How to Setup up Kubernetes 1.5 with kubeadm on CentOS

New version of Kubernetes is out, so here we are with another Kubernetes article. With Kubernetes 1.5, the kubeadm is still in alpha, and it is not recommended to use it in production as it still does not support load balancer. We are going to install well known online sock shop as a demo, and we will use nodeport to expose the service.

Installing Kubernetes 1.5 on all nodes

Lets add kubernetes repository for CentOS:

cat <<EOF > /etc/yum.repos.d/kubernetes.repo

[kubernetes]

name=Kubernetes baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 EOF

After adding the repo, we need to turn off SElinux because it does not play very well with kubernetes. To turn off it momentarily, type

setenforce 0

To make it persist after reboot, use nano to edit SElinux config file like this:

nano /etc/selinux/config

and make sure SELINUX line is set to permissive or disabled:

SELINUX=disabled

Save the file and we can continue to installing the required packages.

yum install docker kubelet kubeadm kubectl kubernetes-cni

To enable docker auto start at boot, run this command:

systemctl enable docker

And to start it now, run the following.

systemctl start docker

Next lets do the same for kubelet

systemctl enable kubelet

systemctl start kubelet

Setting up the cluster

First thing we need to do is decide the master of our new cluster. If all nodes are set up like above is shown, next we run our designated master node the following command.

kubeadm init

Note that you can not run this command twice, you will need to tear down the cluster before running it second time. The output will be similar to this:

[root@centos-01 kubernetes]# kubeadm init
[kubeadm] WARNING: kubeadm is in alpha, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] WARNING: firewalld is active, please ensure ports [6443 9898 10250] are open or your cluster may not function correctly
[init] Using Kubernetes version: v1.5.1
[tokens] Generated token: "9a6b48.b4011ffeeb237381"
[certificates] Generated Certificate Authority key and certificate.
[certificates] Generated API Server key and certificate
[certificates] Generated Service Account signing keys
[certificates] Created keys and certificates in "/etc/kubernetes/pki"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/admin.conf"
[apiclient] Created API client, waiting for the control plane to become ready
[apiclient] All control plane components are healthy after 105.821991 seconds
[apiclient] Waiting for at least one node to register and become ready
[apiclient] First node is ready after 4.505809 seconds
[apiclient] Creating a test deployment
[apiclient] Test deployment succeeded
[token-discovery] Created the kube-discovery deployment, waiting for it to become ready
[token-discovery] kube-discovery is ready after 68.003359 seconds
[addons] Created essential addon: kube-proxy
[addons] Created essential addon: kube-dns

Your Kubernetes master has initialized successfully!

You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
http://kubernetes.io/docs/admin/addons/

You can now join any number of machines by running the following on each node:

kubeadm join --token=9a6b48.b4011ffeeb237381 45.55.128.42

Installing pod network and adding nodes to a cluster

In the above part, we initialized the cluster master, and we got in the last line command with a token that we will use to add nodes. But before we do that, we need to install pod network.

kubectl apply -f https://git.io/weave-kube

There are lots of ways to have pod network, but above one is maybe the simplest. It uses Container Network Interface or CNI, which is proposed standard for networking containers on Linux.

Next we can add nodes to the cluster with running this command on all the nodes

kubeadm join --token=bb6fc2.be0345f5b02a32a0 45.55.128.42

The token is sanitized, so that you could not add nodes to my cluster. Next lets enable pods to run on master and not only on nodes.

kubectl taint nodes --all dedicated-

After this we can check nodes to see if all are online.

kubectl get nodes

Installing microservices example

There is simple microservices example that we will use to test our cluster. It is online shop for socks.

First we will add namespace sock shop

kubectl create namespace sock-shop

And then we create the service

kubectl apply -n sock-shop -f "https://github.com/microservices-demo/microservices-demo/blob/master/deploy/kubernetes/complete-demo.yaml?raw=true"

After this we need to wait some time for containers to get created and then we can try to visit the new site. In order to visit it, we must know its address. Lets examine the service

kubectl describe svc front-end -n sock-shop

It will give you output similar to this

Name: front-end
Namespace: sock-shop
Labels: name=front-end
Selector: name=front-end
Type: NodePort
IP: 10.104.11.202
Port: <unset> 80/TCP
NodePort: <unset> 31500/TCP
Endpoints: 10.32.0.4:8079
Session Affinity: None
No events.

The bold line is highlighted by me because we need the port number that service is using. We need to combine port number with address of one of our nodes, and we will get to the site.

Conclusion

So we have successfully set Kubernetes 1.5 cluster with kubeadm on CentOS 7. In our case it is three nodes cluster but kubeadm enables you to easily scale the cluster with adding new nodes. Be sure to keep your token private because with a token and public ip, anyone can add nodes to your cluster. With that we end this article, thank you for reading and have a nice day.