Kubernetes in Azure 建立小記
OS: openSUSE Leap 42.3
今天參加微軟的 Kubernetes in Azure workshop, 回來之後小記一下 kubernetes 建立
因為 workshop 環境是 Windows, 所以先在 openSUSE 內安裝 azure-cli
安裝 azure-cli 套件
匯入微軟的 key
# rpm --import https://packages.microsoft.com/keys/microsoft.asc
加入 azure-cli 的 repo ( 利用 echo 的方式建立檔案 )
# sh -c 'echo -e "[azure-cli]\nname=Azure CLI\nbaseurl=https://packages.microsoft.com/yumrepos/azure-cli\nenabled=1\ntype=rpm-md\ngpgcheck=1\ngpgkey=https://packages.microsoft.com/keys/microsoft.asc" > /etc/zypp/repos.d/azure-cli.repo'
觀察檔案內容其實就比較好理解
# cat /etc/zypp/repos.d/azure-cli.repo
[azure-cli]
name=Azure CLI
baseurl=https://packages.microsoft.com/yumrepos/azure-cli
enabled=1
type=rpm-md
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc
使用 zypper 指令安裝 azure-cli
# zypper refresh
# zypper install azure-cli
檢查 az 版本 ( 現在好像要用 2.0.25 才不會有狀況 )
# az -v
azure-cli (2.0.25)
使用 互動的方式登入
$ az login
To sign in, use a web browser to open the page https://aka.ms/devicelogin and enter the code GUXXXXV9 to authenticate.
然後輸入他提供的機器碼以及驗證登入
建立資源群組
$ az group create --name sakanaResourceGroupACSK8S --location japanwest
{
"id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S",
"location": "japanwest",
"managedBy": null,
"name": "sakanaResourceGroupACSK8S",
"properties": {
"provisioningState": "Succeeded"
},
"tags": null
}
使用 az 指令 建立 kubernetes 叢集, 大概需要 10 ~ 12 分鐘
# az acs create --orchestrator-type kubernetes --resource-group sakanaResourceGroupACSK8S --name sakanaK8SCluster --generate-ssh-keys
SSH key files '/root/.ssh/id_rsa' and '/root/.ssh/id_rsa.pub' have been generated under ~/.ssh to allow SSH access to the VM. If using machines without permanent storage like Azure Cloud Shell without an attached file share, back up your keys to a safe location
{
"id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S/providers/Microsoft.Resources/deployments/azurecli1516283695.4135736",
"name": "azurecli1516283695.4135736",
"properties": {
"additionalProperties": {
"duration": "PT11M35.4092281S",
"outputResources": [
{
"id": "/subscriptions/6a2bdf3b-xxxx-xxxx-xxxx-3371d3401feb/resourceGroups/sakanaResourceGroupACSK8S/providers/Microsoft.ContainerService/containerServices/sakanaK8SCluster",
"resourceGroup": "sakanaResourceGroupACSK8S"
}
],
"templateHash": "9902003256629544111"
},
"correlationId": "b49a4c9e-xxxx-xxxx-xxxx-629207669fbf",
"debugSetting": null,
"dependencies": [],
"mode": "Incremental",
"outputs": {
"masterFQDN": {
"type": "String",
"value": "sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com"
},
"sshMaster0": {
"type": "String",
"value": "ssh azureuser@sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com -A -p 22"
}
},
"parameters": {
"clientSecret": {
"type": "SecureString"
}
},
"parametersLink": null,
"providers": [
{
"id": null,
"namespace": "Microsoft.ContainerService",
"registrationState": null,
"resourceTypes": [
{
"aliases": null,
"apiVersions": null,
"locations": [
"japanwest"
],
"properties": null,
"resourceType": "containerServices"
}
]
}
],
"provisioningState": "Succeeded",
"template": null,
"templateLink": null,
"timestamp": "2018-01-18T14:03:52.171257+00:00"
},
"resourceGroup": "sakanaResourceGroupACSK8S"
}
- 可以使用 --agent-count 1 來指定 agent 的數量
- 上面輸出有提到可以使用 SSH 連線
- ssh azureuser@sakanak8sc-sakanaresourcegr-xxxxxxxxxx.japanwest.cloudapp.azure.com -A -p 22
上面那個指令會在家目錄下的 .ssh 目錄建立 RSA 公鑰以及私鑰
# ls ~/.ssh
id_rsa id_rsa.pub known_hosts
另外會建立 4 台虛擬機器, 可以在 Azure portal 內觀察
嘗試在本機 建立 kubectl 指令, 但是有錯誤, 查了一下, 應該是 proxy 的 bug
# az acs kubernetes install-cli
Downloading client to /root/.kube/config from https://storage.googleapis.com/kubernetes-release/release/v1.9.1/bin/linux/amd64/kubectl
Connection error while attempting to download client ([Errno 2] No such file or directory: '/root/.kube/config')
所以接下來使用 Azure Cloud-shell 的方式來執行指令
==== 以下是在 Azure Cloud-shell ====
想要使用 az 指令連接 kubernetes 但是失敗
$ az acs kubernetes get-credentials --resource-group sakanaResourceGroupACSK8S --name sakanaK8SCluster
Private key file /home/chunhung/.ssh/id_rsa does not exist
剛剛建立的時候 SSH 金鑰是放在本機的 ~/.ssh 內
觀察 cloud-shell 的內容, cloud-shel 會連接 clouddrive 空間
$ df
Filesystem 1K-blocks Used Available Use% Mounted on
overlay 50758760 19691704 31050672 39% /
tmpfs 981948 0 981948 0% /dev
tmpfs 981948 0 981948 0% /sys/fs/cgroup
/dev/sda1 50758760 19691704 31050672 39% /etc/hosts
shm 65536 0 65536 0% /dev/shm
//csg6a2bdfx3bec25x48cdxaf4.file.core.windows.net/cs-sakana-hotmail-com-1003bffd8d03ba28 6291456 5242944 1048512 84% /usr/chunhung/clouddrive
/dev/loop0 5160576 10292 4888140 1% /home/chunhung
這個時候可以到 cloud-shell 儲存體的檔案, 使用 上傳的功能將 ssh 金鑰上傳
$ ls -l /usr/chunhung/clouddrive/
total 3
-rwxrwxrwx 1 root root 1679 Jan 18 15:08 id_rsa
-rwxrwxrwx 1 root root 380 Jan 18 15:08 id_rsa.pub
建立 家目錄下的 .ssh 目錄
$ mkdir ~/.ssh
將剛剛上傳的 SSH 金鑰移動到 ~/.ssh
$ mv /usr/chunhung/clouddrive/id_rsa* ~/.ssh/
使用 az 指令 連接 kubernetes 叢集
$ az acs kubernetes get-credentials --resource-group sakanaResourceGroupACSK8S --name sakanaK8SCluster
測試 kubectl 指令列出 nodes
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
k8s-agent-1f0aab6a-0 Ready agent 1h v1.7.7
k8s-agent-1f0aab6a-1 Ready agent 1h v1.7.7
k8s-agent-1f0aab6a-2 Ready agent 1h v1.7.7
k8s-master-1f0aab6a-0 Ready master 1h v1.7.7
==== 以上是在 Azure Cloud-shell ====
到 Azure Port 上觀察一下
總算是跨出 kubernetes 的一小步 :)
清除實驗資源
刪除 Resource Group
$ az group delete --name sakanaResourceGroupACSK8S
Are you sure you want to perform this operation? (y/n): y
因為把剛剛建立的 Resource Group 刪除, 所以底下的相關物件也一併刪除
Reference
~ enjoy it
沒有留言:
張貼留言