Bonjour

Dans cette partie, nous allons aborder comment déployer un cluster Kubernetes sur 2 machines physiques. Nous allons devoir préparer ces machines en y installant quelques outils

Notre boite à outils :

Préparation

Tout d’abord, nos machines doivent communiquer, dans mon cas, ce sont deux machines connectées en RJ45 directement sur le LAN de ma box internet
je vais les appeler PS1 et PS2 (Physical Server 1, Physical Server 2)

Adresse IPv4 PS1 : 192.168.0.22
Adresse IPv4 PS2 : 192.168.0.23

on va tout de suite mettre ça dans /etc/hosts

192.168.0.22         localhost ps1
192.168.0.23         ps2

Je vais ensuite me connecter en tant que root sur PS1 (ici on va dire que c’est le maître) et générer une clé SSH sans passphrase :

root@ps1:~$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa):
Created directory '/root/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /root/.ssh/id_rsa.

Puis à présent je vais ajouter cette clé sur tous les serveurs y compris PS1

root@ps1:~# ssh-copy-id root@ps2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@ps2's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@ps2'"
and check to make sure that only the key(s) you wanted were added.

root@ps1:~# ssh-copy-id root@ps1
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
root@ps1's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh 'root@ps1'"
and check to make sure that only the key(s) you wanted were added.

Voilà c’est fait. À présent le serveur PS1 peut se connecter sur n’importe quel serveur grâce à sa clé ssh

Bon bah allons-y :

Il existe X façons de déployer un cluster K8S, elles sont toutes aussi bonnes les unes que les autres, mais la plus simple est RKE (par Rancher) c’est ce que nous allons donc utiliser.

on commence par télécharger RKE

Sur PS1:

root@ps1:~# wget https://github.com/rancher/rke/releases/download/v0.1.17/rke_linux-amd64 -O /usr/local/bin/rke && chmod +x  /usr/local/bin/rke

Ensuite on va préparer RKE pour le déploiement

root@ps1:~# mkdir /etc/rke
root@ps1:~# cd /etc/rke

root@ps1:/etc/rke/# rke config
[+] Cluster Level SSH Private Key Path [~/.ssh/id_rsa]:
[+] Number of Hosts [1]: 2
[+] SSH Address of host (1) [none]: 192.168.0.22
[+] SSH Port of host (1) [22]:
[+] SSH Private Key Path of host (192.168.0.22) [none]:
[-] You have entered empty SSH key path, trying fetch from SSH key parameter
[+] SSH Private Key of host (192.168.0.22) [none]:
[-] You have entered empty SSH key, defaulting to cluster level SSH key: ~/.ssh/id_rsa
[+] SSH User of host (192.168.0.22) [ubuntu]: root
[+] Is host (192.168.0.22) a Control Plane host (y/n)? [y]:
[+] Is host (192.168.0.22) a Worker host (y/n)? [n]: y
[+] Is host (192.168.0.22) an etcd host (y/n)? [n]: y
[+] Override Hostname of host (192.168.0.22) [none]: ps1
[+] Internal IP of host (192.168.0.22) [none]:       
[+] Docker socket path on host (192.168.0.22) [/var/run/docker.sock]:
[+] SSH Address of host (2) [none]: 192.168.0.23
[+] SSH Port of host (2) [22]:
[+] SSH Private Key Path of host (192.168.0.23) [none]:
[-] You have entered empty SSH key path, trying fetch from SSH key parameter
[+] SSH Private Key of host (192.168.0.23) [none]:
[-] You have entered empty SSH key, defaulting to cluster level SSH key: ~/.ssh/id_rsa
[+] SSH User of host (192.168.0.23) [ubuntu]: root
[+] Is host (192.168.0.23) a Control Plane host (y/n)? [y]: y
[+] Is host (192.168.0.23) a Worker host (y/n)? [n]: y
[+] Is host (192.168.0.23) an etcd host (y/n)? [n]: y
[+] Override Hostname of host (192.168.0.23) [none]: ps2
[+] Internal IP of host (192.168.0.23) [none]:
[+] Docker socket path on host (192.168.0.23) [/var/run/docker.sock]:
[+] Network Plugin Type (flannel, calico, weave, canal) [canal]: flannel
[+] Authentication Strategy [x509]:
[+] Authorization Mode (rbac, none) [rbac]:
[+] Kubernetes Docker image [rancher/hyperkube:v1.13.4-rancher1]:
[+] Cluster domain [cluster.local]:
[+] Service Cluster IP Range [10.43.0.0/16]:
[+] Enable PodSecurityPolicy [n]:
[+] Cluster Network CIDR [10.42.0.0/16]:
[+] Cluster DNS Service IP [10.43.0.10]:
[+] Add addon manifest URLs or YAML files [no]:

Ceci va donc vous créer un fichier cluster.yaml dans /etc/rke
il vous suffit alors d’exécuter cette commande pour déployer (ça prend 2 minutes):

root@ps1:/etc/rke/# rke up

Oui c’est bien mais où est kubectl ??

Bonne question, à la fin du déploiement vous allez voir un fichier apparaître dans /etc/rke à coté du cluster.yaml, ce fichier s’appelle kube_config_cluster.yml il contient la configuration pour kubectl.

On va donc télécharger kubectl et le configurer

Mais on va détailler.

root@ps1:/etc/rke/# wget https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl -O /usr/local/bin/kubectl && chmod +x /usr/local/bin/kubectl

Et pour la configuration il suffit de rajouter ces lignes dans votre bashrc :

export KUBECONFIG=/etc/rke/kube_config_cluster.yml
export KUBE_EDITOR="nano" # par défaut c’est Vim je crois
source <(kubectl completion bash)

Voilà c’est fini, pour tester votre cluster :

root@ps1:/etc/rke/# kubectl get nodes
NAME           STATUS   ROLES                 AGE   VERSION
ps1   Ready    controlplane,etcd,worker           1d    v1.11.5
ps2   Ready    controlplane,etcd,worker           1d    v1.11.5

Votre cluster est maintenant prêt, à vous de jouer.