Oracle linux kubernetes install

Oracle В® Linux

Oracle Linux Container Services for use with Kubernetes User’s Guide

Oracle Legal Notices

Copyright В© 2012, 2020, Oracle and/or its affiliates.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are «commercial computer software» or «commercial computer software documentation» pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, reproduction, duplication, release, display, disclosure, modification, preparation of derivative works, and/or adaptation of i) Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs), ii) Oracle computer documentation and/or iii) other Oracle data, is subject to the rights and limitations specified in the license contained in the applicable contract. The terms governing the U.S. Government’s use of Oracle cloud services are defined by the applicable contract for such services. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Inside are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Epyc, and the AMD logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.

Oracle Documentation License

This document uses the Web-based Help format from DocBook XML. The following license information applies to this format.

Copyright В© 1999-2007 Norman Walsh

Copyright В© 2003 Jiri Kosek

Copyright В© 2004-2007 Steve Ball

Copyright В© 2005-2008 The DocBook Project

Copyright В© 2011-2012 O’Reilly Media

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the «Software»), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

Except as contained in this notice, the names of individuals credited with contribution to this software shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from the individuals in question.

Any stylesheet derived from this Software that is publicly distributed will be identified with a different name and the version strings in any derived Software will be changed so that no possibility of confusion between the derived package and this Software will exist.

THE SOFTWARE IS PROVIDED «AS IS», WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL NORMAN WALSH OR ANY OTHER CONTRIBUTOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Web-based Help from DocBook XML

Copyright В© 2008-2012 Kasun Gajasinghe, David Cramer

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the “Software”), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

Except as contained in this notice, the names of individuals credited with contribution to this software shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization from the individuals in question.

Any stylesheet derived from this Software that is publicly distributed will be identified with a different name and the version strings in any derived Software will be changed so that no possibility of confusion between the derived package and this Software will exist.

Warranty: THE SOFTWARE IS PROVIDED «AS IS», WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL DAVID CRAMER, KASUN GAJASINGHE, OR ANY OTHER CONTRIBUTOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Certain search characteristics associated with the DocBook XSL webhelp stylesheets are provided as javascript files generated using Apache Lucene and other fourth party technologies, which are licensed under the Apache License reproduced below.

Источник

Install Docker and Kubernetes on Oracle Linux behind a proxy

This article walks you through the steps required to install and configure Docker and Kubernetes on a bare metal or virtual machine running Oracle Linux (OL) 7.x that’s behind a corporate proxy.

Prerequisites

Make sure you meet these prerequisites:

• OL 7.x using Unbreakable Enterprise Kernel Release 4 (UEK R4) or later
• yum is configured to talk to your corporate proxy. For quick reference, you can edit “/etc/yum.conf” and add or update the proxy entry:

Install Docker Engine

Edit “/etc/yum.repos.d/public-yum-ol7.repo” and enable the “ol7_addons” channel. It’s a matter of setting the “enabled” option to “1” under “ol7_addons” section. Next, run yum to install the latest docker engine that is made available on this channel:

Configure Proxy

Create the file “/etc/systemd/system/docker.service.d/http-proxy.conf” and add the following:

Make sure to replace the “

” and “ ” with appropriate values for your environment.

Now run the following commands to start the docker engine and ensure that it starts back on reboots:

You can check the status and version of docker by running the following commands:

Using a web browser, login to Oracle Container Registry website at https://container-registry.oracle.com. Navigate to the Container Services category and accept the license agreement.

Install Kubernetes Master Node

Make sure the “ol7_addons” channel is enabled (refer to install docker engine section above). Run yum to install “kubeadm”:

Now login to the Oracle Container registry using Docker CLI:

As root, run the following command to add sbin to the PATH variable:

As root, run the following command to add a port forwarding rule:

If you are running “firewalld” service, as root, run the following commands:

And finally, as root, run this command to configure the host as a master node:

If there are any issues, the above command will notify you with possible remedies. After a successful run, the command will print the next steps which boil down to preparing the regular user to run “kubectl” commands and the command to be run on other hosts which will act as worker nodes in the kubernetes cluster. Take a note of the token and hash that you will use later to join worker nodes to the cluster.

Install Kubernetes Worker Nodes

On each additional OL machine that should be provisioned as a worker node, repeat all the steps, except the last one, that you executed above while provisioning the master node.

Instead of running the last step from above, as root, run the kubeadm-setup join command:

After provisioning the worker nodes, you can go back to the master node and run the following command to get a glimpse of all the nodes:

You are all set to start deploying services and play with Kubernetes.

