update kuber doc
This commit is contained in:
@@ -1,65 +1,82 @@
|
||||
# Kubernetes (K8s) Documentation
|
||||
# 🚢 Kubernetes (K8s) Documentation
|
||||
|
||||
## Overview
|
||||
## 🌐 Overview
|
||||
**Kubernetes (K8s)** is an open-source container orchestration platform designed to automate the deployment, scaling, and operation of containerized applications.
|
||||
|
||||
---
|
||||
|
||||
## Control Plane (CP)
|
||||
The **Control Plane** is the core management component of a Kubernetes cluster. It makes global decisions about the cluster (e.g., scheduling), and it maintains the desired state of the cluster by managing workloads and directing communication within the system.
|
||||
> **Note:** By default, the Control Plane does not directly manage or run application containers.
|
||||
## 🧠 Control Plane (CP)
|
||||
The **Control Plane** is the core management component of a Kubernetes cluster. It makes global decisions about the cluster (e.g., scheduling) and maintains the desired state of the cluster by managing workloads and directing communication within the system.
|
||||
|
||||
### Key Components of the Control Plane:
|
||||
- **API Server (`kube-apiserver`)**:
|
||||
Exposes the Kubernetes API and serves as the entry point to the cluster. It handles communication between internal components and external clients.
|
||||
|
||||
- **Scheduler (`kube-scheduler`)**:
|
||||
Assigns work (e.g., pods) to nodes based on resource availability and policies.
|
||||
> 💡 **Note:** By default, the Control Plane does not directly manage or run application containers.
|
||||
|
||||
- **Controller Manager (`kube-controller-manager`)**:
|
||||
Runs controllers that regulate the state of the cluster (e.g., Node Controller, Replication Controller, etc.).
|
||||
### 🔑 Key Components of the Control Plane
|
||||
|
||||
- **etcd**:
|
||||
A consistent, highly-available key-value store that stores all cluster data, configurations, and states. This is the "database" of Kubernetes.
|
||||
- **API Server (`kube-apiserver`)**
|
||||
Exposes the Kubernetes API and serves as the cluster's entry point. It handles communication between internal components and external clients.
|
||||
|
||||
- **Scheduler (`kube-scheduler`)**
|
||||
Assigns workloads (e.g., Pods) to nodes based on resource availability and defined policies.
|
||||
|
||||
- **Controller Manager (`kube-controller-manager`)**
|
||||
Runs controllers that monitor and regulate the cluster's state, such as the Node Controller and Replication Controller.
|
||||
|
||||
- **etcd**
|
||||
A consistent and highly available key-value store that stores all cluster data, configurations, and state. This is the "database" of Kubernetes.
|
||||
|
||||
---
|
||||
|
||||
## Worker Nodes
|
||||
Worker nodes are the machines where containerized applications run. Each worker node contains essential components for managing containers.
|
||||
## 🧱 Worker Nodes
|
||||
**Worker nodes** are the machines where containerized applications run. Each node contains essential components for managing containers.
|
||||
|
||||
### Key Components of a Worker Node:
|
||||
- **Kubelet**:
|
||||
An agent that ensures containers are running as specified in their Pod definitions. It communicates with the Control Plane to receive and execute tasks.
|
||||
### 🔧 Key Components of a Worker Node
|
||||
|
||||
- **Kube Proxy**:
|
||||
Maintains network rules and handles routing for communication between services within the cluster and with external traffic.
|
||||
- **Kubelet**
|
||||
An agent that ensures containers run as specified in their Pod definitions. It communicates with the Control Plane to execute assigned tasks.
|
||||
|
||||
- **Kube Proxy**
|
||||
Maintains network rules and manages routing for communication within the cluster and with external systems.
|
||||
|
||||
---
|
||||
|
||||
## Data Flow
|
||||
- **Kubelet** and **Kube Proxy** on each worker node communicate with the **API Server** in the Control Plane for task execution and resource updates.
|
||||
- The **Scheduler** assigns pods to nodes based on resource requirements, while the **Controller Manager** ensures that the cluster state remains consistent.
|
||||
## 🔄 Data Flow
|
||||
- **Kubelet** and **Kube Proxy** on each worker node interact with the **API Server** to perform operations and update resource states.
|
||||
- The **Scheduler** selects suitable nodes for pod placement based on available resources.
|
||||
- The **Controller Manager** ensures the actual state of the cluster matches the desired state.
|
||||
|
||||
---
|
||||
|
||||
## Administration Tools
|
||||
- **`kubeadm`**:
|
||||
A tool for bootstrapping Kubernetes clusters. It simplifies the setup and configuration of the Control Plane and worker nodes.
|
||||
## 🛠️ Administration Tools
|
||||
|
||||
- **`kubectl`**:
|
||||
The command-line interface (CLI) for interacting with the Kubernetes API. It is used to manage resources, deploy applications, and inspect cluster components.
|
||||
- **`kubeadm`**
|
||||
A command-line tool to bootstrap and configure Kubernetes clusters. It streamlines the setup of both the Control Plane and worker nodes.
