Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Building HA Kubernetes Clusters with RKE

Building HA Kubernetes Clusters with RKE

Slide for #RancherMeetup at Osaka,Japan

Kazumichi Yamamoto

April 20, 2018
Tweet

More Decks by Kazumichi Yamamoto

Other Decks in Technology

Transcript

  1. 3BODIFS.FFUVQ04"," !ZBNBNPUP@GFCD #VJMEJOH)",VCFSOFUFT$MVTUFSTXJUI3,&

  2. ,B[VNJDIJ :BNBNPUP !ZBNBNPUP@GFCD 8IP

  3. None
  4. • ,VCFSOFUFT*OTUBMMFS • )JHI"WBJMBCJMJUZ$MVTUFST 8IBUJT

  5. #BDLHSPVOEPG

  6. 

  7. None
  8. None
  9. ˙ #BTFEPO%PDLFS ˙ +BWBBOE(PMBOH ˙ .Z42- ˙ .VMUJ0SDIFTUSBUJPOUPPMT ˙ #BTFEPO,VCFSOFUFT

    ˙ (PMBOH ˙ FUDE ˙ ,VCFSOFUFTPOMZ  
  10. None
  11. )PXUPBEEDMVTUFS

  12. XBZTUPBEEDMVTUFS .BOBHFELT *NQPSUDMVTUFS $SFBUFDMVTUFS

  13. .BOBHFE,VCFSOFUFT 6TFlLPOUBJOFSFOHJOFz UPQSPWJTJPOJOH(,&&,4",4 IUUQTHJUIVCDPNSBODIFSLPOUBJOFSFOHJOF

  14. *NQPSUFYJTUJOHLTDMVTUFS LVCFDUM EFQMPZTlDBUUMFOPEFBHFOUzBOElDBUUMFDMVTUFSBHFOUz

  15. $SFBUFLTDMVTUFS XJUIEPDLFSNBDIJOF %PDLFS.BDIJOF 3,& LPOUBJOFSFOHJOF $SFBUFEPDLFSOPEF 1SPWJTJPOJOHLTDMVTUFS

  16. `$SFBUFLTDMVTUFS XJUIFYJTUJOHEPDLFS &YJTUJOHEPDLFS 3,& LPOUBJOFSFOHJOF 1SPWJTJPOJOHLTDMVTUFS

  17. )PXUPXPSL

  18. 0WFSWJFX 44) 1SPWJTJPOJOH

  19. n %PDLFS n 0QFO44) n .FNCFSPGlEPDLFSzHSPVQ n 0QFO1PSUT CFUXFFOOPEFT n

    %JTBCMF4XBQ XPSLFSOPEFT 1SFSFRVJTJUFTGPSOPEFT
  20. )PXUPXPSL FUDE LVCFBQJTFSWFS LVCFDPOUSPMMFS TDIFEVMFS LVCFMFU DOJ &UD (FOFSBUFLFZQBJSBOEDFSU GPSYBVUI

    1SPWJTJPOJOHLTDPNQPOFOUT DMVTUFSZNM 44)
  21. )PXUPVTF

  22.  *OTUBMM3,&  $SFBUFDMVTUFSZNM  3VOlSLF VQz )PXUPVTF

  23. n %PXOMPBE3,&CJOBSZ *OTUBMM3,& $ curl -L -o rke $RKE_URL n

    3VODINPE $ chmod +x rke 3,&@63-IUUQTHJUIVCDPNSBODIFSSLFSFMFBTFTEPXOMPBEWSLF@EBSXJOBNE
  24. n .JOJNBMDMVTUFSZNM $SFBUFDMVTUFSZNM node: - address: 1.2.3.4 user: ubuntu role:

    [etcd, controlplane, worker]
  25. 3VOlSLF VQz $ ./rke up --config cluster.yml

  26. n DMVTUFSZNM /PEFSPMFT node: - address: 1.2.3.4 user: ubuntu role:

    [etcd, controlplane, worker]
  27. /PEFSPMFT DMVTUFSZNM 3BODIFS8FC6*

  28. 3VOOJOHDPOUBJOFSTQFSSPMF SPMFFUDE FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ SPMF DPOUSPMQMBOF DOJ

    LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS DPOUSPMMFSNBOBHFS TDIFEVMFS SPMFXPSLFS DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ
  29. )"$MVTUFSXJUI

  30.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  31.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  32. 3FEVOEBOUXPSLFST n .VMUJQMFXPSLFSQSPWJTJPOJOH node: - address: 192.2.0.1 role: [controlplane, etcd]

    - address: 192.2.0.2 role: [worker] - address: 192.2.0.3 role: [worker] - address: 192.2.0.4 role: [worker]
  33. FUDE SPMFDPOUSPMQMBOF FUDE DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS DPOUSPMMFSNBOBHFS TDIFEVMFS

    SPMFXPSLFS DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ 3FEVOEBOUXPSLFST SPMFXPSLFS DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ SPMFXPSLFS DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ
  34.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  35.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  36. n .VMUJQMFFUDE QSPWJTJPOJOH node: - address: 192.2.0.1 role: [etcd, controlplane,

    workers] - address: 192.2.0.2 role: [etcd, controlplane, workers] - address: 192.2.0.3 role: [etcd, controlplane, workers] FUDE $MVTUFSJOH
  37. FUDE $MVTUFSJOH n FUDE CPPUTUSBQDPOGJHVSBUJPO $ docker inspect etcd ...

