{"id":160,"date":"2017-04-12T22:00:18","date_gmt":"2017-04-12T14:00:18","guid":{"rendered":"http:\/\/www.jsjs.org\/?p=160"},"modified":"2017-04-12T22:00:18","modified_gmt":"2017-04-12T14:00:18","slug":"centos","status":"publish","type":"post","link":"https:\/\/blog.jsjs.org\/?p=160","title":{"rendered":"CentOS"},"content":{"rendered":"<h2 id=\"prerequisites\">Prerequisites<\/h2>\n<p>To configure Kubernetes with CentOS, you\u2019ll need a machine to act as a master, and one or more CentOS 7 hosts to act as cluster nodes.<\/p>\n<h2 id=\"starting-a-cluster\">Starting a cluster<\/h2>\n<p>This is a getting started guide for CentOS. It is a manual configuration so you understand all the underlying packages \/ services \/ ports, etc\u2026<\/p>\n<p>The Kubernetes package provides a few services: kube-apiserver, kube-scheduler, kube-controller-manager, kubelet, kube-proxy. These services are managed by systemd and the configuration resides in a central location: \/etc\/kubernetes. We will break the services up between the hosts. The first host, centos-master, will be the Kubernetes master. This host will run the kube-apiserver, kube-controller-manager and kube-scheduler. In addition, the master will also run <em>etcd<\/em>. The remaining hosts, centos-minion-n will be the nodes and run kubelet, proxy, cadvisor and docker.<\/p>\n<p>All of them run flanneld as networking overlay.<\/p>\n<p><strong>System Information:<\/strong><\/p>\n<p>Hosts:<\/p>\n<p>Please replace host IP with your environment.<\/p>\n<div class=\"language-conf highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"n\">centos<\/span>-<span class=\"n\">master<\/span> = <span class=\"m\">192<\/span>.<span class=\"m\">168<\/span>.<span class=\"m\">121<\/span>.<span class=\"m\">9<\/span>\n<span class=\"n\">centos<\/span>-<span class=\"n\">minion<\/span>-<span class=\"m\">1<\/span> = <span class=\"m\">192<\/span>.<span class=\"m\">168<\/span>.<span class=\"m\">121<\/span>.<span class=\"m\">65<\/span>\n<span class=\"n\">centos<\/span>-<span class=\"n\">minion<\/span>-<span class=\"m\">2<\/span> = <span class=\"m\">192<\/span>.<span class=\"m\">168<\/span>.<span class=\"m\">121<\/span>.<span class=\"m\">66<\/span>\n<span class=\"n\">centos<\/span>-<span class=\"n\">minion<\/span>-<span class=\"m\">3<\/span> = <span class=\"m\">192<\/span>.<span class=\"m\">168<\/span>.<span class=\"m\">121<\/span>.<span class=\"m\">67<\/span>\n<\/code><\/pre>\n<\/div>\n<p><strong>Prepare the hosts:<\/strong><\/p>\n<ul>\n<li>Create a \/etc\/yum.repos.d\/virt7-docker-common-release.repo on all hosts &#8211; centos-{master,minion-n} with following information.<\/li>\n<\/ul>\n<div class=\"language-conf highlighter-rouge\">\n<pre class=\"highlight\"><code>[<span class=\"n\">virt7<\/span>-<span class=\"n\">docker<\/span>-<span class=\"n\">common<\/span>-<span class=\"n\">release<\/span>]\n<span class=\"n\">name<\/span>=<span class=\"n\">virt7<\/span>-<span class=\"n\">docker<\/span>-<span class=\"n\">common<\/span>-<span class=\"n\">release<\/span>\n<span class=\"n\">baseurl<\/span>=<span class=\"n\">http<\/span>:\/\/<span class=\"n\">cbs<\/span>.<span class=\"n\">centos<\/span>.<span class=\"n\">org<\/span>\/<span class=\"n\">repos<\/span>\/<span class=\"n\">virt7<\/span>-<span class=\"n\">docker<\/span>-<span class=\"n\">common<\/span>-<span class=\"n\">release<\/span>\/<span class=\"n\">x86_64<\/span>\/<span class=\"n\">os<\/span>\/\n<span class=\"n\">gpgcheck<\/span>=<span class=\"m\">0<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Install Kubernetes, etcd and flannel on all hosts &#8211; centos-{master,minion-n}. This will also pull in docker and cadvisor.<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code>yum -y install --enablerepo<span class=\"o\">=<\/span>virt7-docker-common-release kubernetes etcd flannel\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Add master and node to \/etc\/hosts on all machines (not needed if hostnames already in DNS)<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"nb\">echo<\/span> <span class=\"s2\">\"192.168.121.9    centos-master\n192.168.121.65    centos-minion-1\n192.168.121.66  centos-minion-2\n192.168.121.67  centos-minion-3\"<\/span> &gt;&gt; \/etc\/hosts\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Edit \/etc\/kubernetes\/config which will be the same on all hosts to contain:<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># logging to stderr means we get it in the systemd journal<\/span>\n<span class=\"nv\">KUBE_LOGTOSTDERR<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--logtostderr=true\"<\/span>\n\n<span class=\"c\"># journal message level, 0 is debug<\/span>\n<span class=\"nv\">KUBE_LOG_LEVEL<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--v=0\"<\/span>\n\n<span class=\"c\"># Should this cluster be allowed to run privileged docker containers<\/span>\n<span class=\"nv\">KUBE_ALLOW_PRIV<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--allow-privileged=false\"<\/span>\n\n<span class=\"c\"># How the replication controller and scheduler find the kube-apiserver<\/span>\n<span class=\"nv\">KUBE_MASTER<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--master=http:\/\/centos-master:8080\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Disable the firewall on the master and all the nodes, as docker does not play well with other firewall rule managers. CentOS won\u2019t let you disable the firewall as long as SELinux is enforcing, so that needs to be disabled first.