|
||||
|
||||
- **`kubectl`**
|
||||
The CLI for interacting with the Kubernetes API. It's used to deploy apps, inspect cluster resources, and manage configurations.
|
||||
|
||||
---
|
||||
|
||||
## Kubernetes Version Compatibility
|
||||
### Kubernetes and Container Runtimes:
|
||||
- **Kubernetes ≤ 1.23**:
|
||||
Compatible with Docker as the default container runtime.
|
||||
|
||||
- **Kubernetes 1.24 to 1.25**:
|
||||
Docker is not supported as a runtime. These versions require `containerd` or another Container Runtime Interface (CRI) implementation.
|
||||
|
||||
- **Kubernetes ≥ 1.25**:
|
||||
Docker can be installed on the server but must be used indirectly through `containerd` or another CRI-compliant runtime. Docker itself is not a supported runtime.
|
||||
## 🧩 Kubernetes Version Compatibility
|
||||
|
||||
### Kubernetes and Container Runtimes
|
||||
|
||||
- **Kubernetes ≤ 1.23**
|
||||
✅ Compatible with **Docker** as the default container runtime.
|
||||
|
||||
- **Kubernetes 1.24 – 1.25**
|
||||
❌ Docker is **not supported** directly. Use `containerd` or another CRI-compliant runtime.
|
||||
|
||||
- **Kubernetes ≥ 1.25**
|
||||
⚠️ Docker may be installed on the system but must be used **indirectly** through `containerd` or another supported CRI.
|
||||
|
||||
---
|
||||
|
||||
## 👥 Kubernetes Roles
|
||||
|
||||
- **Control Plane (Manager)**
|
||||
Requires an **odd number** of nodes for high availability (e.g., 1, 3, 5, ...). This ensures quorum in distributed consensus.
|
||||
|
||||
- **Worker (none)**
|
||||
These nodes run application workloads and do not participate in control decisions.
|
||||
|
||||
---
|
||||
|
||||
@@ -1,67 +1,161 @@
|
||||
# 🐳 Containerd and Kubernetes Installation Guide
|
||||
|
||||
A comprehensive step-by-step guide for setting up a Kubernetes cluster using **Containerd** as the container runtime. This guide is intended for Ubuntu-based systems.
|
||||
|
||||
---
|
||||
|
||||
# Containerd and Kubernetes Installation Guide
|
||||
## ⚙️ 1. Disable Swap
|
||||
|
||||
## 1. Disable Swap
|
||||
Turn off swap and disable it permanently.
|
||||
Kubernetes requires swap to be disabled for proper scheduling and memory management.
|
||||
|
||||
```bash
|
||||
swapoff -a
|
||||
sed -i '/swap/d' /etc/fstab
|
||||
sudo swapoff -a
|
||||
sudo sed -i '/swap/d' /etc/fstab
|
||||
```
|
||||
## 2. Enable Required Kernel Modules
|
||||
Create a configuration file to load necessary kernel modules and load them temporarily.
|
||||
|
||||
---
|
||||
|
||||
## 🧩 2. Enable Required Kernel Modules
|
||||
|
||||
Load the necessary kernel modules for networking and overlay file systems.
|
||||
|
||||
```bash
|
||||
echo -e "overlay\nbr_netfilter" | sudo tee /etc/modules-load.d/containerd.conf
|
||||
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
|
||||
overlay
|
||||
br_netfilter
|
||||
EOF
|
||||
|
||||
sudo modprobe overlay
|
||||
sudo modprobe br_netfilter
|
||||
```
|
||||
## 3. Enable IPv4 Forwarding
|
||||
Enable IPv4 forwarding in the sysctl configuration and apply the changes.
|
||||
|
||||
---
|
||||
|
||||
## 🌐 3. Enable IPv4 Forwarding
|
||||
|
||||
Enable packet forwarding to allow pods to communicate across the network.
|
||||
|
||||
```bash
|
||||
sed -i 's/#net.ipv4.ip_forward=1/net.ipv4.ip_forward=1/' /etc/sysctl.conf
|
||||
sysctl -p
|
||||
```
|
||||
## 4. Configure Containerd
|
||||
Generate the default configuration for Containerd and modify it to use systemd as the cgroup driver.
|
||||
```bash
|
||||
containerd config default | sudo tee /etc/containerd/config.toml
|
||||
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
|
||||
sudo tee /etc/sysctl.d/99-kubernetes-cri.conf <<EOF
|
||||
net.bridge.bridge-nf-call-iptables = 1
|
||||
net.ipv4.ip_forward = 1
|
||||
net.bridge.bridge-nf-call-ip6tables = 1
|
||||
EOF
|
||||
|
||||
sudo sysctl --system
|
||||
```
|
||||
|
||||
## 5. Install Kubernetes
|
||||
Add the Kubernetes package repository and install the required packages.