    --initial-cluster= etcd-node1=https://192.2.0.1:2380, etcd-node2=https://192.2.0.2:2380, etcd-node3=https://192.2.0.3:2380
  38. FUDE $MVTUFSJOH n "1*4FSWFSTCPPUTUSBQDPOGJHVSBUJPO $ docker inspect kube-apiserver ... --etcd-servers=

    https://192.2.0.1:2379, https://192.2.0.2:2379, https://192.2.0.3:2379
  39.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  40.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  41. n .VMUJQMFDPOUSPMQMBOF QSPWJTJPOJOH node: - address: 192.2.0.1 role: [etcd, controlplane,

    workers] - address: 192.2.0.2 role: [etcd, controlplane, workers] - address: 192.2.0.3 role: [etcd, workers] 3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST
  42. FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS

    DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ FUDE BQJTFSWFS FUDE 3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST
  43. FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS

    DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ FUDE BQJTFSWFS FUDE n 2VFTUJPO8IJDI"1*4FSWFSEPFTLVCFMFU VTF ? ? ? 3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST
  44. FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS

    DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ FUDE BQJTFSWFS FUDE n "OTXFS6TF3,&OHJOYQSPYZ 3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST https://127.0.0.1:6443 https://127.0.0.1:6443
  45. n "OTXFS6TF3,&OHJOYQSPYZ $ cat /etc/kubernetes/ssl/kubecfg-kube-node.yaml apiVersion: v1 kind: Config clusters:

    - cluster: api-version: v1 server: "https://127.0.0.1:6443" name: "local" 3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST
  46.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  47.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  48. n .VMUJQMFDPOUSPMQMBOF QSPWJTJPOJOH node: - address: 192.2.0.1 role: [etcd, controlplane,

    workers] - address: 192.2.0.2 role: [etcd, controlplane, workers] - address: 192.2.0.3 role: [etcd, controlplane, workers] TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO
  49. FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS

    DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ FUDE BQJTFSWFS FUDE TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO BQJTFSWFS DPOUSPMMFSNBOBHFS TDIFEVMFS DPOUSPMMFSNBOBHFS TDIFEVMFS DPOUSPMMFSNBOBHFS TDIFEVMFS
  50. TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO

  51. n MFBEFSFMFDUGMBH TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO $ docker inspect kube-scheduler ... --leader-elect=true $

    docker inspect kube-controller-manager ... --leader-elect=true
  52. FUDE LVCFQSPYZ DOJ LVCFMFU SLFOHJOYQSPYZ DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ BQJTFSWFS

    DOJ LVCFQSPYZ LVCFMFU SLFOHJOYQSPYZ FUDE BQJTFSWFS FUDE TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO BQJTFSWFS DPOUSPMMFSNBOBHFS TDIFEVMFS
  53.  3FEVOEBOUXPSLFST  FUDE $MVTUFSJOH  3FQMJDBUFE -PBE#BMBODFE "1*4FSWFST 

    TDIFEVMFSDUSMNBOBHFS-FBEFS&MFDUJPO 3FRVJSFEGPS)"DMVTUFS #VJMEJOH)JHI"WBJMBCJMJUZ$MVTUFST IUUQTLVCFSOFUFTJPEPDTBENJOIJHIBWBJMBCJMJUZCVJMEJOH
  54. JT)"3FBEZ

  55. 3FNBJOJOH*TTVFT

  56. 1SFSFRVJTJUFTGPSOPEFT n %PDLFS n 0QFO44) n .FNCFSPGlEPDLFSzHSPVQ n 0QFO1PSUT CFUXFFOOPEFT

    n %JTBCMF4XBQ XPSLFSOPEFT *TUIFSFBNPSFCFUUFSXBZ
  57. 3,&XJUI5FSSBGPSN 5FSSBGPSNQSPWJEFSQMVHJOGPS3,& IUUQTHJUIVCDPNZBNBNPUPGFCDUFSSBGPSNQSPWJEFSSLF

  58. $IFDLJUPVU IUUQTSBODIFSKQDPOOQBTTDPNFWFOU

  59. &OKPZ