Containers series V: Kubernetes - Instalação

5 minute read

Serie de artigos sobre containers (Docker, Docker Compose, Docker Swarm e Kubernetes).

Lab 5 - Kubernetes - Instalação

Orquestrando containers

Kubernetes (k8s), da mesma forma que o Docker Swarm, permite orquestrar containers em um cluster formado por vários servidores. De esta forma conseguimos garantir as seguintes propriedades nos containers gerenciados pelo orquestrador:

tolerância a falhas: se um dos servidores do cluster cair, o container automaticamente será iniciado em outro servidor do cluster
alta disponibilidade: várias réplicas de cada container podem ser executadas em vários servidores do cluster
escalabilidade: o número de réplicas de cada container pode ser aumentado a qualquer momento em funçao da demanda

Microk8s é um Kubernetes pequeno, rápido, seguro e com um único nó (all-in-one) que é instalado em praticamente qualquer computador com Linux. Usado para desenvolvimento off-line, criação de protótipos, testes ou uso em uma VM como um k8s pequeno, barato e confiável para CI/CD.

Pre-reqs

Uma VM com a imagem Ubuntu Linux 18.04
Flavor t2.medium (2 vcpus, 4 GB de memória) ou maior

Instalação

Instalação do microk8s:

 $ sudo snap install microk8s --classic
 microk8s v1.18.0 from Canonical✓ installed

Ajuste de permissões do usuário ubuntu no grupo microk8s:
```
 $ sudo usermod -a -G microk8s ubuntu
 $ sudo reboot
```

Após o reboot, confirmar que o usuário pertence ao grupo microk8s:

$ groups
ubuntu adm dialout cdrom floppy sudo audio dip video plugdev lxd netdev microk8s

Validação

Conferir instalação:

 $ microk8s.status
 microk8s is running
 addons:
 cilium: disabled
 dashboard: disabled
 dns: disabled
 fluentd: disabled
 gpu: disabled
 helm: disabled
 helm3: disabled
 ingress: disabled
 istio: disabled
 jaeger: disabled
 knative: disabled
 kubeflow: disabled
 linkerd: disabled
 metallb: disabled
 metrics-server: disabled
 prometheus: disabled
 rbac: disabled
 registry: disabled
 storage: disabled

Usar o cliente interno do microk8s (microk8s.kubectl):

 $ microk8s.kubectl get all
 NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
 service/kubernetes   ClusterIP   10.152.183.1   <none>        443/TCP   4m5s

Instalação do cliente externo (kubectl):

 $ sudo snap install kubectl --classic
 kubectl 1.18.0 from Canonical✓ installed

Configuracão dos parámetros de acesso (URL, credenciais, etc.) do cliente externo:

 $ microk8s.config > .kube/config
 $ cat .kube/config 
 apiVersion: v1
 clusters:
 - cluster:
     certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURBVENDQWVtZ0F3SUJBZ0lKQUx5UmJTeUd2NjRLTUEwR0NTcUdTSWIzRFFFQkN3VUFNQmN4RlRBVEJnTlYKQkFNTURERXdMakUxTWk0eE9ETXVNVEFlRncweU1EQTBNVFV5TURBek1URmFGdzB5TURBMU1UVXlNREF6TVRGYQpNQmN4RlRBVEJnTlZCQU1NRERFd0xqRTFNaTR4T0RNdU1UQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQCkFEQ0NBUW9DZ2dFQkFNODM5REltV1VLN2JNMWQ1OVR1SThITnRBbVlOQ2hqSStFa0txa2g5T1lPaWV0c0xjbDIKS2p5Ym5nRTJyOHp4M21YeEtGSmhnZGJxVzNmVHpGOGtxNGNKbVdFc0UxKzFtdFRaRUNFU0lrVmFlK3NUbjMvMwo0VWRYckV3SW5tQjJsMDlCRFNXblRBTHBaVUhnSFRvcUhOQmVzTlVlQ3h6Z0dzUWgranRGSlEzMWp4QnNqQnFNCk1EM1ZNRlFCK2FMUW5pSTM0UTZrNm8zZmR5dTArQlhJNHVYR3hldWFBVzViZStidWlPUlQ3a3hhdnZ4bmNsOE4KTFd0aG4wK2hjKzNEUE1DdXhxT2dra0UvRFZCV2trdklsbHBMeG5RLzU3b1BxUHVFVXRzd1hJeGZRMi9EUTBNdwpzZ1pLT0trNzYrby9nakhmaTNtRjArYTJWaUZPcm9FVTVBTUNBd0VBQWFOUU1FNHdIUVlEVlIwT0JCWUVGUE1LCkMyaXl0QkZxVTM3VU1uRXJHZEYrZnoyeU1COEdBMVVkSXdRWU1CYUFGUE1LQzJpeXRCRnFVMzdVTW5FckdkRisKZnoyeU1Bd0dBMVVkRXdRRk1BTUJBZjh3RFFZSktvWklodmNOQVFFTEJRQURnZ0VCQUpRdG5HbGZPVTk5VGdyZgpUNDkxc3hCSUUydVdEVG9Pc3BMVC9hcEFjK1JSdGtlWk1tS1NQNjYzNTFhQnJEamFCem9nblZ6WVNDQWxEU3Y1Cm95bVN3MTBQUms2SGt0QW44YzlFOGFFTHpyOHowZytOVE1sazRDRHNtQTcrN3hpMm1UaEM3bitzMWpXd1Ztd08KUzdRWG05dTIyS2g4MFk4aU1qVHRDdDBTY2I1TFdFVmwyLzRzWHhyQnZiSFBpbllRdjZSdFhvQWxlODFGMmZZLwpjVDg0L0dHNHRJdXd0VlB2b09hS0lKTzZLT1l6a0VzcU81SFdiTnltZ2xpVGxlMEFBLzdEUUprd1c0M0h4clF1CmdoMThrVURtQXpJa2Z0dDV0M1pKVnNJR2xGUnprZXRJK25TVnVYbjhHN0l5NEd5aWdiNmlZcE1EeE9CblhXWG0KbG43L09YZz0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
     server: https://172.31.47.198:16443
   name: microk8s-cluster
 contexts:
 - context:
     cluster: microk8s-cluster
     user: admin
   name: microk8s
 current-context: microk8s
 kind: Config
 preferences: {}
 users:
 - name: admin
   user:
     username: admin
     password: NldvWW5rZGFzY3I4Tkw4SVY4Y25kV3YrR1lXcnZNek1tc2Z2a2prVStEQT0K\

