升級stackdriver-agent5.x 到 stackdriver-agent6.x on GCP

因為 stackdriver-agent5.x 將在2020 年 4 月 28 日停止使用
所以我這邊做了下列升級步驟

yum remove stackdriver-agent -y

curl -sSO https://dl.google.com/cloudagents/add-monitoring-agent-repo.sh

bash add-monitoring-agent-repo.sh

yum clean all

yum list --showduplicates stackdriver-agent

yum install -y stackdriver-agent-6.*

參考網址:
https://cloud.google.com/monitoring/agent/installation#upgrade
https://cloud.google.com/monitoring/agent/installation#upgrade

第一次接觸terraform來管理GCP

 希望能夠透過terraform來加速佈建雲端服務的效率

1. 安裝terraform

(terraform只是一個執行檔案)

到https://www.terraform.io/downloads.html 下載壓縮檔案
解壓縮到機器上的/usr/local/bin就可以直接使用

2.建立第一個 tf配置檔案

 a.從GCP建立Account Service , 並下載金鑰檔案(json格式),rename成account.json
 b.配置Google Cloud provider設定
(project 這邊是project id)

 provider "google" {
  credentials = file("account.json")
  project = "ab-xx-xxxx"
  region  = "asia-east1"
}

3. 完善tf設定檔案,並在台灣節點建立一台vm , 配置如下

file - 1.tf

  
  provider "google" {
  credentials = file("account.json")
  project = "ab-xx-xxxx
  region  = "asia-east1"
}

resource "google_compute_instance" "vm_instance" {
name         = "terraform-instance"
machine_type = "n1-standard-1"
zone         = "asia-east1-c"

boot_disk {
initialize_params {
image = "centos-cloud/centos-7"
 }
}

network_interface {

    # A default network is created for all GCP projects
 network       = "default"
subnetwork    = "default"
 }
}

4.啟動/刪除資源從tf檔案 ---- 好處是資源新增刪除都不會漏掉
(金鑰和tf檔案都要放在同一層)

啟動
terraform init

刪除
terraform destroy


參考網站:
https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/getting_started
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_instance
https://ithelp.ithome.com.tw/articles/10206648

Install Kubernetes Cluster With CRI-O: Part4 kubeadm join node

 

在三台主機做Kubernetes Cluster的情境下
 (Version = 1.18.3)
192.168.53.204  k8s-master  ---CentOS 7.8
192.168.53.205  k8s-node1   ---CentOS 7.8
192.168.53.206  k8s-node2   ---CentOS 7.8

1.安裝CRI-O / kubeadm / kubelet  / kubectl )

(依照 Part 1 , Part 2 安裝即可,操作kubeadm join之後服務kubelet才能正常啟動)

2.加入cluster

(可以從master機器做kubeadm init時複製token和hash sha256訊息,因為使用cri-o所以要加--cri-socket)

kubeadm join 192.168.53.204:6443 --token xxxx8.q5qweqw77445 --discovery-token-ca-cert-hash sha256:9ffasdadsadffcb1b85d35d8asdasdsadabf47f04edc44a94esdadsasdasd0c --cri-socket="/var/run/crio/crio.sock" --ignore-preflight-errors=all

PS:

----查看token 方式(從master)

kubeadm token list

----查看ca-cert-hashsha256(從master)
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | openssl dgst -sha256 -hex | sed 's/^.* //'

3. 在master查看node

kubeadm get node

參考網址:

https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-join/

https://ithelp.ithome.com.tw/articles/10209787