Installing Kubernetes on Alibaba Cloud Elastic Compute Service

Baru sadar sekarang ternyata sudah ada 186 artikel/tutorial sejak tahun 2003 yang sudah saya tulis(author) dan publish di internet melalui blog saya di https://henry.gultom.or.id . Saya belajar  di komunitas jadi kita harus giving back ke komunitas kembali dan jangan simpan sendiri ilmunya nanti tidak menjadi berkat.

Era platform open-source masih terus digunakan sampai sekarang dan menjadi sangat populer, sejak 25 August 1991 Linus Benedict Torvalds mempublish Linux kernel pertama kali dan berkembang sampai Linux Distribution pertama di release. Tahun 1993 distribusi Linux Slackware lahir dan diikuti di tahun yang sama Linux Debian.  Oke cukup bicara histori, kita lanjut ke pendatang baru yang lagi sangat tenar sekarang yaitu Kubernetes.

Kubernetes merupakan platform open-source yang digunakan untuk melakukan manajemen workloads aplikasi yang dikontainerisasi, serta menyediakan konfigurasi dan otomatisasi secara deklaratif. Kubernetes berada di dalam ekosistem yang besar dan berkembang cepat. Servicesupport, dan perkakas Kubernetes tersedia secara meluas Kubernetes menyediakan manajemen environment yang berpusat pada kontainer. Kubernetes melakukan orkestrasi terhadap computingnetworking, dan inftrastruktur penyimpanan. Fitur inilah yang kemudian membuat konsep Platform as a Service (PaaS) menjadi lebih sederhana dilengkapi dengan fleksibilitas yang dimiliki oleh Infrastructure as a Service (IaaS).

Mau cepat paham ayo di coba/test/produce/reproduce jangan baca teori saja. Orang kita kadang malas mencoba, tapi maunya banyakin sertifikat saja.

Ujicoba saya kali ini menggunakan :
– Ubuntu 16.04.7 LTS (GNU/Linux 4.4.0-198-generic x86_64)
– Kubernetes dan Docker
– VM CPU and Memory 2Cores 4GiB running di Alibaba Cloud (sorry ini bukan promosi).

Let’s start, logged to VM using ssh :

sh-3.2# ssh root@47.254.16.185
The authenticity of host ‘47.254.16.185 (47.254.16.185)’ can’t be established.
ECDSA key fingerprint is SHA256:RveCyz8yQAJeS4dMElxwK3cWSUnZGdHirKrLmzIMRtc.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added ‘47.254.16.185’ (ECDSA) to the list of known hosts.
root@47.254.16.185’s password:
Welcome to Ubuntu 16.04.7 LTS (GNU/Linux 4.4.0-198-generic x86_64)

* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage

38 packages can be updated.
38 of these updates are security updates.
To see these additional updates run: apt list –upgradable

Welcome to Alibaba Cloud Elastic Compute Service !

Last login: Thu Feb 18 17:01:24 2021
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# apt-get update
Hit:1 http://mirrors.cloud.aliyuncs.com/ubuntu xenial InRelease
Hit:2 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates InRelease
Hit:3 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-security InRelease
Reading package lists… Done
root@iZrj95zw0q0jnwnzbep2nxZ:~#v

Install Docker :

