Table of Contents
Introduction
Kubernetes on CentOS, In your earlier guide we have a walkthrough k8s installation on a Ubuntu Server. Right now let’s try on a CentOS 7 version.
Kubernetes is a container orchestrator used to deploy container-based application upon the requirement for developers and system administrators. Kubernetes licenced under Apache License 2.0 to manage the containerized applications across multiple hosts. It allows us to deploy, manage and scale the application on the fly.
Kubernetes API | API consist of many objects like Pods, controllers, Services and Storage. |
Pods | Single collection of containers to deploy a container based application. |
Controllers | This used to keep the pods in the desired state. This creates and managed the pods for us. The controller is responsible to keep the replica sets up and running. In case of any one of pod failure, it will check the health and recreate the pod. |
Services | This help to connect (Network) between pods with different services. And help to expose to outside users. |
Storage | Persistent storage for the pods. |
Kuberenetes Cluster Components
Let’s see the component of master and nodes separately.
- Master
- Node
- Scheduler/Add Ons
Master Server
Master server components are as follows.
- Control-plane
- API Server
- etcd | Cluster Store
- Scheduler
- Controller Manager
- Kubelet
- Kube-Proxy
- container Runtime
Control plane | The control plane manages the worker nodes and the Pods in the cluster. This will be installed with kubectl. |
API Server | Central and run with a RESTful and updates the etcd. |
etcd | Key-value store to save all of the cluster data. |
Scheduler | Schedules pods and resources, monitor for newly created Pods and assign them to run on any nodes. |
Controller Manager | Monitor and update the API server, ReplicaSet, LifeCycle functions and desired state. |
Kubelet | The agent runs on each node in the cluster to make sure the Containers are running in a Pod. |
Kube-Proxy | The Network proxy that runs on each node in our cluster. |
Container Runtime | To run the containers like Docker, RTK etc. |
Nodes (minions)
Node server components are as follows.
- Kubelet
- Kube-Proxy
- container Runtime
Kubelet | Look for any changes with API server, Responsible for Pod LifeCycle, Reports Node & Pod State. |
Kube-Proxy | Network proxy with iptables, Implements services, routing traffic to Pods, Load balancing |
Container Runtime | Download the images and run containers, Container Runtime Interface, Docker etc. |
Scheduler/Add Ons
The scheduler/AddOns include with DNS, Ingress and Dashboard.
- The scheduler and add-ons consist of DNS pod which will help to provide service.
- Ingress controller which provide a load balancing service
- And a Dashboard
System Configuration for Kubernetes on Centos
Operating System | CentOS 7 |
Minimum CPU | 4 vCPU |
Minimum Memory | 4 GB |
Swap | Disabled |
Minimum Disk size | 100 GB |
Additionally, we need a Container Runtime Interface (CRI). In our case, we are using popular CRI Docker.
Disable SELinux
Instead of totally disabling SELinux just changed the mode from enforcing to permissive. It’s required for setting up with Kubernetes on CentOS.
# sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
Using sed, we have done a search and replaced the configuration change.
Disable Swap
An important step in Kubernetes on CentOS installation is we need to disable the Swap. The reason behind disabling the swap is you need to use the complete resources, there is nothing required to do a swapping.
First, disable the swap by running swapoff all. By following edit the FSTAB and remove or comment the swap entry. At last, remove the logical volume used for Swap.
# swapoff -a
# vi /etc/fstab
# lvremove /dev/centos/swap
Right after disabling swap remove the swap parameter from GRUB command line and rebuild the grub.
# vi /etc/default/grub
Remove the rd.lvm.lv=centos/swap
from the GRUB_CMDLINE_LINUX
line.
# grub2-mkconfig -o /boot/grub2/grub.cfg
To make the changes effective we need to take a reboot.
Bridging Container traffics
Allow the containers to talk with other network segments, by adding below bridge sysctl configurations.
cat <<EOF> /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
# sysctl -p /etc/sysctl.d/k8s.conf
This will load the added kernel parameters at runtime.
Firewall and Ports
Kuberenetes on CentOS required few of ports in both master and nodes.
Master server to Nodes
Component | Ports (tcp) | Used By |
API | 6443/tcp | All |
etcd | 2379-2380 | API/etcd |
scheduler | 10251 | Self |
Controller Manager | 10252 | Self |
Kubelet | 10250 | Control Plane |
Add the ports using firewalld and reload.
# firewall-cmd --permanent --add-port={6443,10250,10251,10252,2379-2380}/tcp
# firewall-cmd --reload
# firewall-cmd --list-all
Node to Master
The list of ports in node side is as follows.
Component | Ports (tcp) | Used By |
Kubelet | 10250 | Control Plane |
NodePort | 30000-32767 | All |
These are the ports required in node (minion) side. Add the required ports and reload to make it effective.
# firewall-cmd --permanent --add-port={10250,30000-32767}/tcp
# firewall-cmd --reload
# firewall-cmd --list-all
Adding Repositories
Once we are good with pre-requisites its good to start with adding the Kuberenets repository.
# vim /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
Google provides the required repositories.
Steps to follow for Kubernetes on Centos
- Install the Kubernetes required packages
- Create our first Cluster by running init.
- Configure the Pod Networking from YAML file.
