Lab Environment#
Melanjutkan tahap sebelumnya membangun Kubernetes Cluster High Availability.
Software Spec
Software | Version | Description |
---|
Ubuntu | 20.04 | Operating System |
Keepalived | latest | High Availability System |
HAProxy | latest | High Availability System |
Kubernetes | latest | Container Orchestration |
Containerd | latest | Container Runtime Interface |
Calico | latest | Container Network Interface |
Networking Spec
Node Name | IP Address | Floating IP | Description | |
---|
k8s-apiserver | 192.168.0.10 | | Int Load Balance Virtual IP | |
k8s-master01 | 192.168.0.11 | | Int Net | |
k8s-master02 | 192.168.0.12 | | Int Net | |
k8s-master03 | 192.168.0.13 | | Int Net | |
k8s-master01 | 192.168.0.21 | 172.16.0.21 | Int & Ext Net | |
k8s-master02 | 192.168.0.22 | 172.16.0.22 | Int & Ext Net | |
k8s-master03 | 192.168.0.23 | 172.16.0.23 | Int & Ext Net | |
Rancangan Topologi#
![image](/assets/images/k8s_kubernetes_ha.webp)
Inisialisasi cluster Kubernetes pada semua node#
Forwarding ipv4 dan membolehkan iptables melihat traffic bridge#
Menerapkan module overlay dan br_netfilter
1
2
3
4
| cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
|
Untuk memuat modul secara eksplisit
1
2
| sudo modprobe overlay
sudo modprobe br_netfilter
|
Menambahkan parameter sysctl untuk iptables melihat traffic bridge
1
2
3
4
5
| cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
|
Menerapkan parameter sysctl tanpa reboot
Menambahkan repositori Docker#
1
2
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list
|
Menambahkan repositori Kubernetes#
1
2
| sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
|
Menginstall paket yang diperlukan dan mencekah auto upgrade#
1
2
| sudo apt update && sudo apt install -y kubelet kubeadm kubectl containerd.io
sudo apt-mark hold kubelet kubeadm kubectl containerd.io
|
Konfigurasi Containerd#
1
2
3
| sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo systemctl restart containerd
|
Mendeploy cluster kubernetes#
Inisialisasi control plane node atau master nonde#
Jalankan pada node k8s-master01
1
2
| sudo kubeadm config images pull
sudo kubeadm init --control-plane-endpoint k8s-apiserver:8443 --upload-certs
|
Akan mendapatkan hasil seperti berikut :
![image](/assets/images/kubeadmsuccessfull.webp)
Copy credentials kubernetes cluster
1
2
3
4
5
6
7
8
9
10
11
12
| mkdir -p $HOME/.kube
sudo cp -r /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
cat <<EOF | sudo tee >> ~/.profile
source <(kubeadm completion bash)
source <(kubectl completion bash)
alias k=kubectl
complete -F __start_kubectl k
EOF
source ~/.profile
|
Menerapkan CNI Calico
1
2
| kubectl apply -f https://projectcalico.docs.tigera.io/manifests/calico.yaml
watch kubectl -n kube-system get pod -o wide
|
Join cluster master node#
Jalankan pada node k8s-master02 dan node k8s-master03
1
2
3
| sudo kubeadm join k8s-apiserver:8443 --token xbvd7t.s891wt8dk17q8y6f \
--discovery-token-ca-cert-hash sha256:b7a659759eed0776bfb94e9da4ac3369de863aaba2d85e88d22db4ba263cded4 \
--control-plane --certificate-key c978c9f0213f31007a9f5f98050503112b051aa0136a05eb27987719fe748e4a
|
Join cluster worker node#
Jalankan pada worker node
1
2
| sudo kubeadm config images pull
sudo kubeadm join k8s-apiserver:8443 --token xbvd7t.s891wt8dk17q8y6f --discovery-token-ca-cert-hash sha256:b7a659759eed0776bfb94e9da4ac3369de863aaba2d85e88d22db4ba263cded4
|
Mengakses sumber daya kubernetes#
Jalankan pada master node
1
2
3
4
5
6
7
8
| # Melihat daftar node
kubectl get node -o wide
# Melihat pod kube-system
kubectl -n kube-system get pod
# Melihat semua service kubernetes
kubectl get svc -A -o wide
|
![image](/assets/images/k8s_resources.webp)
Sumber Referensi#