Tulisan ini berisi catatan cara aku setup kubernetes diatas lxd/lxc. Catatan ini hanya akan setup 1 master dan 1 worker.
Host Info:
➜ ~ inxi -b
System: Host: sysadmin-pc Kernel: 5.4.12-1-MANJARO x86_64 bits: 64 Desktop: KDE Plasma 5.17.5 Distro: Manjaro Linux
Machine: Type: Desktop Mobo: ECS model: H81H3-M4 v: 1.0 serial: <root required> UEFI: American Megatrends v: 4.6.5
date: 05/21/2015
CPU: Dual Core: Intel Core i3-4160 type: MT MCP speed: 1439 MHz min/max: 800/3600 MHz
Graphics: Device-1: Intel 4th Generation Core Processor Family Integrated Graphics driver: i915 v: kernel
Display: x11 server: X.Org 1.20.7 driver: intel unloaded: modesetting resolution: 2560x1080~60Hz
OpenGL: renderer: Mesa DRI Intel Haswell v: 4.5 Mesa 19.3.2
Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet driver: r8168
Drives: Local Storage: total: 577.55 GiB used: 343.00 GiB (59.4%)
Info: Processes: 355 Uptime: 40m Memory: 6.72 GiB used: 4.79 GiB (71.3%) Shell: zsh inxi: 3.0.37
Yang pertama harus disiapkan adalah node master untuk control plane.
Dari host PC, aku launch lxc container untuk node master, kuberi nama kmaster. Berikut ini langkah demi langkahnya:
➜ ~ lxc launch ubuntu:18.04 kmaster
➜ ~ lxc stop kmaster
➜ ~ lxc config device add kmaster "kmsg" unix-char source="/dev/kmsg" path="/dev/kmsg"
➜ ~ lxc config show kmaster > kmaster.config
➜ ~ vim kmaster.config
# tambahkan config berikut ini:
limits.memory.swap: "false"
linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay
raw.lxc: "lxc.apparmor.profile=unconfined\nlxc.cap.drop= \nlxc.cgroup.devices.allow=a\nlxc.mount.auto=proc:rw
sys:rw"
security.nesting: "true"
security.privileged: "true"
# end of tambahkan
➜ ~ lxc config edit kmaster < kmaster.config
➜ ~ lxc start kmaster
➜ ~ lxc exec kmaster -- bashDari dalam kmaster, aku install docker, kubelet, kubeadm, dan kubectl
root@kmaster:~# apt update
root@kmaster:~# apt install docker.io
root@kmaster:~# docker --version
root@kmaster:~# apt install curl
root@kmaster:~# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add
root@kmaster:~# apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
root@kmaster:~# apt-get install kubeadm kubelet kubectl
root@kmaster:~# apt-mark hold kubeadm kubelet kubectl
root@kmaster:~# kubeadm init --pod-network-cidr=10.244.0.0/16
root@kmaster:~# mkdir -p $HOME/.kube
root@kmaster:~# cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
root@kmaster:~# chown $(id -u):$(id -g) $HOME/.kube/config
root@kmaster:~# kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymlYang kedua harus disiapkan adalah node worker
Dari host PC, aku launch lxc container untuk node worker, kuberi nama kworker1. Berikut ini langkah demi langkahnya:
➜ ~ lxc launch ubuntu:18.04 kworker1
➜ ~ lxc stop kworker1
➜ ~ lxc config device add kworker1 "kmsg" unix-char source="/dev/kmsg" path="/dev/kmsg"
➜ ~ lxc config show kworker1 > kworker1.config
➜ ~ vim kworker1.config
# tambahkan config berikut ini:
limits.memory.swap: "false"
linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay
raw.lxc: "lxc.apparmor.profile=unconfined\nlxc.cap.drop= \nlxc.cgroup.devices.allow=a\nlxc.mount.auto=proc:rw
sys:rw"
security.nesting: "true"
security.privileged: "true"
# end of tambahkan
➜ ~ lxc config edit kworker1 < kworker1.config
➜ ~ lxc start kworker1
➜ ~ lxc exec kworker1 -- bashDari dalam kworker1, aku install docker, kubelet, kubeadm, dan kubectl
root@kworker1:~# apt update
root@kworker1:~# apt install docker.io
root@kworker1:~# docker --version
root@kworker1:~# apt install curl
root@kworker1:~# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add
root@kworker1:~# apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
root@kworker1:~# apt-get install kubeadm kubelet kubectl
root@kworker1:~# apt-mark hold kubeadm kubelet kubectl
root@kworker1:~# kubeadm join 10.170.160.215:6443 --token 4z3630.jbsf9pl43ftoh8vj --discovery-token-ca-cert-hash sha256:d8f06587bd4dfc2d8ffee741927d50743103ed02e7704550187ba807df47f99aif we forgot join token, we can generate new one with this command in kmaster:
root@kmaster:~# kubeadm token create --print-join-command 2>/dev/null