AliCloud Node installation (Join Current HK cluster)

AliCloud Node installation (Join Current HK cluster) === ## Prepare the config - generate certificate and kubeconfig - generate kubelet configs ## Checks ### Network - K8s cluster (APIserver, Calico-etcd) https://issuetracking.maaii.com:8443/browse/NCR-930 - IP-in-IP tunneling https://issuetracking.maaii.com:8443/browse/NCR-936 - infra - NTP - DNS - Squid Proxy - GitLab - Load Balancer - Applicaton related external components - LCC5 DBs, SIP server...etc ### DNS - hk-lcc5-kube-master.cloud.m800.com - hk-lcc5-calico-etcd.cloud.m800.com ### Artifacts - Binaries - Downloaded through squid proxy server - Connection to google storage may be broken even there's a squid proxy - List of binaries need to download offline - kubelet - kubectl - cni (through proxy okay) - Docker Images - Proxy configuration enables pull from docker hub...etc - images from k8s.gcr.io, quay.io is not able to pull - List of images need to save and load offline - k8s.gcr.io/kube-proxy:v1.13.5 - k8s.gcr.io/pause:3.1 - quay.io/calico/node:v3.1.3 - quay.io/calico/cni:v3.1.3 - Configurations - Clone gitlab repo or scp files to host ## Steps - change selinux to permissive (issue: https://github.com/coreos/bugs/issues/2340) - Edit /etc/selinux/config - Reboot the node - copy binaries ``` # enter into binary directory cp kubelet /opt/ mkdir -p /opt/cni/bin cp cni/* /opt/cni/bin ``` - docker proxy configuration (proxy server is different in regions) ``` mkdir -p /etc/systemd/system/docker.service.d cp docker/10-proxy-sg.conf /etc/systemd/system/docker.service.d/10-proxy.conf systemctl daemon-reload systemctl restart docker ``` - load docker images ``` # enter into docker images directory for i in `ls`; do docker load -i $i; done ``` - install kubelet ``` # reference install-kubelet.sh commands sh install-kubelet.sh ``` - check kubelet status and if node added to cluster ``` systemctl status kubelet ``` ``` $ kubectl get nodes NAME STATUS ROLES AGE VERSION hk-lcc5-k8s-node01 Ready etcd,master 66d v1.13.5 hk-lcc5-k8s-node02 Ready etcd,master 66d v1.13.5 hk-lcc5-k8s-node03 Ready etcd,master 66d v1.13.5 hk-lcc5-k8s-node04 Ready <none> 62d v1.13.5 hk-lcc5-k8s-node05 Ready <none> 62d v1.13.5 hk-lcc5-k8s-node06 Ready <none> 62d v1.13.5 sg-lcc5-k8s-node01 Ready <none> 40m v1.13.5 ``` ## Further Actions - Label node region & district - Namespace creation - pixie deploy - network policy - Fluent-bit deployment - Monitoring (check strategies) - jaeger deployment