hoeghh / kubernetes_the_easy_way Goto Github PK
View Code? Open in Web Editor NEWAutomating Kubernetes the hard way with Vagrant and scripts
License: MIT License
Automating Kubernetes the hard way with Vagrant and scripts
License: MIT License
Generate-certs.sh still cat ../hosts.
But it has moved to ../output/hosts
Kube-proxy does not write iptable rules on nodes, as a result of an error in kube-proxy.
This happens when iptables version is above 1.4.20 on the nodes.
Issue found here :
kubernetes/kubernetes#58956
The PR can be found here :
kubernetes/kubernetes#60133
getting below error message
OS : ubuntu16.04.03-x64-desktop
virtualbox:virtualbox-5.2_5.2.6-120293Ubuntuxenial_amd64.deb
vagrant:vagrant_2.0.1_x86_64.deb
k8s-master-2: Installing master...
There are errors in the configuration of this machine. Please fix
the following errors and try again:
File provisioner:
Deploying KubeDNS...
Unable to connect to the server: x509: certificate signed by unknown authority ( possibly because of "crypto/rsa: verification error" while trying to verify cand idate authority certificate "Kubernetes")
Deploying WeaveNet...
Unable to connect to the server: x509: certificate signed by unknown authority ( possibly because of "crypto/rsa: verification error" while trying to verify cand idate authority certificate "Kubernetes")
./install.sh: line 45: ../logs/weavenet.log: No such file or directory
Regards,
Vikas
Hi,
Eager to know that, if cluster is accessible/expose outside of the system like in the LAN,WAN and the internet.
Regards,Vikas
The last sections, the comments still reads etcd for other types of nodes. Copy/paste but forgot to edit names
The load balancer(s) are not connected to the pod network, so it/they can't serve any traffic at all. Lb is connected to the API server so it does configure itself with all frot and backends.
We need to manually install weave net on load balancer(s). Before that, nothing will be served by ingress.
The loadbalancers need a floating ip just like the masters have right now.
More or less copy paste.
Right now we have the following in the traefik.toml file
#CertFile = "/root/ssl/traefik-wildcard.pem"
#KeyFile = "/root/ssl/traefik-wildcard.key"
We need to create these certificates, and put them in use
Right now the loadbalancer does not work if rebooted, as weavenet does not start on boot.
In cases where you have an external NFS server, which is not resolvable via an DNS server, it would be nice to be able to add custom entries.
In rhe readme, describe the end goal. What will I get when the script is done.
X x etcd, resources
X x api-seevers ..... And so on
I would like to change to centos. Let's see if its easy, before installing corosync and pacemaker.
Let's start with traefik and give people a choice later on to use eg nginx.
Hi,
How to Configuring kubectl for Remote Access .Please provide steps for the same.
Regards,
Vikas
Hi,
currently which storage provisor is being used for the setup.
Regards,Vikas
Use corosync and pacemaker to create a floating ip between all master nodes. This will then be the external IP for master nodes.
kubectl describe pods
Name: kubernetes-dashboard-64b6f585dd-mctwj
Namespace: default
Node: k8s-worker-2/192.168.50.32
Start Time: Fri, 02 Feb 2018 17:26:57 +0530
Labels: pod-template-hash=2062914188
run=kubernetes-dashboard
Annotations:
Status: Pending
IP:
Controlled By: ReplicaSet/kubernetes-dashboard-64b6f585dd
Containers:
kubernetes-dashboard:
Container ID:
Image: k8s.gcr.io/kubernetes-dashboard-amd64:v1.8.2
Image ID:
Port: 8888/TCP
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Environment:
Mounts:
/var/run/secrets/kubernetes.io/serviceaccount from default-token-8nn45 (ro)
Conditions:
Type Status
Initialized True
Ready False
PodScheduled True
Volumes:
default-token-8nn45:
Type: Secret (a volume populated by a Secret)
SecretName: default-token-8nn45
Optional: false
QoS Class: BestEffort
Node-Selectors:
Tolerations:
Events:
Type Reason Age From Message
Warning FailedCreatePodSandBox 59m kubelet, k8s-worker-2 Failed create pod sandbox.
