Orf Gelbrich
Cisco Employee
Cisco Employee
Task Name
  1. Kubernetes
  1. .
  1. Tested on 6.5 and
CentOS Linux release 7.4.1708 (Core)
ComponentsvSphere 6.5
User Inputs

Instructions for Regular Workflow Use:

  1. Download the attached .ZIP file below to your computer. *Remember the location of the saved file on your computer.
  2. Unzip the file on your computer. Should end up with a .WFD file.
  3. Log in to UCS Director as a user that has "system-admin" privileges.
  4. Navigate to "Policies-->Orchestration" and click on "Import".
  5. Click "Browse" and navigate to the location on your computer where the .WFD file resides. Choose the .WFD file and click "Open".
  6. Click "Upload" and then "OK" once the file upload is completed. Then click "Next".
  7. Click the "Select" button next to "Import Workflows". Click the "Check All" button to check all checkboxes and then the "Select" button.
  8. Click "Submit".
  9. A new folder should appear in "Policies-->Orchestration" that contains the imported workflow. You will now need to update the included tasks with information about the specific environment.

This is an example of a Kubernetes install / deployment with UCSD.

The end user catalog offering:

Screen Shot 2017-12-13 at 2.50.23 PM.png

Screen Shot 2017-12-13 at 2.50.36 PM.png

The service offering/workflow questions:

     In this case I want 1 master and 5 Minions

Screen Shot 2017-12-13 at 2.51.15 PM.png

Workflow execution:

Screen Shot 2017-12-13 at 2.51.41 PM.png

Deployment happens in parallel (minions):

     This spawned one Global WF SR and one master SR and 5 minion SR's

Screen Shot 2017-12-13 at 3.07.18 PM.png

The resulting e-mails:

Screen Shot 2017-12-13 at 3.28.20 PM.png

Workflow completion:

Screen Shot 2017-12-13 at 3.30.27 PM.png

Kubernetes is up:

Screen Shot 2017-12-13 at 3.32.57 PM.png

Workflow Picture:

workflow_370 (1).png

The Guide used for this example can be found here:

Here are the conversion steps take to get this to run in UCSD:

     The host preparation is handled at VM deployment time as a post provisioning workflow

Screen Shot 2017-12-15 at 6.39.32 AM.png

     Workflow: CreateKubernetesCluster calls the Master and Minion workflows via postprovisioning

     The Master creation workflow:

Screen Shot 2017-12-15 at 6.39.52 AM.png

     Prepare the Host:

     /etc/yum.repos.d/virt7-docker-common-release.repo on all hosts - centos-{master,minion-n}

     with following information.



     yum -y install --enablerepo=virt7-docker-common-release kubernetes etcd flannel

UCSD Translation

Screen Shot 2017-12-15 at 6.43.09 AM.png

echo "[virt7-docker-common-release]" > /etc/yum.repos.d/virt7-docker-common-release.repo

echo "name=virt7-docker-common-release" >> /etc/yum.repos.d/virt7-docker-common-release.repo

echo "baseurl=

gpgcheck=0" >> /etc/yum.repos.d/virt7-docker-common-release.repo

nohup yum -y install --enablerepo=virt7-docker-common-release kubernetes etcd flannel > /tmp/install.log   &

Step 2 is creating a file on UCSD with host file information for later processing:

Screen Shot 2017-12-15 at 6.49.04 AM.png

Minion post provisioning workflow is the same as master:

Screen Shot 2017-12-15 at 6.51.26 AM.png

Screen Shot 2017-12-15 at 6.51.46 AM.png

Next step is to distribute the /etc/host file to all servers (master and minion(s)) from UCSD(it accumulated the hosts file during all the server builds)

Screen Shot 2017-12-15 at 6.54.37 AM.png

Screen Shot 2017-12-15 at 6.54.57 AM.png

nohup curl --append --insecure --user ${TemplateUser}:${TemplatePassword} -T /tmp/hosts sftp://${custom_ReadFromCSVFileRandom_4118.out1}/etc/hosts &


Edit /etc/kubernetes/config which will be the same on all hosts:

# logging to stderr means we get it in the systemd journal

# journal message level, 0 is debug

# Should this cluster be allowed to run privileged docker containers

# How the replication controller and scheduler find the kube-apiserver

Screen Shot 2017-12-15 at 7.04.20 AM.png

Screen Shot 2017-12-15 at 7.04.30 AM.png


setenforce 0
systemctl disable iptables-services firewalld
systemctl stop iptables-services firewalld

Screen Shot 2017-12-15 at 7.06.12 AM.png

Screen Shot 2017-12-15 at 7.06.20 AM.png

Next steps only happen on the master:

