Using Kuryr to Integrate Network Between OpenStack and Kubernetes (Part 2)

Using Kuryr to Integrate Network Between OpenStack and Kubernetes (Part 2)

上篇回顧:
Using Kuryr to Integrate Network Between OpenStack and Kubernetes (Part 1)

Deploy Kubernetes Cluster

First of all, make sure you can log in to all nodes without the need to enter password. Then, switch to k8-master (172.24.0.34) and enter the following commands.

Then, install required packages:

$ sudo yum -y install software-properties-common ansible git gcc python-pip python-devel libffi-devel openssl-devel
$ sudo pip install -U kubespray

After installation, create a kubespray yaml file:

$ cat <<EOF >  ~/.kubespray.yml 
kubespray_git_repo: "https://github.com/kubernetes-incubator/kubespray.git"
# Logging options
loglevel: "info"
EOF

Then, use kubespray-cli to rapidly generate inventory file, and change the content as below:

$ sudo -i
$ kubespray prepare --masters master --etcds master --nodes node1

Edit inventory.cfg file (/root/.kubespray/inventory/inventory.cfg), and change the following content:

[all]
master ansible_host=172.24.0.37 ansible_user=root ip=172.24.0.37
node1 ansible_host=172.24.0.34 ansible_user=root ip=172.24.0.34
[kube-master]
master
[kube-node]
master
node1
[etcd]
master
[k8s-cluster:children]
kube-node1
kube-master

After editing, utilize kubespray-cli command to start deploying:

$ kubespray deploy --verbose -u root -k .ssh/id_rsa -n calico

Wait until it finishes. Then, check the status of these nodes:

$ kubectl get no
NAME      STATUS         AGE       VERSION
master    Ready,master   2m        v1.7.4
node1     Ready          2m        v1.7.4

Then, in order for Kuryu controller to obtain K8s API server, edit kube-apiserver.yml file (/etc/kubernetes/manifests/kube-apiserver.yml), and add the following content:

– “–insecure-bind-address=0.0.0.0”
– “–insecure-port=8080”

Tips:

Bind the “-insecure-bind-address” to 0.0.0.0

Install Openstack Kuryr

Switch to controller (172.24.0.37), and enter the following commands.

Firstly, install all required packages:

$ sudo yum -y install  gcc libffi-devel python-devel openssl-devel install python-pip

Then, download and install kuryr-kubernetes:

$ git clone http://git.openstack.org/openstack/kuryr-kubernetes
$ pip install -e kuryr-kubernetes

Create and copy kuryr.conf file to /etc/kuryr directory:

$ cd kuryr-kubernetes
$ ./tools/generate_config_file_samples.sh
$ sudo mkdir -p /etc/kuryr/
$ sudo cp etc/kuryr.conf.sample /etc/kuryr/kuryr.conf

Then, use OpenStack Dashboard to create a project. Open a browser and enter “Dashboard”, and execute the following commands:

  1. Create K8s project.
  2. Modify K8 project member, and then add the member to the service project.
  3. Create a Security Group. Please refer to kuryr-kubernetes manually.
  4. Add a pod_subnet.
  5. Add a service_subnet.

After that, modify kuryr.conf (/etc/kuryr/kuryr.conf) file, and add the following content:

[DEFAULT]
use_stderr = true
bindir = /usr/local/libexec/kuryr
[kubernetes]
api_root = http://172.24.0.37:8080
[neutron]
auth_url = http://172.24.0.37/identity
username = admin
user_domain_name = Default
password = admin
project_name = service
project_domain_name = Default
auth_type = password
[neutron_defaults]
ovs_bridge = br-int
pod_security_groups = {id_of_secuirity_group_for_pods}
pod_subnet = {id_of_subnet_for_pods}
project = {id_of_project}
service_subnet = {id_of_subnet_for_k8s_services}

Upon completion of the above steps, run the kuryr-k8s-controller shown below:

$ kuryr-k8s-controller --config-file /etc/kuryr/kuryr.conf

Install Kuryr-CNI

Switch to node1 (172.24.0.80) and execute the following commands:

Install required components:

$ sudo yum -y install  gcc libffi-devel python-devel openssl-devel python-pip

Then install Kuryr-CNI for kubelet:

$ git clone http://git.openstack.org/openstack/kuryr-kubernetes
$ sudo pip install -e kuryr-kubernetes

Create a kuryr.conf file at the directory “/etc/kuryr”:

$ cd kuryr-kubernetes
$ ./tools/generate_config_file_samples.sh
$ sudo mkdir -p /etc/kuryr/
$ sudo cp etc/kuryr.conf.sample /etc/kuryr/kuryr.conf

Modify or change the content of kuryr.conf file as follows:

[DEFAULT]
use_stderr = true
bindir = /usr/local/libexec/kuryr
[kubernetes]
api_root = http://172.24.0.37:8080

Create a bin folder for binary file storage, and a net.d folder to store configuration files.

$ sudo mkdir -p /opt/cni/bin
$ sudo ln -s $(which kuryr-cni) /opt/cni/bin/
$ sudo mkdir -p /etc/cni/net.d/

Create a new CNI configuration file (/etc/cni/net.d/10-kuryr.conf):

{
“cniVersion”: “0.3.0”,
“name”: “kuryr”,
“type”: “kuryr-cni”,
“kuryr_conf”: “/etc/kuryr/kuryr.conf”,
“debug”: true
}

After that, update oslo and vif python libraries:

$ sudo pip install 'oslo.privsep>=1.20.0' 'os-vif>=1.5.0'

Lastly, restart all related services:

sudo systemctl daemon-reload && systemctl restart kubelet.service

Testing service

Open a pod to communicate with OpenStack VM:

Written by 白凱仁 迎棧科技軟體工程師

EDM

Select list(s)*

 

Loading