|
||||
---
|
||||
|
||||
## 📦 4. Install and Configure Containerd
|
||||
|
||||
Install and configure **Containerd** with `systemd` as the cgroup driver.
|
||||
|
||||
```bash
|
||||
sudo apt-get update && sudo apt-get install -y containerd
|
||||
|
||||
sudo mkdir -p /etc/containerd
|
||||
containerd config default | sudo tee /etc/containerd/config.toml
|
||||
|
||||
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
|
||||
|
||||
sudo systemctl restart containerd
|
||||
sudo systemctl enable containerd
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## ⎈ 5. Install Kubernetes Components
|
||||
|
||||
Add the Kubernetes repository and install the core components: `kubelet`, `kubeadm`, and `kubectl`.
|
||||
|
||||
```bash
|
||||
sudo mkdir -p /etc/apt/keyrings
|
||||
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
|
||||
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
|
||||
|
||||
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
|
||||
|
||||
sudo apt-get update
|
||||
sudo apt-get install -y kubelet kubeadm kubectl
|
||||
sudo apt-mark hold kubelet kubeadm kubectl
|
||||
```
|
||||
## 6. Enable kubelet
|
||||
Enable and start the kubelet service.
|
||||
```bash
|
||||
sudo systemctl enable --now kubelet
|
||||
```
|
||||
## 7. Initialize the Kubernetes Cluster
|
||||
Initialize the Kubernetes control plane with the specified parameters.
|
||||
```bash
|
||||
sudo kubeadm init --control-plane-endpoint 192.168.2.100 --apiserver-advertise-address 192.168.2.100 --pod-network-cidr 10.244.0.0/16 | tee kuber-install.log
|
||||
```
|
||||
## 8. Create Control Plane Join Command
|
||||
Create the control plane join command and save it for later use.
|
||||
```bash
|
||||
sudo kubeadm init phase upload-certs --upload-certs
|
||||
|
||||
Copy the output certificate key and run the following command, replacing <CERTIFICATE_KEY> with the copied key.
|
||||
|
||||
sudo kubeadm token create --certificate-key <CERTIFICATE_KEY> --print-join-command | tee cp-command.txt
|
||||
```
|
||||
## 9. Join Control Plane and Worker Nodes
|
||||
Use the command from cp-command.txt on your control plane nodes to join them. Additionally, get the join command for worker nodes from kuber-install.log and run it on each worker node.
|
||||
|
||||
---
|
||||
|
||||
This revised guide provides clear, step-by-step instructions, making it easier to follow and ensuring all necessary actions are covered.
|
||||
## 🔁 6. Enable Kubelet Service
|
||||
|
||||
Start and enable the kubelet to run on system boot.
|
||||
|
||||
```bash
|
||||
sudo systemctl enable --now kubelet
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 🚀 7. Initialize the Kubernetes Control Plane
|
||||
|
||||
Initialize the cluster. Replace the IP with your master node's IP address.
|
||||
|
||||
```bash
|
||||
sudo kubeadm init \
|
||||
--control-plane-endpoint 192.168.2.100 \
|
||||
--apiserver-advertise-address 192.168.2.100 \
|
||||
--pod-network-cidr 10.244.0.0/16 | tee kuber-install.log
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 🛠 8. Configure kubectl Access
|
||||
|
||||
Set up `kubectl` for the current (non-root) user.
|
||||
|
||||
```bash
|
||||
mkdir -p $HOME/.kube
|
||||
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
|
||||
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
## 🧾 9. Create Control Plane Join Command
|
||||
|
||||
Generate a command for other control plane nodes to join the cluster.
|
||||
|
||||
```bash
|
||||
sudo kubeadm init phase upload-certs --upload-certs
|
||||
```
|
||||
|
||||
Copy the **certificate key** from the output above and run:
|
||||
|
||||
```bash
|
||||
sudo kubeadm token create --certificate-key <CERTIFICATE_KEY> --print-join-command | tee cp-command.txt
|
||||
```
|
||||
|
||||
Replace `<CERTIFICATE_KEY>` with the actual key.
|
||||
|
||||
---
|
||||
|
||||
## 🧑🤝🧑 10. Join Control Plane and Worker Nodes
|
||||
|
||||
* **Control Plane Nodes**: Use the command from `cp-command.txt` on each node.
|
||||
* **Worker Nodes**: Use the `kubeadm join` command printed at the end of the `kubeadm init` output or found in `kuber-install.log`.
|
||||
|
||||
---
|
||||
|
||||
## ✅ Final Step: Install a Pod Network Add-on
|
||||
|
||||
Choose and apply a pod network add-on (e.g., Flannel, Calico, Cilium). Here's an example with Flannel:
|
||||
|
||||
```bash
|
||||
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
|
||||
```
|
||||
|
||||
---
|
||||
|
||||
🎉 **Your Kubernetes cluster is now up and running!**
|
||||
Ensure all nodes are ready by running:
|
||||
|
||||
```bash
|
||||
kubectl get nodes
|
||||
```
|
||||
|
||||
|
||||
Reference in New Issue
Block a user