fedora Project home page ：https://start.fedoraproject.org/
Kubernetes on Fedora About ：https://fedoramagazine.org/kubernetes-on-fedora-iot-with-k3s/

One . stay fedora Install in docker

1. Update package

yum update

2. lookup docker Package and install

yum list docker 

yum install docker.x86_64

Note that you need to install according to the name of the actual package you find

3. Check after installation docker

You can try the following command ：

docker<Tab>
docker <Tab><Tab>
docker -h
docker -v

Finally, be sure to run docker version command

docker version

The last error is because fedora It doesn't start automatically docker daemon, You need to start it manually .

4. start-up docker daemon service

systemctl enable docker.service
systemctl start docker.service
sudo docker version

systemctl status docker.service
5. Check the relevant software installation package

rpm -ql docker | less

Specific document description
/var/lib/docker：docker pull The following image files and containers are in the secondary directory .
/etc/sysconfig/docker： When docker When the command runs as a daemon for the service , This file is used to collect information for docker Command options . By default, only –selinux-enabled Option to enable the docker Of SELinux Support . A configuration in this file DOCKER_CERT_PATH Will start docker The key file required by the service is stored in the specified directory /etc/docker
/etc/sysconfig/docker-network： This file is used to collect and transmit to docker Network options for services
/etc/syscofig/docker-storage: This file is used to change docker How services store data . By default, it will be mounted to /var/lib/docker A sparse echo file of the directory . You can choose to use raw storage devices to store metadata and data .
/etc/udev/rules.d/80-docker.rules: This document is used to inform udev Service configuration docker The device mapping file used by the service ,docker The service uses the device mapping file to access the host properties required by the container
/usr/share/doc/docker： Deposit docker Project documents for . Contains software changes and license information , And readme file .
/usr/share/man：docker Online help page for commands

Two . stay fedora Install in Kubernetes

1. Find out the relevant software packages

yum list kubernetes
yum list etcd

2. Install related packages

sudo yum install -y --enablerepo=updates-testing kubernetes.x86_64 etcd.x86_64

In this command –enablerepo=updates-testing characteristic , The purpose is to obtain the latest version of k8s, Be careful , I just want to try more of the latest features , But they can be unstable , If this happens, you need to completely delete the relevant packages , And use the command without this feature to reinstall .

Finally, it can be seen that the integrated software package has been installed k8s All components of the cluster

3. close firewalld

In order to make k8s Work , Need to install iptables, Check to see if... Is installed on your machine iptables, If not installed, run yum install iptables Installation .

because k8s Very dependent on iptables Firewall rules communicate between components , Therefore, in order to facilitate learning, close any firewall manager that may cause conflicts

systemctl stop firewalld
systemctl disable firewlld
systemctl status firewalld

4. To configure Master and Node service

In a k8s In the cluster , stay master and node Yes k8s Configuration is to tell them how to communicate ： The configuration file is /etc/etcd/etcd.conf and /etc/kubernetes Files in directory .
Here is the integration built on only one node k8s, And because master and node The default configuration for most services of is set to find each other in the local host , Therefore, this information does not need to be added to the integrated cluster .
！！！ because k8s There is absolute permission management in ： Role based default permission management .
Whether it's a user or k8s Its own service components , All of them are subject to ACL（Access Control List) The control of , At first, for the convenience of trial k8s Related functions ： edit /etc/kubernetes/apiserver file , from KUBE_ADMISSION_CONTROL Delete this line ServiceAccount. This allows you to do simple pod Bypass during deployment ServiceAccount characteristic .

# default admission control policies
#KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ServiceAccount,ResourceQuota"
KUBE_ADMISSION_CONTROL="--admission-control=NamespaceLifecycle,LimitRanger,SecurityContextDeny,ResourceQuota"

5. start-up master service

MSERVICES="etcd kube-apiserver kube-controller-manager kube-scheduler"
systemctl restart $MSERVICES
systemctl enable $MSERVICES
systemctl is-active $MSERVICES
systemctl is-enabled $MSERVICES

6. start-up node service

NSERVICES="kube-proxy kubelet docker"
systemctl restart $NSERVICES
systemctl enable $NSERVICES
systemctl is-active $NSERVICES
systemctl is-enabled $NSERVICES

7. Check cluster status

kubectl cluster-info
kubectl get node

So far an integrated k8s The cluster has been set up .