The threshold for using K8s on the edge is too high? This feature of OpenYurt helps you quickly build a cluster!

Introduction to In order to lower the threshold for using OpenYurt and help more developers quickly get started with OpenYurt, the community provides the OpenYurt easy-to-use tool yurtctl. This tool is dedicated to shielding the complexity of OpenYurt cluster creation and helping developers quickly build OpenYurt development and test clusters locally.

As Alibaba's first open source edge cloud native project, OpenYurt involves two areas of edge computing and cloud native. However, many edge computing developers are not familiar with cloud native knowledge. In order to lower the threshold for using OpenYurt and help more developers get started quickly with OpenYurt, the community provides OpenYurt's easy-to-use tool yurtctl. This tool is dedicated to shielding the complexity of OpenYurt cluster creation and helping developers quickly build OpenYurt development and test clusters locally.

OpenYurt adopts the cloud management-side architecture, and on the native Kubernetes cluster, the function is enhanced in the form of Addon, which solves the key problems of cloud-side network instability and cloud-side operation and maintenance in the cloud-side management scene, and realizes the work Core functions such as load/traffic unit management, edge local storage, and IoT device management. The topology of the experiment in this article is shown in the figure:

Among them, the blue part is the native k8s component, and the orange part is the component provided by OpenYurt.

• The Master node is located in the cloud and serves as the control node of the OpenYurt cluster. It also serves as the Cloud Node of the cluster. It deploys the native k8s control plane component controlplane and OpenYurt's control components yurt-controller-manager, yurt-app-manager, and yurt- tunnel-server
• The Cloud-Node node is located in the cloud. As the Cloud Node of the OpenYurt cluster, it can be used to deploy the management and control components of OpenYurt. The experiment in this article is only used to demonstrate the cloud node access operation, without actually deploying the management and control components of OpenYurt.
• Edge-Node is located at the edge. As the edge node of the cluster, the node autonomous component YurtHub and the cloud channel component tunnel-agent are deployed.

Environmental preparation

(1) Three computers with Linux operating system. One as a control plane node (also a cloud node), one as a cloud node and one as an edge node, the system is both Ubuntu 18.04).

(2) Docker is pre-installed in the system, please refer to the installation method.

(3) Turn off the system swap partition. Different versions of the system have different ways of shutting down. The environment of this article executes swapoff -a to shut down.

(4) Download the OpenYurt community code, build the yurtctl tool, and copy yurtctl to three hosts.

git clone https://github.com/openyurtio/openyurt.git
cd openyurt
export GOOS=linux GOARCH=amd64; make build  WHAT=cmd/yurtctl

The constructed yurtctl is in the directory _output/bin/ . The version of yurtctl used in this article is:

root@master:~# ./yurtctl --version
yurtctl version: projectinfo.Info{GitVersion:"v0.4.1", GitCommit:"3315ccc", BuildDate:"2021-09-08T02:48:34Z", GoVersion:"go1.13", Compiler:"gc", Platform:"linux/amd64"}

Pull up the control plane node with one click

In yurtctl, the init subcommand is provided to pull up the control node of OpenYurt. The management and control component of the Kubernetes cluster (kube-apiserver/kube-scheduler/kube-controller-manager/etcd) is deployed on this node. At the same time, it also deployed OpenYurt's control components (yurt-controller-manager/yurt-app-manager/yurt-tunnel-server) as an OpenYurt cloud control node

On the control plane node, execute the following command

root@master:~# ./yurtctl init --image-repository=registry.cn-hangzhou.aliyuncs.com/google_containers --kubernetes-version=v1.18.8  --pod-network-cidr=10.244.0.0/16

This command specifies that the mirror warehouse of Kubernetes related components is registry.cn-hangzhou.aliyuncs.com/google\_containers, and the version of the specified Kubernetes cluster is 1.18.8 (recommended). For more parameters of the yurtctl init command, please refer to yurtctl init --help .

yurtctl init command is successfully executed, the instructions for adding cloud nodes and edge nodes will be output synchronously.

