Decomposition of kubernets principle

Master node （master）：

Quick introduction ：

• master Also install kubelet and kubeproxy
• Front end access （UI\CLI）：
• kube-apiserver：
• scheduler:
• controller manager:
• etcd
• kubelet+kubeproxy A must for every node +docker（ Container runtime environment ）

Work node （node）：

Quick introduction ：

• Pod：
  • docker run It started a container（ Containers ）, The container is docker The basic unit of , An application is a container
  • kubelet run An application launched is called a Pod;Pod yes k8s The basic unit of .
    • Pod Is a re encapsulation of the container
    • atguigu( Never change ) ==slf4j= log4j( class )
    • application ===== Pod ======= docker The container of
    • A container often does not represent a basic application . Blog （php+mysql Together, complete ）
    • Prepare one Pod It can contain more than one container; One Pod Represents a basic application .
    • IPod（ See a movie 、 Listen to the music 、 Play a game ）【 A basic product , atom 】;
    • Pod（music container、movie container）【 A basic product , Atomic 】
• Kubelet： overseer , Responsible for interaction master Of api-server And the application start and stop of the current machine , stay master The machine is master My little assistant . This is what every machine really works Kubelet
• Kube-proxy：
• other ：

Principle of component interaction ：

Want to make k8s Deploy a tomcat？

0、 Power on defaults to all nodes kubelet、master Node scheduler（ Scheduler ）、controller-manager（ Control Manager ） Keep monitoring master Of api-server Changes in events （for ::）

1、 Programmers use command-line tools ： kubectl ; kubectl create deploy tomcat --image=tomcat8（ tell master Let the cluster use tomcat8 Mirror image , Deploy a tomcat application ）

2、kubectl The command line content is sent to api-server,api-server Save the creation information to etcd

3、etcd to api-server Report the incident , Said someone just saved a message for me .（ Deploy Tomcat[deploy]）

4、controller-manager Listen to the api-server Events , yes （ Deploy Tomcat[deploy]）

5、controller-manager Deal with this （ Deploy Tomcat[deploy]） Events .controller-manager Will generate Pod Deployment information for 【pod Information 】

6、controller-manager hold Pod Give your information to api-server, Save it to etcd

7、etcd Report the incident 【pod Information 】 to api-server.

8、scheduler Special monitoring 【pod Information 】 , Get 【pod Information 】 The content of , Calculation , See which node is suitable for deploying this Pod【pod Information after scheduling （node: node-02）】,

9、scheduler hold 【pod Information after scheduling （node: node-02）】 hand api-server Save to etcd

10、etcd Report the incident 【pod Information after scheduling （node: node-02）】, to api-server

11、 Of other nodes kubelet Special monitoring 【pod Information after scheduling （node: node-02）】 event , Cluster all nodes kubelet from api-server Got it. 【pod Information after scheduling （node: node-02）】 event

12、 For each node kubelet Judge whether it belongs to you ;node-02 Of kubelet It was his business to find out

13、node-02 Of kubelet Start this pod. Report to master All the information currently started

install ：

Installation mode

• Binary mode （ Recommended for production environments ）
• MiniKube…
• kubeadm How to lead （ The official recommendation ）
  • GA
    Approximate process ：
• Get ready N Servers , Intranet interworking ,
• install Docker Containerized environment 【k8s give up dockershim】
• install Kubernetes
  • Three machines install core components （kubeadm( Bootstrap tool for creating clusters ), kubelet,kubectl（ The programmer's command line ） ）
  • kubelet The previous core components can be created directly through containerization （api-server）【 Officials mirror the core components 】
  • from kubeadm Guide the creation of the cluster

1、 Three machines set their own hostname（ It can't be localhost）. Cloud manufacturers must pay attention to the three machines .
The three machines execute in turn k8s-01,k8s-02,k8s-03

#  modify  hostname; k8s-01 Be your own hostname
hostnamectl set-hostname k8s-01
#  Set up  hostname  analysis 
echo "127.0.0.1 $(hostname)" >> /etc/hosts

2、 All machines execute the following script in batches

# Execute on all machines first  vi k8s.sh
#  Enter edit mode （ Input i）, Copy the following script 
#  All machines give script permission  chmod +x k8s.sh
# Execute the script  ./k8s.sh

#/bin/sh

####################### Start setting up the environment ##################################### \n


printf "################## Configuring all basic environment information ################## \n"


printf "################## close selinux################## \n"
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
printf "################## close swap################## \n"
swapoff -a  
sed -ri 's/.*swap.*/#&/' /etc/fstab 

printf "################## Configure route forwarding ################## \n"
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf br_netfilter EOF
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.d/k8s.conf

##  must  ipv6 Flow bridging 
echo 'net.bridge.bridge-nf-call-ip6tables = 1' >> /etc/sysctl.d/k8s.conf
##  must  ipv4 Flow bridging 
echo 'net.bridge.bridge-nf-call-iptables = 1' >> /etc/sysctl.d/k8s.conf
echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.d/k8s.conf
echo "net.ipv6.conf.default.disable_ipv6 = 1" >> /etc/sysctl.d/k8s.conf
echo "net.ipv6.conf.lo.disable_ipv6 = 1" >> /etc/sysctl.d/k8s.conf
echo "net.ipv6.conf.all.forwarding = 1"  >> /etc/sysctl.d/k8s.conf
modprobe br_netfilter
sudo sysctl --system
	