root@iZrj95zw0q0jnwnzbep2nxZ:~# apt-get install -y docker.io
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
bridge-utils cgroupfs-mount containerd git git-man liberror-perl pigz runc ubuntu-fan
Suggested packages:
aufs-tools btrfs-tools debootstrap docker-doc rinse zfs-fuse | zfsutils git-daemon-run | git-daemon-sysvinit git-doc git-el git-email git-gui gitk gitweb git-arch git-cvs git-mediawiki git-svn
The following NEW packages will be installed:
bridge-utils cgroupfs-mount containerd docker.io git git-man liberror-perl pigz runc ubuntu-fan
0 upgraded, 10 newly installed, 0 to remove and 33 not upgraded.
Need to get 56.4 MB of archives.
After this operation, 283 MB of additional disk space will be used.
Get:1 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/universe amd64 pigz amd64 2.3.1-2 [61.1 kB]
Get:2 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/main amd64 bridge-utils amd64 1.5-9ubuntu1 [28.6 kB]
Get:3 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/universe amd64 cgroupfs-mount all 1.2 [4970 B]
Get:4 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/universe amd64 runc amd64 1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4 [1890 kB]
Get:5 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/universe amd64 containerd amd64 1.2.6-0ubuntu1~16.04.6 [19.9 MB]
Get:6 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/universe amd64 docker.io amd64 18.09.7-0ubuntu1~16.04.7 [30.5 MB]
Get:7 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/main amd64 liberror-perl all 0.17-1.2 [19.6 kB]
Get:8 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/main amd64 git-man all 1:2.7.4-0ubuntu1.9 [736 kB]
Get:9 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/main amd64 git amd64 1:2.7.4-0ubuntu1.9 [3176 kB]
Get:10 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/main amd64 ubuntu-fan all 0.12.8~16.04.3 [35.1 kB]
Fetched 56.4 MB in 23s (2370 kB/s)
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = “UTF-8”,
LC_TERMINAL_VERSION = “3.4.3”,
LC_TERMINAL = “iTerm2”,
LANG = “en_US.UTF-8”
are supported and installed on your system.
perl: warning: Falling back to a fallback locale (“en_US.UTF-8”).
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Preconfiguring packages …
Selecting previously unselected package pigz.
(Reading database … 213386 files and directories currently installed.)
Preparing to unpack …/pigz_2.3.1-2_amd64.deb …
Unpacking pigz (2.3.1-2) …
Selecting previously unselected package bridge-utils.
Preparing to unpack …/bridge-utils_1.5-9ubuntu1_amd64.deb …
Unpacking bridge-utils (1.5-9ubuntu1) …
Selecting previously unselected package cgroupfs-mount.
Preparing to unpack …/cgroupfs-mount_1.2_all.deb …
Unpacking cgroupfs-mount (1.2) …
Selecting previously unselected package runc.
Preparing to unpack …/runc_1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4_amd64.deb …
Unpacking runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4) …
Selecting previously unselected package containerd.
Preparing to unpack …/containerd_1.2.6-0ubuntu1~16.04.6_amd64.deb …
Unpacking containerd (1.2.6-0ubuntu1~16.04.6) …
Selecting previously unselected package docker.io.
Preparing to unpack …/docker.io_18.09.7-0ubuntu1~16.04.7_amd64.deb …
Unpacking docker.io (18.09.7-0ubuntu1~16.04.7) …
Selecting previously unselected package liberror-perl.
Preparing to unpack …/liberror-perl_0.17-1.2_all.deb …
Unpacking liberror-perl (0.17-1.2) …
Selecting previously unselected package git-man.
Preparing to unpack …/git-man_1%3a2.7.4-0ubuntu1.9_all.deb …
Unpacking git-man (1:2.7.4-0ubuntu1.9) …
Selecting previously unselected package git.
Preparing to unpack …/git_1%3a2.7.4-0ubuntu1.9_amd64.deb …
Unpacking git (1:2.7.4-0ubuntu1.9) …
Selecting previously unselected package ubuntu-fan.
Preparing to unpack …/ubuntu-fan_0.12.8~16.04.3_all.deb …
Unpacking ubuntu-fan (0.12.8~16.04.3) …
Processing triggers for man-db (2.7.5-1) …
Processing triggers for ureadahead (0.100.0-19.1) …
Processing triggers for systemd (229-4ubuntu21.29) …
Setting up pigz (2.3.1-2) …
Setting up bridge-utils (1.5-9ubuntu1) …
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Setting up cgroupfs-mount (1.2) …
Setting up runc (1.0.0~rc7+git20190403.029124da-0ubuntu1~16.04.4) …
Setting up containerd (1.2.6-0ubuntu1~16.04.6) …
Setting up docker.io (18.09.7-0ubuntu1~16.04.7) …
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Adding group `docker’ (GID 133) …
Done.
Setting up liberror-perl (0.17-1.2) …
Setting up git-man (1:2.7.4-0ubuntu1.9) …
Setting up git (1:2.7.4-0ubuntu1.9) …
Setting up ubuntu-fan (0.12.8~16.04.3) …
Processing triggers for ureadahead (0.100.0-19.1) …
Processing triggers for systemd (229-4ubuntu21.29) …
root@iZrj95zw0q0jnwnzbep2nxZ:~#

Selanjutnya menginstall tool Kubectl,kubeadm and kubelet : Kubectl adalah alat yang berinteraksi dengan cluster, Kubeadm adalah perintah untuk bootstrap dan Kubelet adalah komponen penting yang berjalan di setiap mesin cluster dan bertanggung jawab untuk menjalankan pod dan container.