Your OpenYurt cluster control-plane has initialized successfully!
        To start using your cluster, you need to run the following as a regular user:
          mkdir -p $HOME/.kube
          sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
          sudo chown $(id -u):$(id -g) $HOME/.kube/config
        Then you can join any number of edge-nodes by running the following on each as root:
        yurtctl join 111.32.157.130:6443 --token tfdxae.lvmb7orduikbyjqu \
    --discovery-token-ca-cert-hash sha256:0e1faf696fe976a7b28c03e0dece429c85d72e6e1e6bc2dd1ac3d30d0416f3f0  --node-type=edge-node
        And you can join any number of cloud-nodes by running the following on each as root:
        yurtctl join 111.32.157.130:6443 --token tfdxae.lvmb7orduikbyjqu \
    --discovery-token-ca-cert-hash sha256:0e1faf696fe976a7b28c03e0dece429c85d72e6e1e6bc2dd1ac3d30d0416f3f0  --node-type=cloud-node

According to the prompt, execute the following command, copy the certificate to the corresponding directory, you can use kubectl to operate the cluster

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

On the master node, check the status of the master node

root@master:~# kubectl get nodes
NAME     STATUS   ROLES    AGE   VERSION
master   Ready    <none>   50s   v1.18.8

Check whether the master node component is Running

root@master:~# kubectl get pods -A
NAMESPACE     NAME                                       READY   STATUS    RESTARTS   AGE
kube-system   controlplane-master                        4/4     Running   0          55s
kube-system   coredns-546565776c-88hs6                   1/1     Running   0          46s
kube-system   coredns-546565776c-v5wxb                   1/1     Running   0          46s
kube-system   kube-flannel-ds-h6qqc                      1/1     Running   0          45s
kube-system   kube-proxy-6rnq2                           1/1     Running   0          45s
kube-system   yurt-app-manager-75b7f76546-6dsw9          1/1     Running   0          45s
kube-system   yurt-app-manager-75b7f76546-x6wzm          1/1     Running   0          45s
kube-system   yurt-controller-manager-697877d548-kd5xf   1/1     Running   0          46s
kube-system   yurt-tunnel-server-bc5cb5bf-xxqgj          1/1     Running   0          46s

Among them, the functions of each component are as follows:

• controlplane is an all-in-one Kubernetes control component. In order to facilitate the understanding of the relationship between OpenYurt and Kubernetes, yurtctl init the Kubernetes control component in the same Pod as a black box.
• yurt-app-manager is a unitized component of OpenYurt, providing unitized deployment, operation and maintenance capabilities of workload;
• yurt-controller-manager is a node lifecycle management component, which cooperates with the yurt-hub on the edge node to realize the autonomous function of the edge node;
• yurt-tunnel-server is the server side of the cloud-side operation and maintenance channel, which cooperates with yurt-tunnel-agent on the edge node to achieve cloud-to-edge operation and maintenance capabilities.

One-click access to cloud nodes

Cloud nodes are used to deploy OpenYurt-related system components. In yurtctl, the join subcommand is provided to add cloud nodes to the OpenYurt cluster. In addition, when the master node is initialized with yurtctl init, the master node will also be used as a cloud node. If you need to add a new cloud node, you can use the output of init to copy the cloud node access instruction to the cloud node that needs to be added for execution.

root@cloud-node:~#./yurtctl join 111.32.157.130:6443 --token vowclg.k7059m0f0qbcebpg --discovery-token-ca-cert-hash sha256:30846295ea024260bc3c4988507c4408e8756ca5440221e109fe8167f636f125 --node-type=cloud-node

The address of the master node is specified in the access command, as well as the token required for access authentication and the type of node to be accessed (cloud-node). The output of successful execution is as follows

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

Check whether the status of the newly connected cloud node is Ready on the master node

root@master:~# kubectl get nodes -l openyurt.io/is-edge-worker=false
NAME         STATUS   ROLES    AGE     VERSION
cloud-node   Ready    <none>   5m4s    v1.18.8
master       Ready    <none>   9m40s   v1.18.8

