forked from k-space/kube
Update README
This commit is contained in:
parent
0a40686c16
commit
3458cbd694
54
README.md
54
README.md
@ -155,7 +155,8 @@ these should be handled by `tls:` section in Ingress.
|
|||||||
|
|
||||||
## Cluster formation
|
## Cluster formation
|
||||||
|
|
||||||
Create Ubuntu 20.04 VM-s on Proxmox with local storage.
|
Created Ubuntu 22.04 VM-s on Proxmox with local storage.
|
||||||
|
Added some ARM64 workers by using Ubuntu 22.04 server on Raspberry Pi.
|
||||||
|
|
||||||
After machines have booted up and you can reach them via SSH:
|
After machines have booted up and you can reach them via SSH:
|
||||||
|
|
||||||
@ -193,14 +194,8 @@ nameserver 8.8.8.8
|
|||||||
EOF
|
EOF
|
||||||
|
|
||||||
# Disable multipathd as Longhorn handles that itself
|
# Disable multipathd as Longhorn handles that itself
|
||||||
systemctl mask multipathd
|
systemctl mask multipathd snapd
|
||||||
systemctl disable multipathd
|
systemctl disable --now multipathd snapd bluetooth ModemManager hciuart wpa_supplicant packagekit
|
||||||
systemctl stop multipathd
|
|
||||||
|
|
||||||
# Disable Snapcraft
|
|
||||||
systemctl mask snapd
|
|
||||||
systemctl disable snapd
|
|
||||||
systemctl stop snapd
|
|
||||||
|
|
||||||
# Permit root login
|
# Permit root login
|
||||||
sed -i -e 's/PermitRootLogin no/PermitRootLogin without-password/' /etc/ssh/sshd_config
|
sed -i -e 's/PermitRootLogin no/PermitRootLogin without-password/' /etc/ssh/sshd_config
|
||||||
@ -209,16 +204,15 @@ cat << EOF > /root/.ssh/authorized_keys
|
|||||||
sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBD4/e9SWYWYoNZMkkF+NirhbmHuUgjoCap42kAq0pLIXFwIqgVTCre03VPoChIwBClc8RspLKqr5W3j0fG8QwnQAAAAEc3NoOg== lauri@lauri-x13
|
sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBD4/e9SWYWYoNZMkkF+NirhbmHuUgjoCap42kAq0pLIXFwIqgVTCre03VPoChIwBClc8RspLKqr5W3j0fG8QwnQAAAAEc3NoOg== lauri@lauri-x13
|
||||||
EOF
|
EOF
|
||||||
userdel -f ubuntu
|
userdel -f ubuntu
|
||||||
apt-get remove -yq cloud-init
|
apt-get install -yqq linux-image-generic
|
||||||
|
apt-get remove -yq cloud-init linux-image-*-kvm
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
||||||
Install packages, for Raspbian set `OS=Debian_11`
|
Install packages:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
OS=xUbuntu_20.04
|
OS=xUbuntu_22.04
|
||||||
VERSION=1.23
|
VERSION=1.24
|
||||||
cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
||||||
deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /
|
deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /
|
||||||
EOF
|
EOF
|
||||||
@ -232,11 +226,10 @@ curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add
|
|||||||
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list
|
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list
|
||||||
|
|
||||||
apt-get update
|
apt-get update
|
||||||
apt-get install -yqq apt-transport-https curl cri-o cri-o-runc kubelet=1.23.5-00 kubectl=1.23.5-00 kubeadm=1.23.5-00
|
apt-get install -yqq apt-transport-https curl cri-o cri-o-runc kubelet=1.24.8-00 kubectl=1.24.8-00 kubeadm=1.24.8-00
|
||||||
sudo systemctl daemon-reload
|
sudo systemctl daemon-reload
|
||||||
sudo systemctl enable crio --now
|
sudo systemctl enable crio --now
|
||||||
apt-mark hold kubelet kubeadm kubectl
|
apt-mark hold kubelet kubeadm kubectl
|
||||||
sed -i -e 's/unqualified-search-registries = .*/unqualified-search-registries = ["docker.io"]/' /etc/containers/registries.conf
|
|
||||||
```
|
```
|
||||||
|
|
||||||
On master:
|
On master:
|
||||||
@ -254,7 +247,7 @@ for j in $(seq 1 9); do
|
|||||||
kubectl label nodes worker${j}.kube.k-space.ee node-role.kubernetes.io/worker=''
|
kubectl label nodes worker${j}.kube.k-space.ee node-role.kubernetes.io/worker=''
|
||||||
done
|
done
|
||||||
|
|
||||||
for j in $(seq 1 3); do
|
for j in $(seq 1 4); do
|
||||||
kubectl taint nodes mon${j}.kube.k-space.ee dedicated=monitoring:NoSchedule
|
kubectl taint nodes mon${j}.kube.k-space.ee dedicated=monitoring:NoSchedule
|
||||||
kubectl label nodes mon${j}.kube.k-space.ee dedicated=monitoring
|
kubectl label nodes mon${j}.kube.k-space.ee dedicated=monitoring
|
||||||
done
|
done
|
||||||
@ -265,15 +258,26 @@ for j in $(seq 1 4); do
|
|||||||
done
|
done
|
||||||
```
|
```
|
||||||
|
|
||||||
On Raspberry Pi you need to take additonal steps:
|
|
||||||
|
|
||||||
* Manually enable cgroups by appending
|
|
||||||
`cgroup_memory=1 cgroup_enable=memory` to `/boot/cmdline.txt`,
|
|
||||||
* Disable swap with `swapoff -a; apt-get purge -y dphys-swapfile`
|
|
||||||
* For mounting Longhorn volumes on Rasbian install `open-iscsi`
|
|
||||||
|
|
||||||
For `arm64` nodes add suitable taint to prevent scheduling non-multiarch images on them:
|
For `arm64` nodes add suitable taint to prevent scheduling non-multiarch images on them:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
kubectl taint nodes worker9.kube.k-space.ee arch=arm64:NoSchedule
|
kubectl taint nodes worker9.kube.k-space.ee arch=arm64:NoSchedule
|
||||||
```
|
```
|
||||||
|
|
||||||
|
For door controllers:
|
||||||
|
|
||||||
|
```
|
||||||
|
for j in ground front back; do
|
||||||
|
kubectl taint nodes door-${j}.kube.k-space.ee dedicated=door:NoSchedule
|
||||||
|
kubectl label nodes door-${j}.kube.k-space.ee dedicated=door
|
||||||
|
kubectl taint nodes door-${j}.kube.k-space.ee arch=arm64:NoSchedule
|
||||||
|
done
|
||||||
|
```
|
||||||
|
|
||||||
|
To reduce wear on storage:
|
||||||
|
|
||||||
|
```
|
||||||
|
echo StandardOutput=null >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl restart kubelet
|
||||||
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user