Edit /etc/etcd/etcd.conf

# [member]


Screen Shot 2017-12-15 at 7.08.58 AM.png

Screen Shot 2017-12-15 at 7.09.10 AM.png

Edit /etc/kubernetes/apiserver

# The address on the local server to listen to.

# The port on the local server to listen on.

# Port kubelets listen on

# Comma separated list of nodes in the etcd cluster

# Address range to use for services

# Add your own!

Screen Shot 2017-12-15 at 7.10.49 AM.png

Screen Shot 2017-12-15 at 7.11.07 AM.png

echo KUBE_API_ADDRESS=\\"--address=\\" > /etc/kubernetes/apiserver

echo KUBE_API_PORT=\\"--port=8080\\" >> /etc/kubernetes/apiserver

echo KUBELET_PORT=\\"--kubelet-port=10250\\" >> /etc/kubernetes/apiserver

echo KUBE_ETCD_SERVERS=\\"--etcd-servers=http://${custom_ReadFromCSVFileRandom_4118.out2}:2379\\" >> /etc/kubernetes/apiserver

echo KUBE_SERVICE_ADDRESSES=\\"--service-cluster-ip-range=\\" >> /etc/kubernetes/apiserver

echo KUBE_API_ARGS=\\"\\"

Start ETCD and configure it to hold the network overlay configuration on master: Warning This network must be unused in your network infrastructure! is free in our network

systemctl start etcd
etcdctl mkdir /kube-centos/network
etcdctl mk /kube-centos/network/config "{ \"Network\": \"\", \"SubnetLen\": 24, \"Backend\": { \"Type\": \"vxlan\" } }"

Screen Shot 2017-12-15 at 7.12.50 AM.png

Screen Shot 2017-12-15 at 7.13.02 AM.png

Configure flannel to overlay Docker network in /etc/sysconfig/flanneld

# Flanneld configuration options

# etcd url location. Point this to the server where etcd runs

# etcd config key. This is the configuration key that flannel queries
# For address range assignment

# Any additional options that you want to pass

Screen Shot 2017-12-15 at 7.14.05 AM.png

Screen Shot 2017-12-15 at 7.14.17 AM.png

echo FLANNEL_ETCD_ENDPOINTS=\\"http://${custom_ReadFromCSVFileRandom_4118.out2}:2379\\" > /etc/sysconfig/flanneld

echo FLANNEL_ETCD_PREFIX=\\"/kube-centos/network\\" >> /etc/sysconfig/flanneld

Start the appropriate services on master

for SERVICES in etcd kube-apiserver kube-controller-manager kube-scheduler flanneld; do
systemctl restart $SERVICES
  systemctl enable $SERVICES
  systemctl status $SERVICES

Screen Shot 2017-12-15 at 7.15.14 AM.png

Screen Shot 2017-12-15 at 7.15.26 AM.png

Configure the Kubernetes services on the nodes.

Edit /etc/kubernetes/kubelet

# The address for the info server to serve on

# The port for the info server to serve on

# You may leave this blank to use the actual hostname
# Check the node number!

# Location of the api-server

# Add your own!

Configure flannel to overlay Docker network in /etc/sysconfig/flanneld

# Flanneld configuration options

# etcd url location. Point this to the server where etcd runs

# etcd config key. This is the configuration key that flannel queries
# For address range assignment

# Any additional options that you want to pass

Screen Shot 2017-12-15 at 7.19.35 AM.png

Screen Shot 2017-12-15 at 7.19.45 AM.png

echo KUBELET_ADDRESS=\\"--address=\\" > /etc/kubernetes/kubelet

echo KUBELET_PORT=\\"--port=10250\\" >> /etc/kubernetes/kubelet

echo KUBELET_HOSTNAME=\\"--hostname-override=${custom_ReadFromCSVFileRandom_4118.out2}\\" >> /etc/kubernetes/kubelet

echo KUBELET_API_SERVER=\\"--api-servers=http://`grep master /etc/hosts | awk '{ print $2 }'`:8080\\" >> /etc/kubernetes/kubelet

echo KUBELET_ARGS=\\"\\" >> /etc/kubernetes/kubelet

echo FLANNEL_ETCD_ENDPOINTS=\\"http://`grep master /etc/hosts | awk '{ print $2 }'`:2379\\" > /etc/sysconfig/flanneld

echo FLANNEL_ETCD_PREFIX=\\"/kube-centos/network\\" >> /etc/sysconfig/flanneld

Start the appropriate services on node (centos-minion-n)

for SERVICES in kube-proxy kubelet flanneld docker; do
systemctl restart $SERVICES
  systemctl enable $SERVICES
  systemctl status $SERVICES

Screen Shot 2017-12-15 at 7.20.45 AM.png

Screen Shot 2017-12-15 at 7.21.35 AM.png

Configure kubectl

kubectl config set-cluster default-cluster --server=http://centos-master:8080
kubectl config set-context default-context --cluster=default-cluster --user=default-admin

kubectl config use-context default-context

Screen Shot 2017-12-15 at 7.22.29 AM.png

Screen Shot 2017-12-15 at 7.22.38 AM.png

kubectl config set-cluster default-cluster --server=http://`grep master /etc/hosts | awk '{ print $2 }'`:8080

kubectl config set-context default-context --cluster=default-cluster --user=default-admin

kubectl config use-context default-context

Workflow run with 1 master and 2 minions resulting e-mails.

Screen Shot 2017-12-15 at 7.27.48 AM.png

Logging onto the master and checking its nodes.

Screen Shot 2017-12-15 at 7.27.58 AM.png

Workflow is attached enjoy!

Screen Shot 2017-12-15 at 7.31.28 AM.png

Level 1
Level 1

thanks you ogelbric !

Orf Gelbrich
Cisco Employee
Cisco Employee

No problem. Hope you got it working in your environment.