root@iZrj95zw0q0jnwnzbep2nxZ:~# apt-get install -y apt-transport-https
Reading package lists… Done
Building dependency tree
Reading state information… Done
apt-transport-https is already the newest version (1.2.32ubuntu0.2).
0 upgraded, 0 newly installed, 0 to remove and 33 not upgraded.
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add –
OK
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
> deb http://apt.kubernetes.io/ kubernetes-xenial main
> EOF
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# apt-get update
Hit:1 http://mirrors.cloud.aliyuncs.com/ubuntu xenial InRelease
Get:2 https://packages.cloud.google.com/apt kubernetes-xenial InRelease [9383 B]
Hit:3 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates InRelease
Get:4 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 Packages [44.8 kB]
Hit:5 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-security InRelease
Fetched 54.2 kB in 1s (40.1 kB/s)
Reading package lists… Done
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# apt-get install -y kubelet kubeadm kubectl
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
conntrack cri-tools ebtables kubernetes-cni socat
The following NEW packages will be installed:
conntrack cri-tools ebtables kubeadm kubectl kubelet kubernetes-cni socat
0 upgraded, 8 newly installed, 0 to remove and 33 not upgraded.
Need to get 68.7 MB of archives.
After this operation, 293 MB of additional disk space will be used.
Get:1 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 cri-tools amd64 1.13.0-01 [8775 kB]
Get:6 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/main amd64 conntrack amd64 1:1.4.3-3 [27.3 kB]
Get:2 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubernetes-cni amd64 0.8.7-00 [25.0 MB]
Get:7 http://mirrors.cloud.aliyuncs.com/ubuntu xenial-updates/main amd64 ebtables amd64 2.0.10.4-3.4ubuntu2.16.04.2 [79.9 kB]
Get:8 http://mirrors.cloud.aliyuncs.com/ubuntu xenial/universe amd64 socat amd64 1.7.3.1-1 [321 kB]
Get:3 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubelet amd64 1.20.4-00 [18.9 MB]
Get:4 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubectl amd64 1.20.4-00 [7944 kB]
Get:5 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubeadm amd64 1.20.4-00 [7710 kB]
Fetched 68.7 MB in 5s (13.6 MB/s)
LANGUAGE = (unset),
LC_ALL = (unset),
LC_CTYPE = “UTF-8”,
LC_TERMINAL_VERSION = “3.4.3”,
LC_TERMINAL = “iTerm2”,
LANG = “en_US.UTF-8”
are supported and installed on your system.
perl: warning: Falling back to a fallback locale (“en_US.UTF-8”).
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
Selecting previously unselected package conntrack.
(Reading database … 214513 files and directories currently installed.)
Preparing to unpack …/conntrack_1%3a1.4.3-3_amd64.deb …
Unpacking conntrack (1:1.4.3-3) …
Selecting previously unselected package cri-tools.
Preparing to unpack …/cri-tools_1.13.0-01_amd64.deb …
Unpacking cri-tools (1.13.0-01) …
Selecting previously unselected package ebtables.
Preparing to unpack …/ebtables_2.0.10.4-3.4ubuntu2.16.04.2_amd64.deb …
Unpacking ebtables (2.0.10.4-3.4ubuntu2.16.04.2) …
Selecting previously unselected package kubernetes-cni.
Preparing to unpack …/kubernetes-cni_0.8.7-00_amd64.deb …
Unpacking kubernetes-cni (0.8.7-00) …
Selecting previously unselected package socat.
Preparing to unpack …/socat_1.7.3.1-1_amd64.deb …
Unpacking socat (1.7.3.1-1) …
Selecting previously unselected package kubelet.
Preparing to unpack …/kubelet_1.20.4-00_amd64.deb …
Unpacking kubelet (1.20.4-00) …
Selecting previously unselected package kubectl.
Preparing to unpack …/kubectl_1.20.4-00_amd64.deb …
Unpacking kubectl (1.20.4-00) …
Selecting previously unselected package kubeadm.
Preparing to unpack …/kubeadm_1.20.4-00_amd64.deb …
Unpacking kubeadm (1.20.4-00) …
Processing triggers for man-db (2.7.5-1) …
Processing triggers for ureadahead (0.100.0-19.1) …
Processing triggers for systemd (229-4ubuntu21.29) …
Processing triggers for doc-base (0.10.7) …
Processing 1 added doc-base file…
Setting up conntrack (1:1.4.3-3) …
Setting up cri-tools (1.13.0-01) …
Setting up ebtables (2.0.10.4-3.4ubuntu2.16.04.2) …
update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults
Setting up kubernetes-cni (0.8.7-00) …
Setting up socat (1.7.3.1-1) …
Setting up kubelet (1.20.4-00) …
Setting up kubectl (1.20.4-00) …
Setting up kubeadm (1.20.4-00) …
Processing triggers for ureadahead (0.100.0-19.1) …
Processing triggers for systemd (229-4ubuntu21.29) …
root@iZrj95zw0q0jnwnzbep2nxZ:~#