Refer to the following links for additional information and in-depth documentation:

• Oracle Container Runtime for Docker
• Oracle Container Services for Kubernetes

Источник

Oracle linux kubernetes install

How To Manually Install Kubernetes for Oracle Linux in Oracle OCI

Another related doc

To mannually install Kubernetes in Oracle OCI via Oracle Released Docker and Kubernetes version from Oracle Container Registry Refer official doc

Please turn off TX checksum offload if you have VM in OCI with UEK4 kernel and Broadcomm driver. Refer doc

Preparation(All Kubernetes Nodes) (set http proxy if necessary in intranet):

• Assume Master nodes and worker nodes are in the same VCN. Otherwise we need to add access rules in OCI policy to let nodes communicate with each other. details in doc
• #yum update -y
• #yum-config-manager —enable ol7_addons
• #yum install docker-engine
• Add proxy for docker daemon and docker containers if necessary in intranet. refer my blog
• Move Docker Images OS Files From Default To Different OS Location for space concern. refer my blog
• #systemctl enable docker
• #systemctl start docker
• #docker login container-registry.oracle.com/kubernetes_developer . We can get free account from Oracle Container Registry
• #iptables -P FORWARD ACCEPT
• #firewall-cmd —add-masquerade —permanent
• #firewall-cmd —add-port=10250/tcp —permanent
• #firewall-cmd —add-port=8472/udp —permanent
• On Master Node only: # firewall-cmd —add-port=6443/tcp —permanent
• #systemctl restart firewalld
• #/usr/sbin/setenforce 0
• #vim /etc/selinux/config and set SELINUX=permissive

Setting Master Node

• #yum install kubeadm
• #export KUBE_REPO_PREFIX=container-registry.oracle.com/kubernetes_developer
• #kubeadm-setup.sh up

_.
Please wait .
— 75% completed
Waiting for the control plane to become ready .
.
100% completed
.
[===> PLEASE DO THE FOLLOWING STEPS BELOW: > $HOME/.bashrc

use this command to verify: $ kubectl get pods -n kube-system, output would be like

[k8suser@instance-cas-mt2 .kube]$ kubectl get pods -n kube-system
NAME READY STATUS RESTARTS AGE
etcd-instance-cas-mt2 1/1 Running 0 2h
kube-apiserver-instance-cas-mt2 1/1 Running 1 2h
kube-controller-manager-instance-cas-mt2 1/1 Running 0 2h
kube-dns-5c57c4787c-xzsgz 3/3 Running 0 2h
kube-flannel-ds-87xb9 1/1 Running 0 2h
kube-proxy-mwn46 1/1 Running 0 2h
kube-scheduler-instance-cas-mt2 1/1 Running 0 2h
kubernetes-dashboard-7df769d745-m4mgx 1/1 Running 0 2h

Setting Worker Node:

• #yum install kubeadm
• export KUBE_REPO_PREFIX=container-registry.oracle.com/kubernetes_developer && kubeadm-setup.sh join 100.106.146.3:6443 —token ******* —discovery-token-ca-cert-hash sha256:*********
• In the master node ,use kubeadm token list or kubeadm token create to get token
• In the master node, use below to get SHA256 CA certificate

_Checking if env is ready .
Checking whether docker can pull busybox image .
Checking access to container-registry.oracle.com/kubernetes_developer .
Trying to pull repository container-registry.oracle.com/kubernetes_developer/kube-proxy-amd64 .
v1.10.5: Pulling from container-registry.oracle.com/kubernetes_developer/kube-proxy-amd64
Digest: sha256:*****
Status: Image is up to date for container-registry.oracle.com/ku bernetes_developer/kube-proxy-amd64:v1.10.5
Checking whether docker can run container .
Checking firewalld settings .
Checking iptables default rule .
Checking br_netfilter module .
Checking sysctl variables .
Enabling kubelet .
Created symlink from /etc/systemd/system/multi-user.target.wants /kubelet.service to /etc/systemd/system/kubelet.service.
Check successful, ready to run ‘join’ command .
[preflight] Running pre-flight checks.
[validation] WARNING: kubeadm doesn’t fully support multiple API Servers yet
[discovery] Trying to connect to API Server «100.106.146.3:6443»
[discovery] Trying to connect to API Server «100.106.146.3:6443»
[discovery] Created cluster-info discovery client, requesting info from «https://100.106.146.3:6443»
[discovery] Created cluster-info discovery client, requesting info from «https://100.106.146.3:6443»
[discovery] Requesting info from «https://100.106.146.3:6443» again to validate TLS against the pinned public key
[discovery] Requesting info from «https://100.106.146.3:6443» again to validate TLS against the pinned public key
[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server «100.106.146.3:6443»
[discovery] Successfully established connection with API Server «100.106.146.3:6443»
[discovery] Cluster info signature and contents are valid and TLS certificate validates against pinned roots, will use API Server «100.106.146.3:6443»
[discovery] Successfully established connection with API Server «100.106.146.3:6443»
This node has joined the cluster:

Certificate signing request was sent to master and a response was received.

The Kubelet was informed of the new secure connection details.
Run ‘kubectl get nodes’ on the master to see this node join the cluster._

kubectl get nodes

NAME STATUS ROLES AGE VERSION
instance-test-db2 Ready 5m v1.10.5+2.0.2.el7
instance-test-mt2 Ready master 3h v1.10.5+2.0.2.el7

• admin.conf controller-manager.conf kubelet.conf scheduler.conf plus pki and other manifests files can be found in host /etc/kubernetes/

About

To mannually install Kubernetes in Oracle OCI via Oracle Released Docker and Kubernetes version

Источник