Kubernetes: Instalação Online usando repositórios públicos
Dica: Caso você não tenha acesso ao repositório na internet, veja o artigo Kubernetes: Instalação Offline ou Instalação usando repositórios privados
Docker
Instalando o Docker
1) Criar arquivo /etc/yum.repos.d/docker-ce.repo, com o conteúdo:
[docker-ce] name=Docker CE Stable - $basearch baseurl=https://download.docker.com/linux/centos/7/$basearch/stable #baseurl=http://repomirror.company.com/docker-mirror/linux/centos/7/$basearch/stable/ enabled=1 gpgcheck=1 gpgkey=https://download.docker.com/linux/centos/gpg #gpgkey=http://repomirror.company.com/docker-mirror/linux/centos/gpg
2) Instalando os pacotes no CentOS
yum install -y docker-ce-18.06.3
3) Remover o arquivoo
/etc/yum.repos.d/docker-ce.repo
Configuração pós-instalação
1) Tuning do SO
sysctl -a | grep may_detach_mounts
Se o valor for diferente de "fs.may_detach_mounts = 1", ajustar:
echo 1 > /proc/sys/fs/may_detach_mounts echo fs.may_detach_mounts=1 > /usr/lib/sysctl.d/99-docker.conf
3) Editar o arquivo /etc/docker/daemon.json e configurar o devicemapper storage driver.
- Importante: No meu caso precisava utilizar um repositório interno, então adicionei a variável insecure-registries.
mkdir -p /etc/docker
cat <<EOF >> /etc/docker/daemon.json
{
"bip": "1.1.1.1/16",
"insecure-registries": ["repomirror.company.com:5001"],
"storage-driver": "devicemapper",
"storage-opts": [
"dm.thinpooldev=/dev/mapper/dockerVg-thinpoolLv",
"dm.use_deferred_removal=true",
"dm.use_deferred_deletion=true"
]
}
EOF
4) Start o Docker
systemctl start docker
5) Verificando as configurações
docker info
6) Se tudo estiver correto ajustar para iniciar automaticamente
systemctl enable docker
Verificando problemas
Inspecionando os logs do docker:
journalctl -ul docker
Kubernetes
Instalando o Kubernetes
1) Criar arquivo /etc/yum.repos.d/kubernetes.repo, com o conteúdo:
[kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude=kube*
2) Instalando os pacotes no CentOS
yum install -y kubelet-1.11.9 kubeadm-1.11.9 kubectl-1.11.9
3) Remover o arquivoo
/etc/yum.repos.d/kubernetes.repo
Create a kubeadm-config.yaml
Criar arquivo kubeadm-config.yaml, com o conteúdo:
apiVersion: kubeadm.k8s.io/v1alpha2
kind: MasterConfiguration
apiServerExtraArgs:
enable-admission-plugins: PodSecurityPolicy
kubernetesVersion: v1.11.9
networking:
# This CIDR is a Calico default. Substitute or remove for your CNI provider.
podSubnet: "192.168.0.0/16"
Initialize the master.
kubeadm init --config=kubeadm-config.yaml
To make kubectl work,
mkdir -p $HOME/.kube cp -i /etc/kubernetes/admin.conf $HOME/.kube/config chown $(id -u):$(id -g) $HOME/.kube/config
Anote a mensagem com o token para adicionar os demais nodes
kubeadm join --token token master-ip:master-port --discovery-token-ca-cert-hash sha256:hash
For HCL Component pack
If you enabled the PodSecurityPolicy admission plugin in step 6, then you need to download the Component Pack installation zip to the master node, extract the file privileged-psp-with-rbac.yaml and apply it so that system pods are able to start in the kube-system namespace:
unzip -p IC-ComponentPack-6.0.0.8.zip cd microservices_connections/hybridcloud/support/psp/
To allow system pods to start in the kube-system namespace, apply the yaml file:
kubectl apply -f privileged-psp-with-rbac.yaml
Instalar o Calico Network
kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
Adicionar os demais nodes
Execute o comando com o token para adicionar os demais nodes
kubeadm join --token token master-ip:master-port --discovery-token-ca-cert-hash sha256:hash