Testar o cliente externo:

 $ kubectl get all --all-namespaces
 NAMESPACE   NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
 default     service/kubernetes   ClusterIP   10.152.183.1   <none>        443/TCP   6m46s

Habilitar o plugins dns:

 $ microk8s.enable dns
 Enabling DNS
 Applying manifest
 serviceaccount/coredns created
 configmap/coredns created
 deployment.apps/coredns created
 service/kube-dns created
 clusterrole.rbac.authorization.k8s.io/coredns created
 clusterrolebinding.rbac.authorization.k8s.io/coredns created
 Restarting kubelet
 DNS is enabled
 Applying manifest
 serviceaccount/kubernetes-dashboard created
 service/kubernetes-dashboard created
 secret/kubernetes-dashboard-certs created
 secret/kubernetes-dashboard-csrf created
 secret/kubernetes-dashboard-key-holder created
 configmap/kubernetes-dashboard-settings created
 role.rbac.authorization.k8s.io/kubernetes-dashboard created
 clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
 rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
 clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
 deployment.apps/kubernetes-dashboard created
 service/dashboard-metrics-scraper created
 deployment.apps/dashboard-metrics-scraper created
 service/monitoring-grafana created
 service/monitoring-influxdb created
 service/heapster created
 deployment.apps/monitoring-influxdb-grafana-v4 created
 serviceaccount/heapster created
 clusterrolebinding.rbac.authorization.k8s.io/heapster created
 configmap/heapster-config created
 configmap/eventer-config created
 deployment.apps/heapster-v1.5.2 created

 If RBAC is not enabled access the dashboard using the default token retrieved with:

 token=$(microk8s kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)
 microk8s kubectl -n kube-system describe secret $token

 In an RBAC enabled setup (microk8s enable RBAC) you need to create a user with restricted
 permissions as shown in:
 https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

Confirmar que os plugins estão habilitados:

$ microk8s.status
microk8s is running
addons:
dashboard: disabled
dns: enabled
cilium: disabled
fluentd: disabled
gpu: disabled
helm: disabled
helm3: disabled
ingress: disabled
istio: disabled
jaeger: disabled
knative: disabled
kubeflow: disabled
linkerd: disabled
metallb: disabled
metrics-server: disabled
prometheus: disabled
rbac: disabled
registry: disabled
storage: disabled

Share on

Twitter Facebook LinkedIn

Jose Castillo Lema

Containers series V: Kubernetes - Instalação

Lab 5 - Kubernetes - Instalação

Orquestrando containers

Pre-reqs

Instalação

Validação

Share on

Comments

You May Also Enjoy

Red Hat OpenShift AI learning

Unleashing the potential of Function as a Service in the cloud continuum

Management orchestrator for a Content-Centric Network in a 6G network

Red Hat Summit 2024