- Join Nodes to our new cluster
Required packages – Install these all packages on all the nodes.
kubelet | The component that runs on all of the machines in your cluster and does things like starting pods and containers. |
kubeadm | The command to bootstrap the cluster. |
kubectl | The command line utility to talk with your cluster. |
docker | Container Runtime Interface (CRI) |
Starting with Installation
To Start with the Kubernetes on CentOS installation, initially we need to resolve docker packages on all the nodes. Enable the Docker repository and install the docker package on master and nodes as well.
# yum install -y yum-utils device-mapper-persistent-data lvm2
# yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
# yum install docker-ce docker-ce-cli containerd.io
Once docker packages are in place, install the k8s packages.
# yum install -y kubelet kubeadm kubectl docker.io --disableexcludes=kubernetes
Enable the docker and kubelet services persistently.
# systemctl enable docker
# systemctl start docker
# systemctl enable --now kubelet
Initialize the kubernetes Cluster
Start with initializing the Kubernetes cluster by running kubeadm
command with options by defining pod network.
# kubeadm init --pod-network-cidr=192.168.0.0/16
Long output has been truncated.
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 192.168.0.191:6443 --token wsuwj4.x4lv92m3v3viwxdo --discovery-token-ca-cert-hash sha256:c1c4080ef1395bc714cc1232b9cf27e4953d757211bb4435d6e40f22c3360043
[root@k8smaster ~]#
To run kubectl commands from any normal account we need to follow below steps. For demonstration purpose, let’s create a normal user and switch to it.
# groupadd -g 5000 sysadmins
# useradd -u 5000 -g 5000 sysadmins
# passwd sysadmins
Add the user into sudo configuration to escalate the privilege. Finally, copy the configuration file under user home and change the require ownership.
$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
Getting Pod Network files
After initialising the cluster, it’s time to create the network for pods. Using a YAML file we are about to create a pod network. In our setup let’s use calico.
Download the Role Base access control and calico pod network YAML files from the calico official website.
# wget https://docs.projectcalico.org/v3.3/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
# wget https://docs.projectcalico.org/v3.10/manifests/calico.yaml
Creating Pod Networks
Create role based access control and pod network using downloaded yaml files.
# kubectl apply -f rbac-kdd.yaml
# kubectl apply -f calico.yaml
[root@k8smaster ~]# kubectl apply -f rbac-kdd.yaml
clusterrole.rbac.authorization.k8s.io/calico-node created
clusterrolebinding.rbac.authorization.k8s.io/calico-node created
[root@k8smaster ~]#
Environment Variable for Kubectl
By default bash-completion will not complete the available options for kubectl command, We need to append with completion under .bashrc
and source the file to activate the completion.
# echo "source <(kubectl completion bash)" >> ~/.bashrc
# source ~/.bashrc
This helps to run kubectl with TAB TAB to print the available options.
Join Nodes to the Cluster
Log in to each node and run the below command. This will join the nodes with the master server.
# kubeadm join 192.168.0.191:6443 --token wsuwj4.x4lv92m3v3viwxdo --discovery-token-ca-cert-hash sha256:c1c4080ef1395bc714cc1232b9cf27e4953d757211bb4435d6e40f22c3360043
That’s it, we have completed with the kuberentes cluster setup. Let’s now verify.
Verify the Cluster
Right after completing with the setup, let switch back to Kubernetes master server and verify the added nodes by running kubectl get nodes
.
[root@k8smaster ~]# kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8smaster.linuxsysadmins.local Ready master 22m v1.18.0
k8snode1.linuxsysadmins.local Ready 4m41s v1.18.0
k8snode2.linuxsysadmins.local Ready 4m18s v1.18.0
[root@k8smaster ~]#
To print the underlying namespaces use
# kubectl get pods --all-namespaces
[root@k8smaster ~]# kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system calico-kube-controllers-dc4469c7f-f794n 1/1 Running 0 4d6h
kube-system calico-node-dq4m9 0/1 Running 0 4d6h
kube-system calico-node-hdlss 0/1 Running 0 4d6h
kube-system calico-node-rzwkb 0/1 Running 0 4d6h
kube-system coredns-66bff467f8-gkwgb 1/1 Running 0 4d6h
kube-system coredns-66bff467f8-pz4xc 1/1 Running 0 4d6h
kube-system etcd-k8smaster.linuxsysadmins.local 1/1 Running 0 4d6h
kube-system kube-apiserver-k8smaster.linuxsysadmins.local 1/1 Running 0 4d6h
kube-system kube-controller-manager-k8smaster.linuxsysadmins.local 1/1 Running 0 4d6h
kube-system kube-proxy-5r556 1/1 Running 0 4d6h
kube-system kube-proxy-ctgsq 1/1 Running 0 4d6h
kube-system kube-proxy-sbc29 1/1 Running 0 4d6h
kube-system kube-scheduler-k8smaster.linuxsysadmins.local 1/1 Running 0 4d6h
[root@k8smaster ~]#
That’s it, we have successfully completed with Kubernetes on Centos installation and configuration.
Right now we don’t have any pods, let us go through creating pods on our next guide in the same series.
Conclusion
Setting up a Kubernetes on Centos can be accomplished in a few steps. We have covered Ubuntu installation earlier and now done with CentOS Installation. Let’s focus on creating our first application and much more topics on Kubernetes in upcoming articles. Subscribe to our newsletter to keep posted.