Normal SuccessfulMountVolume 59m kubelet, k8s-worker-2 MountVolume.SetUp succeeded for volume "default-token-8nn45"
Normal SuccessfulMountVolume 59m kubelet, k8s-worker-2 MountVolume.SetUp succeeded for volume "default-token-8nn45"
Warning FailedCreatePodSandBox 59m kubelet, k8s-worker-2 Failed create pod sandbox.
Normal SuccessfulMountVolume 59m kubelet, k8s-worker-2 MountVolume.SetUp succeeded for volume "default-token-8nn45"
Warning FailedCreatePodSandBox 59m kubelet, k8s-worker-2 Failed create pod sandbox.
Upgrade to newest version of 1.10 kubernetes and release
Certificates generation and vagrant output shout be directed to a file in a log directory.
Eg.
vagrant up --debug &> logs/vagrant_$(date)_log
The var internal_ip in the install-etcd.sh is based on a grep on ifconfig. This is risky. The info is already in the generated host file. Grep ip from hosts via $(hostname).
Make a small example deployment that gets Promethues up and running.
When provitioning more then one loadbalancer, the script will create rbac objects.
This should only be done on the first node.
I should be able to define the information going into the certificates, in the config file.
The todo was done. Remove the todo about copying certs to node. That's done by vagrant.
Once the cluster is provisioned, one might want to add yet another worker node. We should have a guide and some scripts for doing this.
how to get kubernetes dashboard from local host.
We need to generate encryption key and an encryption config suitable for encrypting Kubernetes Secrets.
As described in https://github.com/kelseyhightower/kubernetes-the-hard-way/blob/master/docs/06-data-encryption-keys.md
This should be copied to the master nodes by Vagrant.
The script should install the API servers in accordance with kubernetes the hard way
Hi,
How to make use of own private docker registry or export/import of docker image for deployment. Is it possible for both the methods.
Regards,Vikas
Hi,
Please provide password for vagrant boxes to do scp.
Regards,Vikas
Hi,
when i executed kubectl get nodes, master node is missing and nodes are not ready.
Regards,Vikas
Hi,
$vagrant ssh k8s-master-1
The machine with the name 'k8s-master-1' was not found configured for
this Vagrant environment.
unable to do ssh to the machine.
Regards,Vikas
Hi,
Getting below message, firewall is disabled in host machine
docker@node2:~/kubernetes_the_easy_way$ kubectl get nodes
Unable to connect to the server: dial tcp 192.168.50.20:6443: getsockopt: no route to host
Regards,Vikas
The old scripts in the scripts folder is legacy from another project that uses kube-adm. The should be deleted.
Hi,
cluster setup for the first time works fine, when we do vagrant halt it shutdown properly.
For the next attempt when we do vagrant up, we are getting below message
### Unable to connect to the server: dial tcp 192.168.50.20:6443: i/o timeout,
what needs to be done for the same.
Describe how to upgrade cluster components like kubelet, kube-apiserver ect. manually.
Worker nodes should be installed in accordance with kubernetes the hard way.
The network range 20.0.0.0/16 is in the public network area (this is owned by Microsoft)
https://en.wikipedia.org/wiki/Private_network
In time, this should be configurable in the config
file
Right now each host needs to look into a host file and do a lot of jumps to configure itself.
I think it would be smart to generate an install config file that is copied to each host, and used by the install script.
It will make it easier to add more nodes, as it is only to generate a config and then run the same script as the others
It will also make it easier later, to use the scripts outside of this project, or with a provitioning master.
Traefik should connect to the masters hostname, not ip. This hostname should be valid with regards to the certificate, which its not right now.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.