	
printf "################## To configure ipvs################## \n"
cat <<EOF | sudo tee /etc/sysconfig/modules/ipvs.modules #!/bin/bash modprobe -- ip_vs modprobe -- ip_vs_rr modprobe -- ip_vs_wrr modprobe -- ip_vs_sh modprobe -- nf_conntrack_ipv4 EOF

chmod 755 /etc/sysconfig/modules/ipvs.modules 
sh /etc/sysconfig/modules/ipvs.modules


printf "################## install ipvsadm Related software ################## \n"
yum install -y ipset ipvsadm




printf "################## install docker Container environment ################## \n"
sudo yum remove docker*
sudo yum -y install gcc yum -y install gcc-c++
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo
yum makecache fast
yum install -y docker-ce-19.03.9  docker-ce-cli-19.03.9 containerd.io
systemctl enable docker
systemctl start docker

sudo mkdir -p /etc/docker
sudo cd /etc/docker
sudo rm -rf daemon.json
sudo tee /etc/docker/daemon.json <<-'EOF' { # Configuration acceleration  "registry-mirrors": ["https://v47ixed4.mirror.aliyuncs.com"] } EOF
sudo systemctl daemon-reload
sudo systemctl restart docker


printf "################## install k8s Core packages  kubeadm kubelet kubectl################## \n"
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=http://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=0 repo_gpgcheck=0 gpgkey=http://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg http://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg EOF

### Appoint k8s Installed version 
yum install -y kubelet-1.21.0 kubeadm-1.21.0 kubectl-1.21.0

### To put kubelet restart now .
systemctl enable kubelet
systemctl start kubelet

printf "################## download api-server Wait for the core image ################## \n"
sudo tee ./images.sh <<-'EOF' #!/bin/bash images=( kube-apiserver:v1.21.0 kube-proxy:v1.21.0 kube-controller-manager:v1.21.0 kube-scheduler:v1.21.0 coredns:v1.8.0 etcd:3.4.13-0 pause:3.4.1 ) for imageName in ${images[@]} ; do docker pull registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/$imageName done ##  Modify again after all coredns Mirror image   Be careful 1.21.0 Version of k8s coredns The image is special , Alibaba cloud requires special treatment , Re labeling  docker tag registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/coredns:v1.8.0 registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images/coredns/coredns:v1.8.0 EOF
   
chmod +x ./images.sh && ./images.sh
   
### k8s All basic environments of are completed 

3、 Use kubeadm Leading the cluster （ Reference initialization master Continue to do ）

#### --apiserver-advertise-address  Your address must be written as yourself master Mechanical ip Address  （ Private address ）
####  Virtual machines or other machines given to you by cloud manufacturers ip 10.96 192.168
####  The following are only in master Node execution 
##  Be careful ：pod-cidr And service-cidr
# cidr  Classless inter domain routing （Classless Inter-Domain Routing、CIDR）
#  Specify a network reach  pod Subnet range +service The subnet range of the load balancing network + This machine ip The subnet range of cannot have duplicate domains 


kubeadm init \
--apiserver-advertise-address=172.31.9.67 \ 
--image-repository registry.cn-hangzhou.aliyuncs.com/lfy_k8s_images \
--kubernetes-version v1.21.0 \
--service-cidr=10.96.0.0/16 \
--pod-network-cidr=192.168.0.0/16

4、master After that , Follow the console guidance to continue

##  First step 
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

## The second step 
export KUBECONFIG=/etc/kubernetes/admin.conf

## The third step   Deploy network plug-in 
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml



## Step four , Printed on the console kubeadm join  Go to other places node Node execution   Pay attention to using your own generated script 
kubeadm join 10.170.11.8:6443 --token cnb7x2.lzgz7mfzcjutn0nk \
	--discovery-token-ca-cert-hash sha256:00c9e977ee52632098aadb515c90076603daee94a167728110ef8086d0d5b37d
	
	
kubeadm join 172.31.9.67:6443 --token jvit9r.7a122lkmm7yks0yb \
        --discovery-token-ca-cert-hash sha256:86bf986f174cb284850ea99422162ac9d556729cbcb59759110cb4c5533ebd28 



##token What to do if it's overdue 
kubeadm token create --print-join-command
kubeadm token create --ttl 0 --print-join-command
kubeadm join --token y1eyw5.ylg568kvohfdsfco --discovery-token-ca-cert-hash sha256: 6c35e4f73f72afd89bf1c8c303ee55677d2cdb1342d67bb23c852aba2efc7c73

5、 Verification cluster

# wait a moment , stay master Node execution 
kubectl get nodes

# Label nodes 
## k8s Everything is an object .node: machine  Pod： Application container 
### Tag  《h1》
kubectl label node k8s-02 node-role.kubernetes.io/worker=''
### Debarking 
kubectl label node k8s-02 node-role.kubernetes.io/worker-


## k8s colony , When the machine restarts, it will automatically rejoin the cluster ,master After restarting, it will automatically join the cluster control center 

6、 Set up kube-proxy Of ipvs Pattern

## modify kube-proxy Default configuration  maste
kubectl edit cm kube-proxy -n kube-system
##  modify mode: "ipvs"

## After the change, restart kube-proxy
###  Find all the kube-proxy
kubectl get pod -n kube-system |grep kube-proxy
###  Delete the previous 
kubectl delete pod 【 Find out with your own kube-proxy-dw5sf kube-proxy-hsrwp kube-proxy-vqv7n】  -n kube-system

###

View recreated prod

kubectl get pod -n kube-system |grep kube-proxy  

Check the startup log output ：

kubectl logs kube-proxy-4hj9s -n  kube-system