<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code>setenforce 0\nsystemctl disable iptables-services firewalld\nsystemctl stop iptables-services firewalld\n<\/code><\/pre>\n<\/div>\n<p><strong>Configure the Kubernetes services on the master.<\/strong><\/p>\n<ul>\n<li>Edit \/etc\/etcd\/etcd.conf to appear as such:<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># [member]<\/span>\n<span class=\"nv\">ETCD_NAME<\/span><span class=\"o\">=<\/span>default\n<span class=\"nv\">ETCD_DATA_DIR<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"\/var\/lib\/etcd\/default.etcd\"<\/span>\n<span class=\"nv\">ETCD_LISTEN_CLIENT_URLS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"http:\/\/0.0.0.0:2379\"<\/span>\n\n<span class=\"c\">#[cluster]<\/span>\n<span class=\"nv\">ETCD_ADVERTISE_CLIENT_URLS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"http:\/\/0.0.0.0:2379\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Edit \/etc\/kubernetes\/apiserver to appear as such:<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># The address on the local server to listen to.<\/span>\n<span class=\"nv\">KUBE_API_ADDRESS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--address=0.0.0.0\"<\/span>\n\n<span class=\"c\"># The port on the local server to listen on.<\/span>\n<span class=\"nv\">KUBE_API_PORT<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--port=8080\"<\/span>\n\n<span class=\"c\"># Port kubelets listen on<\/span>\n<span class=\"nv\">KUBELET_PORT<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--kubelet-port=10250\"<\/span>\n\n<span class=\"c\"># Comma separated list of nodes in the etcd cluster<\/span>\n<span class=\"nv\">KUBE_ETCD_SERVERS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--etcd-servers=http:\/\/centos-master:2379\"<\/span>\n\n<span class=\"c\"># Address range to use for services<\/span>\n<span class=\"nv\">KUBE_SERVICE_ADDRESSES<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--service-cluster-ip-range=10.254.0.0\/16\"<\/span>\n\n<span class=\"c\"># Add your own!<\/span>\n<span class=\"nv\">KUBE_API_ARGS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Start ETCD and configure it to hold the network overlay configuration on master: <strong>Warning<\/strong> This network must be unused in your network infrastructure! <code class=\"highlighter-rouge\">172.30.0.0\/16<\/code> is free in our network.<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code>systemctl start etcd\netcdctl mkdir \/kube-centos\/network\netcdctl mk \/kube-centos\/network\/config <span class=\"s2\">\"{ <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">Network<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">: <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">172.30.0.0\/16<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">, <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">SubnetLen<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">: 24, <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">Backend<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">: { <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">Type<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">: <\/span><span class=\"se\">\\\"<\/span><span class=\"s2\">vxlan<\/span><span class=\"se\">\\\"<\/span><span class=\"s2\"> } }\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Configure flannel to overlay Docker network in \/etc\/sysconfig\/flanneld on the master (also in the nodes as we\u2019ll see):<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># Flanneld configuration options<\/span>\n\n<span class=\"c\"># etcd url location.  Point this to the server where etcd runs<\/span>\n<span class=\"nv\">FLANNEL_ETCD_ENDPOINTS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"http:\/\/centos-master:2379\"<\/span>\n\n<span class=\"c\"># etcd config key.  This is the configuration key that flannel queries<\/span>\n<span class=\"c\"># For address range assignment<\/span>\n<span class=\"nv\">FLANNEL_ETCD_PREFIX<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"\/kube-centos\/network\"<\/span>\n\n<span class=\"c\"># Any additional options that you want to pass<\/span>\n<span class=\"c\">#FLANNEL_OPTIONS=\"\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Start the appropriate services on master:<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"k\">for <\/span>SERVICES <span class=\"k\">in <\/span>etcd kube-apiserver kube-controller-manager kube-scheduler flanneld; <span class=\"k\">do\n    <\/span>systemctl restart <span class=\"nv\">$SERVICES<\/span>\n    systemctl <span class=\"nb\">enable<\/span> <span class=\"nv\">$SERVICES<\/span>\n    systemctl status <span class=\"nv\">$SERVICES<\/span>\n<span class=\"k\">done<\/span>\n<\/code><\/pre>\n<\/div>\n<p><strong>Configure the Kubernetes services on the nodes.