Docker+K8S cluster environment construction and distributed application deployment

1. Install Docker

yum install docker
#Start the service systemctl start docker.service
systemctl enable docker.service
#Test docker version

2. Install etcd

yum install etcd -y
#Start etcd
systemctl start etcd
systemctl enable etcd
#Enter the following command to check the health status of etcd etcdctl -C http://localhost:2379 cluster-health
#Install Kubernetes
yum install kubernetes -y

After installation, edit the file /etc/kubernetes/apiserver and remove the ServiceAccount after KUBE_ADMISSION_CONTROL, such as:

KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,NamespaceExists,LimitRanger,SecurityContextDeny,ResourceQuota"

Then start the following programs (Master):

systemctl start kube-apiserver
systemctl enable kube-apiserver
systemctl start kube-controller-manager
systemctl enable kube-controller-manager
systemctl start kube-scheduler
systemctl enable kube-scheduler

Next, start the Node program:

systemctl start kubelet
systemctl enable kubelet
systemctl start kube-proxy
systemctl enable kube-proxy

In this way, a simple K8S cluster environment has been built. We can run the following command to view the cluster status.

However, the cluster environment does not work well at present, because the network of pods in the cluster needs to be managed uniformly, so an overlay network flannel needs to be created.

1. Install flannel:

yum install flannel -y

2. Edit the file /etc/sysconfig/flanneld and add the following code:

--logtostderr=false --log_dir=/var/log/k8s/flannel/ --etcd-prefix=/atomic.io/network --etcd-endpoints=http://localhost:2379 --iface=enp0s3

The -iface corresponds to the name of the network card.

3. Configure the key for flanneld in etcd

Flannel uses etcd for configuration to ensure configuration consistency among multiple flannel instances, so the following configuration needs to be performed on etcd:

etcdctl mk /atomic.io/network/config '{ "Network": "10.0.0.0/16" }'

/atomic.io/network/config This key corresponds to the configuration item FLANNEL_ETCD_PREFIX in /etc/sysconfig/flannel above. If it is wrong, the startup will fail.)

Network is used to configure the network segment. It cannot conflict with the physical machine IP. It can be defined arbitrarily, and try to avoid the physical machine IP segment.

4. Start the modified flannel, and restart docker and kubernete in turn:

systemctl enable flanneld 
systemctl start flanneld
service docker restart
systemctl restart kube-apiserver
systemctl restart kube-controller-manager
systemctl restart kube-scheduler
systemctl enable flanneld
systemctl start flanneld
service docker restart
systemctl restart kubelet
systemctl restart kube-proxy

In this way, when we deploy the application into a Docker container, we can access the container through the physical IP.

Distributed application deployment

1. Build a framework based on SpringBoot, which will not be described here. By default it is already built.
2. Write a Dockerfile. The content example is as follows:

#Download the java8 image FROM java:8
#Mount local files to the /tmp directory VOLUME /tmp
#Copy the file to the container ADD demo-0.0.1-SNAPSHOT.jar /demo.jar
#Expose port 8080 EXPOSE 8080
#Configure the command to be executed after starting the container ENTRYPOINT ["java","-jar","/demo.jar"]

Create an image using the docker build command:

docker build -t demo .

At this point, we execute docker images and we will see the image we just built, such as:

Deploy SpringBoot applications using K8S

1. Create the rc file demo-rc.yaml:

apiVersion: v1
kind: ReplicationController
metadata:
 name: demo
spec:
 # Number of nodes. Setting it to multiple can achieve load balancing. replicas: 1
 selector:
  app: demo
 template:
  metadata:
   labels:
    app: demo
  spec:
   containers:
   - name: demo
    #Image nameimage: demo
    #If there is a local image, the image will not be pulled from the warehousePullPolicy: IfNotPresent
    ports:
    - containerPort: 8080

Run the following command to create a pod:

kubectl create -f demo-rc.yaml

After successful creation, we can view the pod:

ContainerCreating prompts that it is being created. You can view the creation log at this time:

It can be found that he prompts: redhat-cat.crt does not exist. Let's first check the file through the ll command:

It can be found that the file is a link file, which points to /etc/rhsm/ca/redhat-uep.pem, but this file does not exist. So where did this file come from? The answer is in this path. We need to install the rhsm software. Run the command to install it:

yum install *rhsm* -y

After waiting for a while, the installation is complete.

After the installation is complete, execute the ll command to check whether the file exists:

[root@MiWiFi-R3-srv ~]# ll /etc/rhsm/ca/redhat-uep.pem
ls: cannot access /etc/rhsm/ca/redhat-uep.pem: No such file or directory

We found that there is still no file, but we can create it manually:

touch /etc/rhsm/ca/redhat-uep.pem

After completing the above operations, we first delete rc and then create it:

[root@MiWiFi-R3-srv ~]# kubectl delete rc demo
replicationcontroller "demo" deleted
[root@MiWiFi-R3-srv ~]# kubectl create -f demo-rc.yaml 
replicationcontroller "demo" created

After waiting for a while, we checked po again and found that it had started successfully:

[root@MiWiFi-R3-srv ~]# kubectl get po
NAME READY STATUS RESTARTS AGE
demo-hdmxs 1/1 Running 0 1m

At this point, we cannot access the application through the LAN, and we need to create a Service:

1. Create a service file demo-svc.yaml:

apiVersion: v1
kind: Service
metadata:
 name: demo
spec:
 type: NodePort
 ports:
 - port: 8080
  targetPort: 8080
  # The port that the node exposes to the outside world (must be in the range of 30000-32767)
  nodePort: 30001
 selector:
  app: demo

2. Execute the command:

[root@MiWiFi-R3-srv ~]# kubectl create -f demo-svc.yaml 
service "demo" created

3. We can view the service we just created:

At this point, we can access the application through ip:30001, as shown in the figure:

If you cannot access it, you need to turn off the firewall:

systemctl stop firewalld
iptables -P FORWARD ACCEPT

This is the end of this article about Docker+K8S cluster environment construction and distributed application deployment. For more relevant Docker K8S cluster environment construction content, please search for previous articles on 123WORDPRESS.COM or continue to browse the following related articles. I hope you will support 123WORDPRESS.COM in the future!