing the Kubernetes cluster"
m (→Create cluster configuration scripts) |
m (→Spin up the master node) |
||
| Line 49: | Line 49: | ||
== Spin up the master node == | == Spin up the master node == | ||
| − | Use kubeadm with | + | Use kubeadm with vanilla defaults to initialize the control plane. |
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| − | |||
> sudo systemctl enable docker.service | > sudo systemctl enable docker.service | ||
| − | > sudo kubeadm init | + | > sudo kubeadm init |
</syntaxhighlight> | </syntaxhighlight> | ||
| Line 60: | Line 59: | ||
| − | * Flannel daemonset ( | + | * Update kubelet configuration for master node |
| + | |||
| + | Edit /etc/kubernetes/manifests/kube-controller-manager.yaml: | ||
| + | |||
| + | <syntaxhighlight lang="bash"> | ||
| + | spec: | ||
| + | containers: | ||
| + | - command: | ||
| + | # add these two | ||
| + | - --allocate-node-cidrs=true | ||
| + | - --cluster-cidr=10.244.0.0/16 | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | Edit /etc/kubernetes/manifests/kube-controller-manager.yaml: | ||
| + | |||
| + | <syntaxhighlight lang="bash"> | ||
| + | </syntaxhighlight> | ||
| + | |||
| + | |||
| + | |||
| + | * Flannel daemonset (pod network for communication) | ||
* nVidia daemonset | * nVidia daemonset | ||
Revision as of 14:34, 14 June 2019
Contents
Kubernetes and pre-requisites
Install Kubernetes on Ubuntu 18.04. Assuming version 1.14.2 is pulled, check how to fix version.
> cd init
> ./install_kubernetes.sh
Reconfigure docker runtime. Edit /etc/docker/daemon.json as follows:
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
Restart docker daemon:
> mkdir -p /etc/systemd/system/docker.service.d
> systemctl daemon-reload
> systemctl restart docker
Make sure swap is off
> sudo swapoff -a
Check /etc/fstab if swap is still configured there, delete if this is the case.
Create cluster configuration scripts
OBSOLETE, DOES NOT SEEM TO WORK IN NEW KUBERNETES.
> cd init/templates
# edit cluster information in the following config file
> nano make_init_config.sh
> touch /home/kubernetes/.rnd
> ./make_init_config.sh
This will generate the init config from the config template and store it in /home/kubernetes/clusters/ccu.
Spin up the master node
Use kubeadm with vanilla defaults to initialize the control plane.
> sudo systemctl enable docker.service
> sudo kubeadm init
If this fails at any point, use kubeadm reset after problems have been fixed before trying to re-initialize.
- Update kubelet configuration for master node
Edit /etc/kubernetes/manifests/kube-controller-manager.yaml:
spec:
containers:
- command:
# add these two
- --allocate-node-cidrs=true
- --cluster-cidr=10.244.0.0/16
Edit /etc/kubernetes/manifests/kube-controller-manager.yaml:
- Flannel daemonset (pod network for communication)
- nVidia daemonset
- Update kubelet configuration for master node
Authentication systems
DEX with LDAP
TODO: outdated, switched to containerized DEX. Check what still needs to be done.
Set up according to this tutorial with customized install scripts in kubernetes/init/dex/
- Create secrets for TLS connections, use certs for ccu.uni-konstanz.de
- Modify ca-cm.yml to contain correct ca.
- Run upload_ccu_tls.sh
- Spin up login application service.
- Modify loginapp-cm.yml: server config
- Modify loginapp-ing-srv.yml: service data, mapping of ports to outside world
- Modify loginapp-deploy.yml: ID secret for TLS
- Run start-login-service.sh
- Spin up dex
- Modify dex-cm.yml: server data and LDAP configuration
- Modify dex-ing-srv.yml: service data, mapping of ports to outside world
- Modify dex-deploy.yml: ID secret for TLS
- Run start-dex-service.sh