<\/strong><\/p>\n<p><strong><em>We need to configure the kubelet and start the kubelet and proxy<\/em><\/strong><\/p>\n<ul>\n<li>Edit \/etc\/kubernetes\/kubelet to appear as such:<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># The address for the info server to serve on<\/span>\n<span class=\"nv\">KUBELET_ADDRESS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--address=0.0.0.0\"<\/span>\n\n<span class=\"c\"># The port for the info server to serve on<\/span>\n<span class=\"nv\">KUBELET_PORT<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--port=10250\"<\/span>\n\n<span class=\"c\"># You may leave this blank to use the actual hostname<\/span>\n<span class=\"c\"># Check the node number!<\/span>\n<span class=\"nv\">KUBELET_HOSTNAME<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--hostname-override=centos-minion-n\"<\/span>\n\n<span class=\"c\"># Location of the api-server<\/span>\n<span class=\"nv\">KUBELET_API_SERVER<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"--api-servers=http:\/\/centos-master:8080\"<\/span>\n\n<span class=\"c\"># Add your own!<\/span>\n<span class=\"nv\">KUBELET_ARGS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Configure flannel to overlay Docker network in \/etc\/sysconfig\/flanneld (in all the nodes)<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"c\"># Flanneld configuration options<\/span>\n\n<span class=\"c\"># etcd url location.  Point this to the server where etcd runs<\/span>\n<span class=\"nv\">FLANNEL_ETCD_ENDPOINTS<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"http:\/\/centos-master:2379\"<\/span>\n\n<span class=\"c\"># etcd config key.  This is the configuration key that flannel queries<\/span>\n<span class=\"c\"># For address range assignment<\/span>\n<span class=\"nv\">FLANNEL_ETCD_PREFIX<\/span><span class=\"o\">=<\/span><span class=\"s2\">\"\/kube-centos\/network\"<\/span>\n\n<span class=\"c\"># Any additional options that you want to pass<\/span>\n<span class=\"c\">#FLANNEL_OPTIONS=\"\"<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Start the appropriate services on node (centos-minion-n).<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"k\">for <\/span>SERVICES <span class=\"k\">in <\/span>kube-proxy kubelet flanneld docker; <span class=\"k\">do\n    <\/span>systemctl restart <span class=\"nv\">$SERVICES<\/span>\n    systemctl <span class=\"nb\">enable<\/span> <span class=\"nv\">$SERVICES<\/span>\n    systemctl status <span class=\"nv\">$SERVICES<\/span>\n<span class=\"k\">done<\/span>\n<\/code><\/pre>\n<\/div>\n<ul>\n<li>Configure kubectl<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code>kubectl config <span class=\"nb\">set<\/span>-cluster default-cluster --server<span class=\"o\">=<\/span>http:\/\/centos-master:8080\nkubectl config <span class=\"nb\">set<\/span>-context default-context --cluster<span class=\"o\">=<\/span>default-cluster --user<span class=\"o\">=<\/span>default-admin\nkubectl config use-context default-context\n<\/code><\/pre>\n<\/div>\n<p><em>You should be finished!<\/em><\/p>\n<ul>\n<li>Check to make sure the cluster can see the node (on centos-master)<\/li>\n<\/ul>\n<div class=\"language-shell highlighter-rouge\">\n<pre class=\"highlight\"><code><span class=\"gp\">$ <\/span>kubectl get nodes\nNAME                   LABELS            STATUS\ncentos-minion-1        &lt;none&gt;            Ready\ncentos-minion-2        &lt;none&gt;            Ready\ncentos-minion-3        &lt;none&gt;            Ready\n<\/code><\/pre>\n<\/div>\n<p><strong>The cluster should be running! Launch a test pod.<\/strong><\/p>\n<p>You should have a functional cluster, check out <a href=\"https:\/\/kubernetes.io\/docs\/user-guide\/walkthrough\/\">101<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Prerequisites To configure Kubernetes with CentOS, you\u2019ll need a machine to act as a master, and one or more CentOS [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-160","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/160","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=160"}],"version-history":[{"count":0,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=\/wp\/v2\/posts\/160\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=160"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=160"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jsjs.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=160"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}