About author: Lin Ruicao, Contributor in KubeSphere community, focus on the container network related technologies such as KuBE-OVN and Cilium

background

KubeKey is a new installation method for KubeSphere V3.0. Users can deploy Kubernetes and KubeSphere with one click. Kube-ovn is a Kubernetes network orchestration system based on OVS/OVN. This article will show you how to install and deploy Kubernetes and Kube-OVN using KubeKey.

KubeKey profile

KubeKey is a new generation Installer of Kubernetes and KubeSphere, designed to be more convenient, fast, efficient and flexible to install Kubernetes and KubeSphere. KubeKey eliminates the dependency problems of Ansible and is rewritten with Go to support Kubernetes alone or whole installation of KubeSphere. It is also an effective tool for extending and upgrading clusters.

Kube – OVN profile

Kube-ovn is an open source enterprise cloud native Kubernetes container network orchestration system. It greatly enhances the security, operation and maintenance, management and performance of Kubernetes container network by translating the mature network functions of OpenStack to Kubernetes. Kube-ovn joined CNCF Sandbox last month.

The preparatory work

  1. Meet the installation conditions of KubeKey
  2. Meet kuBE-OVN installation conditions (mainly the kernel version needs to meet the requirements)

Installation steps

  1. Download KubeKey

If you have normal access to GitHub/Googleapis, you can download KubeKey from the GitHub publishing page or use the following command.

The curl - sfL https://get-kk.kubesphere.io | VERSION = v1.0.1 sh -Copy the code

If access to GitHub/Googleapis is limited run the following command to ensure that KubeKey is downloaded from the correct area.

export KKZONE=cn
Copy the code

Execute the following command to download KubeKey.

The curl - sfL https://get-kk.kubesphere.io | VERSION = v1.0.1 sh -Copy the code

After downloading KubeKey, if you upload it to a new machine and access to Googleapis is also limited, be sure to run the export KKZONE=cn command again before performing the following steps. To download the latest version of KubeKey (v1.0.1), you can modify the version number in the command to download the specified version.

Add executable permission to kk:

chmod +x kk
Copy the code

Create a sample configuration file:

/kk create cluster --with-kubernetes v1.17.9Copy the code

Please refer to the official documentation for complete documentation

  1. Modify the generated config-sample.yaml file and change the network plug-in to kube-ovn. The configuration is as follows:
apiVersion: kubekey.kubesphere.io/v1alpha1
kind: Cluster
metadata:
  name: example
spec:
  hosts:
  - {name: node1.address: 192.168. 0183..internalAddress: 192.168. 0183..port: 22.user: root.password: Qcloud@123}
  roleGroups:
    etcd:
     - node1
    master:
     - node1
    worker:
     - node1
  controlPlaneEndpoint:
    domain: lb.kubesphere.local
    address: ""
    port: 6443
  kubernetes:
    version: v1.17.9
    imageRepo: kubesphere
    clusterName: cluster.local
    masqueradeAll: false
    maxPods: 110
    nodeCidrMaskSize: 24
    proxyMode: ipvs
  network:
    plugin: kubeovn
    kubeovn:
      joinCIDR: 100.64. 0. 0/ 16  # joinCIDR address
      enableSSL: true   # open SSL
      enableMirror: true    # Whether to enable traffic mirroring
      pingerExternalAddress: 114.114114.114. # ping external address
      networkType: geneve   Geneve and VLAN are optional. If VLAN is selected, vlan nic name must be specified
      vlanInterfaceName: interface_name  # Vlan NIC name
      vlanID: '100'    # the default vlanID
      dpdkMode: false  # DPDK mode or not
    kubePodsCIDR: 10.23364.. 0/ 18
    kubeServiceCIDR: 10.233. 0. 0/ 18
   registry:
    registryMirrors: []
    insecureRegistries: []
    privateRegistry: ""
  addons: []
Copy the code

Kube-ovn: kube-OVn: kube-OVn: kube-OVn: kube-OVn: kube-OVn

Network: plugin: kubeovn kubePodsCIDR: 10.233.64.0/18 kubeServiceCIDR: 10.233.0.0/18Copy the code

The deployment of

./kk create cluster -f config-sample.yaml
Copy the code

During the installation process, you can see the deployment information of Kube-OVN, seeCongratulationsIs displayed, indicating that the cluster has been successfully installed.

throughkubectl get pod -AYou can see that all kube-OVN-related pods are working properly

View the current subnetkubectl get subnetJoin subnet and OVN-default subnet:

How to use kube-OVn

In Kube-OVN, one or more namespaces can be bound to a subnet through subnet organization IP, and the pods under these namespaces will be assigned IP from the subnet and use the network configuration under the subnet. If the Namespace bound to Pod is not bound to a subnet, the default subnet ovN-default is used to assign an IP address to it. inGithub.com/alauda/kube…Kube-ovn: Kube-OVN: Kube-OVN: Kube-OVN: Kube-OVN

Create a user-defined subnet

apiVersion: kubeovn.io/v1
kind: Subnet
metadata:
  name: ls1
spec:
  protocol: IPv4
  cidrBlock: 10.100. 0. 0/ 16   Set the subnetwork segment
  excludeIps:
  - 10.100. 01...10.100.0.10  Set the subnet exclusion (not used) range
  gateway: 10.100. 01.        Set the gateway address of the subnet
  namespaces:                Set the subnet binding namespace
  - ls1
Copy the code

The subnet configuration is described as follows (the meanings of related fields are described in the notes).kubectl applythenkubectl get subnetYou can see that the subnet has been createdkubectl get subnet ls1 -o yamlYou can check whether the subnet is available.

Create a Pod and bind a custom subnet

Now that we have created the subnet ls1 and bound the namespace ls1, we will create a Pod and bind the namespace ls1:

Creating a namespacekubectl create ns ns1

Create Nginx Pod and bind ls1 ‘kubectl run

Kubectl get IP: kubectl get IP: Kubectl get IP: Kubectl get IP