Listings Rost, Schifferdecker, Schneemann/Kubernetes mit Support


Listing 1: Bootstrapping eines CaaS-Platform-4-Clusters mit skuba
$ skuba cluster init caasp4 \
    --control-plane caasp4.example.org
$ cd caasp4
$ skuba node bootstrap --user sles --sudo \
    --target master1.caasp4.example.org master1
$ skuba node join --role worker --user sles --sudo \
    --target worker1.caasp4.example.org worker1

--------

Listing 2: Cluster mit rke up installieren
[john@doe]$ rke config
[+] Cluster Level SSH Private Key Path [~/.ssh/id_rsa]: 
[+] Number of Hosts [1]: 
[+] SSH Address of host (1) [none]: 10.0.0.10
....
[+] Cluster Network CIDR [10.42.0.0/16]: 
[+] Cluster DNS Service IP [10.43.0.10]: 
[+] Add addon manifest URLs or YAML files [no]: 

[john@doe]$ rke up
INFO[0000] Building Kubernetes cluster
INFO[0000] [dialer] Setup tunnel for host [johndoe.example.com]
INFO[0000] [state] Found local kube config file, trying to get state from cluster
...
INFO[0027] [ingress] ingress controller nginx is successfully deployed
INFO[0027] [addons] Setting up user addons
INFO[0027] [addons] no user addons defined
INFO[0027] Finished building Kubernetes cluster successfully

--------

Listing 3: Installation von Rancher
kubectl -n kube-system create serviceaccount tiller
kubectl create clusterrolebinding tiller \
  --clusterrole=cluster-admin \
  --serviceaccount=kube-system:tiller
helm init --service-account tiller
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
kubectl apply -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.9/deploy/manifests/00-crds.yaml
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install \
  --name cert-manager \
  --namespace cert-manager \
  --version v0.9.1 \
  jetstack/cert-manager
helm install rancher-latest/rancher \
  --name rancher \
  --namespace cattle-system \
  --set hostname=rancher.johndoe.example.com \
  --set ingress.tls.source=letsEncrypt \
  --set letsEncrypt.email=johndoe@example.com

--------

Listing 4: Beispiel einer YAML-Datei für das Cluster-Deployment
apiVersion: v1
baseDomain: openshift.test
compute:
- hyperthreading: Enabled
    name: worker
    platform: {}
    replicas: 3
controlPlane:
    hyperthreading: Enabled
    name: master
    platform: {}
    replicas: 3
metadata:
    creationTimestamp: null
    name: ix-cluster
networking:
    clusterNetwork:
    - cidr: 10.128.0.0/14
        hostPrefix: 23
    machineCIDR: 10.0.0.0/16
    networkType: OpenShiftSDN
    serviceNetwork:
    - 172.30.0.0/16
platform:
    aws:
        region: eu-central-1
pullSecret: ''
sshKey: |

--------

Listing 5: Ignition-Konfiguration für ein Master-System
{
    "ignition": {
      "config": {
        "append": [
          {
            "source": "https://api-int.ix-cluster.example.org:22623/config/master",
            "verification": {}
          }
        ]
      },
      "security": {
        "tls": {
          "certificateAuthorities": [
            {
              "source": "...",
              "verification": {}
            }
          ]
        }
      },
      "timeouts": {},
      "version": "2.2.0"
    },
    "networkd": {},
    "passwd": {},
    "storage": {},
    "systemd": {}
}
