-
Notifications
You must be signed in to change notification settings - Fork 29
Running Kubernetes
The process for bringing up Kubernetes on a fabric-attached memory cluster is very similar to the one for using kubeadm to create a Kubernetes cluster at https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/. In this particular process we configure the flannel networking plugin to enable flexible networking between pods and for external access to services.
For Docker 1.13 and above it is no longer possible for containers to forward packets outside the host machine. To re-enable this feature, which is required for multi-node communications in Kubernetes, apply the following workaround
$ sudo mkdir -p /etc/systemd/system/docker.service.d
$ cat > /tmp/enable-ip-fowarding.conf << EOF
[Service]
ExecStartPost="/sbin/iptables -P FORWARD ACCEPT"
EOF
$ sudo mv /tmp/enable-ip-fowarding.conf /etc/systemd/system/docker.service.d
$ sudo systemctl daemon-reload
$ sudo systemctl restart docker
This problem is documented at https://github.com/kubernetes/kubernetes/issues/40182 but there is no official fix or recommended workaround.
Run kubeadm init to initialise the master node. To enable networking with flannel we use the --pod-network-cidr argument to specify a IPv4 subnet range that will be broken down and handed out to each node in the cluster for use by pods.
$ sudo kubeadm init --pod-network-cidr=10.244.0.0/16
Note that this process may take a while as several Docker images are downloaded for use in running the Kubernetes control plane.
Note also that if a HTTP proxy is required to access the Internet, Docker will need to be configured on each node as detailed in https://github.com/FabricAttachedMemory/Emulation/wiki/Running-Docker.
The output of the kubeadm init command above should include a command line with arguments that are used to join other nodes to the cluster. Use this command to join as many nodes as you like to the master node.
$ ssh [email protected]
$ sudo kubeadm join --token <TOKEN> 192.168.42.1:6443 --discovery-token-ca-cert-hash sha256:<CERTHASH>
[...]
Node join complete:
* Certificate signing request sent to master and response received.
* Kubelet informed of new secure connection details.
Run 'kubectl get nodes' on the master to see this machine join.
Download and configure flannel by installing it as a
$ export KUBECONFIG=/etc/kubernetes/admin.conf
$ sudo -E kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.9.0/Documentation/kube-flannel.yml
It may take a few minutes again for Docker images to be downloaded. Run kubectl get nodes to display the cluster status. When the status of all nodes is Ready then the cluster has been created and is available for use.
$ sudo -E kubectl get nodes
NAME STATUS ROLES AGE VERSION
node01 Ready master 8m v1.8.2
node02 Ready <none> 7m v1.8.2
By default Kubernetes does not allow pods to execute on the master node. For a small demonstration cluster we will disable this security feature.
$ sudo -E kubectl taint nodes --all node-role.kubernetes.io/master-
This command produces a confusing message which looks like an error, but the command actually works.
We are going to deploy a Wordpress installation on our cluster using the example
$ sudo -E kubectl create -f https://kubernetes.io/docs/tutorials/stateful-application/mysql-wordpress-persistent-volume/local-volumes.yaml
$ sudo -E kubectl create secret generic mysql-pass --from-literal=password=passw0rd
$ sudo -E kubectl create -f https://kubernetes.io/docs/tutorials/stateful-application/mysql-wordpress-persistent-volume/mysql-deployment.yaml
$ sudo -E kubectl create -f https://kubernetes.io/docs/tutorials/stateful-application/mysql-wordpress-persistent-volume/wordpress-deployment.yaml