Kita initial Kubeadm, pastikan “Kubernetes control-plane has initialized successfully!” :

root@iZrj95zw0q0jnwnzbep2nxZ:~# kubeadm init
[init] Using Kubernetes version: v1.20.4
[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected “cgroupfs” as the Docker cgroup driver. The recommended driver is “systemd”. Please follow the guide at https://kubernetes.io/docs/setup/cri/
[preflight] Pulling images required for setting up a Kubernetes cluster
[preflight] This might take a minute or two, depending on the speed of your internet connection
[preflight] You can also perform this action in beforehand using ‘kubeadm config images pull’
[certs] Using certificateDir folder “/etc/kubernetes/pki”
[certs] Generating “ca” certificate and key
[certs] Generating “apiserver” certificate and key
[certs] apiserver serving cert is signed for DNS names [izrj95zw0q0jnwnzbep2nxz kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 172.28.244.180]
[certs] Generating “apiserver-kubelet-client” certificate and key
[certs] Generating “front-proxy-ca” certificate and key
[certs] Generating “front-proxy-client” certificate and key
[certs] Generating “etcd/ca” certificate and key
[certs] Generating “etcd/server” certificate and key
[certs] etcd/server serving cert is signed for DNS names [izrj95zw0q0jnwnzbep2nxz localhost] and IPs [172.28.244.180 127.0.0.1 ::1]
[certs] Generating “etcd/peer” certificate and key
[certs] etcd/peer serving cert is signed for DNS names [izrj95zw0q0jnwnzbep2nxz localhost] and IPs [172.28.244.180 127.0.0.1 ::1]
[certs] Generating “etcd/healthcheck-client” certificate and key
[certs] Generating “apiserver-etcd-client” certificate and key
[certs] Generating “sa” key and public key
[kubeconfig] Using kubeconfig folder “/etc/kubernetes”
[kubeconfig] Writing “admin.conf” kubeconfig file
[kubeconfig] Writing “kubelet.conf” kubeconfig file
[kubeconfig] Writing “controller-manager.conf” kubeconfig file
[kubeconfig] Writing “scheduler.conf” kubeconfig file
[kubelet-start] Writing kubelet environment file with flags to file “/var/lib/kubelet/kubeadm-flags.env”
[kubelet-start] Writing kubelet configuration to file “/var/lib/kubelet/config.yaml”
[kubelet-start] Starting the kubelet
[control-plane] Using manifest folder “/etc/kubernetes/manifests”
[control-plane] Creating static Pod manifest for “kube-apiserver”
[control-plane] Creating static Pod manifest for “kube-controller-manager”
[control-plane] Creating static Pod manifest for “kube-scheduler”
[etcd] Creating static Pod manifest for local etcd in “/etc/kubernetes/manifests”
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory “/etc/kubernetes/manifests”. This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.
[apiclient] All control plane components are healthy after 105.503098 seconds
[upload-config] Storing the configuration used in ConfigMap “kubeadm-config” in the “kube-system” Namespace
[kubelet] Creating a ConfigMap “kubelet-config-1.20” in namespace kube-system with the configuration for the kubelets in the cluster
[upload-certs] Skipping phase. Please see –upload-certs
[mark-control-plane] Marking the node izrj95zw0q0jnwnzbep2nxz as control-plane by adding the labels “node-role.kubernetes.io/master=”” and “node-role.kubernetes.io/control-plane=” (deprecated)”
[mark-control-plane] Marking the node izrj95zw0q0jnwnzbep2nxz as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule]
[bootstrap-token] Using token: o7bbt7.rrj7g7elr4b52gtb
[bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to get nodes
[bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
[bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token
[bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster
[bootstrap-token] Creating the “cluster-info” ConfigMap in the “kube-public” namespace
[kubelet-finalize] Updating “/etc/kubernetes/kubelet.conf” to point to a rotatable kubelet client certificate and key
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy

Your Kubernetes control-plane has initialized successfully!

To start using your cluster, you need to run the following as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Alternatively, if you are the root user, you can run:

export KUBECONFIG=/etc/kubernetes/admin.conf

You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join 172.28.244.180:6443 –token o7bbt7.rrj7g7elr4b52gtb \
–discovery-token-ca-cert-hash sha256:44e2fc620ad692087783dbe7aa331e8c9ddd1bd94421df8a6f1caef0e076c0ab
root@iZrj95zw0q0jnwnzbep2nxZ:~#

root@iZrj95zw0q0jnwnzbep2nxZ:~# export KUBECONFIG=/etc/kubernetes/admin.conf
root@iZrj95zw0q0jnwnzbep2nxZ:~#

Output diatas menunjukkan Kubernetes master initial suskes.

Jika ada [ERROR Swap] muncul anda bisa mengulang init dengan jalankan command  #swapoff -a dan jalankan kembali #kubeadm init

Dengan instalasi kubernetes diatas berjalan sukses maka kita bisa mengexplore lebih lanjut bagaimana kita diatas kita bisa menyebarkan pod network ke cluster, dan menggabungkan node worker.

https://kubernetes.io/docs/concepts/cluster-administration/addons/

Salam sehat selalu semuanya. (henry.gultom@gmail.com)

2 thoughts on “Installing Kubernetes on Alibaba Cloud Elastic Compute Service

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.