星期四, 1月 18, 2018

Kubernetes in Azure 建立小記

Kubernetes in Azure 建立小記

OS: openSUSE Leap 42.3

今天參加微軟的 Kubernetes in Azure workshop, 回來之後小記一下 kubernetes 建立
因為 workshop 環境是 Windows, 所以先在 openSUSE 內安裝 azure-cli


安裝 azure-cli 套件


匯入微軟的 key
# rpm  --import   https://packages.microsoft.com/keys/microsoft.asc


加入 azure-cli 的 repo ( 利用 echo 的方式建立檔案 )
# sh  -c  'echo -e  "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ntype=rpm-md\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc"  > /etc/zypp/repos.d/azure-cli.repo'


觀察檔案內容其實就比較好理解
# cat   /etc/zypp/repos.d/azure-cli.repo
[azure-cli]
name=Azure CLI
baseurl=https://packages.microsoft.com/yumrepos/azure-cli
enabled=1
type=rpm-md
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc


使用 zypper 指令安裝 azure-cli


# zypper   refresh


# zypper  install  azure-cli


檢查 az 版本 ( 現在好像要用 2.0.25 才不會有狀況 )
# az  -v
azure-cli (2.0.25)


使用 互動的方式登入
$ az  login


To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code GUXXXXV9 to authenticate.


在瀏覽器輸入 https://aka.ms/devicelogin
然後輸入他提供的機器碼以及驗證登入


建立資源群組
$ az   group  create  --name   sakanaResourceGroupACSK8S   --location  japanwest
{
 "id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S",
 "location": "japanwest",
 "managedBy": null,
 "name": "sakanaResourceGroupACSK8S",
 "properties": {
   "provisioningState": "Succeeded"
 },
 "tags": null
}


使用 az 指令 建立 kubernetes 叢集, 大概需要 10 ~ 12 分鐘
# az  acs  create  --orchestrator-type  kubernetes  --resource-group  sakanaResourceGroupACSK8S  --name  sakanaK8SCluster  --generate-ssh-keys


SSH key files '/root/.ssh/id_rsa' and '/root/.ssh/id_rsa.pub' have been generated under ~/.ssh to allow SSH access to the VM. If using machines without permanent storage like Azure Cloud Shell without an attached file share, back up your keys to a safe location


{
 "id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S/providers/Microsoft.Resources/deployments/azurecli1516283695.4135736",
 "name": "azurecli1516283695.4135736",
 "properties": {
   "additionalProperties": {
     "duration": "PT11M35.4092281S",
     "outputResources": [
       {
         "id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S/providers/Microsoft.ContainerService/containerServices/sakanaK8SCluster",
         "resourceGroup": "sakanaResourceGroupACSK8S"
       }
     ],
     "templateHash": "9902003256629544111"
   },
   "correlationId": "b49a4c9e-xxxx-xxxx-xxxx-629207669fbf",
   "debugSetting": null,
   "dependencies": [],
   "mode": "Incremental",
   "outputs": {
     "masterFQDN": {
       "type": "String",
       "value": "sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com"
     },
     "sshMaster0": {
       "type": "String",
       "value": "ssh azureuser@sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com -A -p 22"
     }
   },
   "parameters": {
     "clientSecret": {
       "type": "SecureString"
     }
   },
   "parametersLink": null,
   "providers": [
     {
       "id": null,
       "namespace": "Microsoft.ContainerService",
       "registrationState": null,
       "resourceTypes": [
         {
           "aliases": null,
           "apiVersions": null,
           "locations": [
             "japanwest"
           ],
           "properties": null,
           "resourceType": "containerServices"
         }
       ]
     }
   ],
   "provisioningState": "Succeeded",
   "template": null,
   "templateLink": null,
   "timestamp": "2018-01-18T14:03:52.171257+00:00"
 },
 "resourceGroup": "sakanaResourceGroupACSK8S"
}