One-click access to edge nodes

As the node where the OpenYurt cluster actually deploys services, the edge node is usually deployed in the user's intranet environment, and the network connection with the control component is usually unstable. Therefore, the node autonomous component yurt-hub and the cloud side operation and maintenance component yurt-tunnel-agent need to be deployed on the edge nodes. In yurtctl, the join subcommand is provided to add edge nodes to the OpenYurt cluster. Use the output command in init to copy the edge node access instruction to the edge node that needs to be added for execution.

root@edge-node:~# ./yurtctl join 111.32.157.130:6443 --token vowclg.k7059m0f0qbcebpg --discovery-token-ca-cert-hash sha256:30846295ea024260bc3c4988507c4408e8756ca5440221e109fe8167f636f125  --node-type=edge-node

The access command specifies the address of the master node, as well as the token required for access authentication and the type of node to be accessed (edge-node). The output of successful execution is as follows

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

On the master node, check whether the status of the newly-connected edge node is Ready

root@master:~# kubectl get nodes -l openyurt.io/is-edge-worker=true
NAME        STATUS   ROLES    AGE   VERSION
edge-node   Ready    <none>   26s   v1.18.8

Check whether the components of the edge node are Running

root@master:~# kubectl get pods -A -o wide | grep edge-node
kube-system   kube-flannel-ds-tdqtx                      1/1     Running   0          58s   103.15.99.183    edge-node    <none>           <none>
kube-system   kube-proxy-8r76s                           1/1     Running   0          58s   103.15.99.183    edge-node    <none>           <none>
kube-system   yurt-hub-edge-node                         1/1     Running   0          16s   103.15.99.183    edge-node    <none>           <none>
kube-system   yurt-tunnel-agent-v4jwt                    1/1     Running   0          38s   103.15.99.183    edge-node    <none>           <none>

Among them, the functions of each component on each edge node are as follows:

• yurt-hub Edge node autonomous components, the components on the edge node interact with kube-apiserver yurt-hub When the cloud edge network is good, yurt-hub forwards the request of the node component to kube-apiserver and caches the response content. When the cloud edge is disconnected, edge-hub obtains data from the local cache in response to the request of the edge node component.
• yurt-tunnel-agent Cloud-side operation and maintenance channel client, cooperates with yurt-tunnel-server to realize cloud-to-side operation and maintenance.

After the above 4 steps, you can have an OpenYurt cluster locally. If you need to clean up the OpenYurt cluster, you can execute ./yurtctl reset on each node in the cluster.

OpenYurt is backed by native Kubernetes and at the same time faces edge computing scenarios. Due to the complexity of Kubernetes itself, it is difficult for many students in non-native fields to get started. The construction of the OpenYurt cluster is the first step to get started, blocking most edge computing players. In order to improve the ease of use of OpenYurt, yurtctl has designed tools such as init, join, reset, and convert to help users quickly build an OpenYurt cluster locally and cross the first step of using OpenYurt. Although the ease of use has been greatly improved, there are still many shortcomings. We look forward to the active participation of students in the community, based on OpenYurt, together to create a more easy-to-use edge cloud native infrastructure.

Communication and exchange

If you have any questions about OpenYurt, welcome to use Dingding to scan the QR code or search for the group number (31993519) to join the Dingding exchange group.

Related Links:

https://github.com/openyurtio/openyurt

https://docs.docker.com/engine/install/

Copyright Notice: content of this article is contributed spontaneously by Alibaba Cloud real-name registered users, and the copyright belongs to the original author. The Alibaba Cloud Developer Community does not own its copyright and does not assume corresponding legal responsibilities. For specific rules, please refer to the "Alibaba Cloud Developer Community User Service Agreement" and the "Alibaba Cloud Developer Community Intellectual Property Protection Guidelines". If you find suspected plagiarism in this community, fill in the infringement complaint form to report it. Once verified, the community will immediately delete the suspected infringing content.