  • 可以使用 --agent-count  1 來指定 agent 的數量
  • 上面輸出有提到可以使用 SSH 連線
    • ssh azureuser@sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com -A -p 22


上面那個指令會在家目錄下的 .ssh 目錄建立 RSA 公鑰以及私鑰
# ls  ~/.ssh
id_rsa  id_rsa.pub  known_hosts


另外會建立 4 台虛擬機器, 可以在 Azure portal 內觀察



嘗試在本機 建立 kubectl 指令, 但是有錯誤, 查了一下, 應該是 proxy 的 bug
# az  acs  kubernetes  install-cli
Downloading client to /root/.kube/config from https://storage.googleapis.com/kubernetes-release/release/v1.9.1/bin/linux/amd64/kubectl
Connection error while attempting to download client ([Errno 2] No such file or directory: '/root/.kube/config')

所以接下來使用 Azure Cloud-shell 的方式來執行指令


==== 以下是在 Azure Cloud-shell ====


想要使用 az 指令連接 kubernetes 但是失敗
$ az  acs  kubernetes  get-credentials  --resource-group  sakanaResourceGroupACSK8S  --name  sakanaK8SCluster
Private key file /home/chunhung/.ssh/id_rsa does not exist


剛剛建立的時候 SSH 金鑰是放在本機的 ~/.ssh 內


觀察 cloud-shell 的內容, cloud-shel 會連接 clouddrive 空間


$ df
Filesystem                                                                                 1K-blocks     Used Available Use% Mounted on
overlay                                                                                     50758760 19691704  31050672  39% /
tmpfs                                                                                         981948        0    981948   0% /dev
tmpfs                                                                                         981948        0    981948   0% /sys/fs/cgroup
/dev/sda1                                                                                   50758760 19691704  31050672  39% /etc/hosts
shm                                                                                            65536        0     65536   0% /dev/shm
//csg6a2bdfx3bec25x48cdxaf4.file.core.windows.net/cs-sakana-hotmail-com-1003bffd8d03ba28   6291456  5242944   1048512  84% /usr/chunhung/clouddrive
/dev/loop0                                                                                   5160576    10292   4888140   1% /home/chunhung


這個時候可以到 cloud-shell 儲存體的檔案, 使用 上傳的功能將 ssh  金鑰上傳


$ ls  -l  /usr/chunhung/clouddrive/
total 3
-rwxrwxrwx 1 root root 1679 Jan 18 15:08 id_rsa
-rwxrwxrwx 1 root root  380 Jan 18 15:08 id_rsa.pub


建立 家目錄下的 .ssh 目錄
$ mkdir  ~/.ssh


將剛剛上傳的 SSH 金鑰移動到  ~/.ssh
$ mv  /usr/chunhung/clouddrive/id_rsa*  ~/.ssh/


使用 az 指令 連接 kubernetes 叢集
$ az  acs  kubernetes  get-credentials  --resource-group  sakanaResourceGroupACSK8S  --name  sakanaK8SCluster


測試 kubectl 指令列出 nodes
$ kubectl  get   nodes
NAME                    STATUS    ROLES     AGE       VERSION
k8s-agent-1f0aab6a-0    Ready     agent     1h        v1.7.7
k8s-agent-1f0aab6a-1    Ready     agent     1h        v1.7.7
k8s-agent-1f0aab6a-2    Ready     agent     1h        v1.7.7
k8s-master-1f0aab6a-0   Ready     master    1h        v1.7.7

==== 以上是在 Azure Cloud-shell ====


到 Azure Port 上觀察一下




總算是跨出 kubernetes 的一小步 :)

清除實驗資源


刪除 Resource Group


$ az  group  delete  --name  sakanaResourceGroupACSK8S
Are you sure you want to perform this operation? (y/n): y


因為把剛剛建立的 Resource Group 刪除, 所以底下的相關物件也一併刪除


Reference


~ enjoy it



沒有留言: