416 lines
8.8 KiB
Markdown
416 lines
8.8 KiB
Markdown
# Guía de instalación K8s + KubeVirt en Ubuntu 24.04
|
|
|
|
## 0. Ejemplo de configuración de red (Netplan)
|
|
|
|
Si quieres probar Multus con bridges y VLANs, puedes usar una configuración de Netplan como la siguiente. Aquí se configura:
|
|
|
|
* Bonding LACP sobre dos interfaces
|
|
* VLANs para separar redes
|
|
* Bridges para administración y servicios
|
|
|
|
**Archivo:** `/etc/netplan/50-cloud-init.yaml`
|
|
|
|
```yaml
|
|
network:
|
|
version: 2
|
|
ethernets:
|
|
enp2s0f0np0: {}
|
|
enp2s0f1np1: {}
|
|
bonds:
|
|
bond0:
|
|
interfaces:
|
|
- enp2s0f0np0
|
|
- enp2s0f1np1
|
|
parameters:
|
|
mode: "802.3ad"
|
|
lacp-rate: "fast"
|
|
transmit-hash-policy: "layer3+4"
|
|
vlans:
|
|
bond0.20:
|
|
id: 20
|
|
link: bond0
|
|
dhcp4: no
|
|
bond0.30:
|
|
id: 30
|
|
link: bond0
|
|
addresses:
|
|
- "192.168.3.4/24"
|
|
bond0.40:
|
|
id: 40
|
|
link: bond0
|
|
addresses:
|
|
- "192.168.4.4/24"
|
|
bridges:
|
|
br0:
|
|
interfaces:
|
|
- bond0
|
|
addresses:
|
|
- "192.168.1.14/24"
|
|
nameservers:
|
|
addresses:
|
|
- 192.168.1.1
|
|
- 1.1.1.1
|
|
- 8.8.8.8
|
|
routes:
|
|
- to: "default"
|
|
via: "192.168.1.1"
|
|
parameters:
|
|
stp: false
|
|
forward-delay: 0
|
|
br-servicios:
|
|
interfaces:
|
|
- bond0.20
|
|
addresses:
|
|
- 192.168.200.4/22
|
|
parameters:
|
|
stp: false
|
|
forward-delay: 0
|
|
```
|
|
|
|
*No olvides aplicar cambios con:*
|
|
`sudo netplan apply`
|
|
|
|
---
|
|
|
|
## 1. Prerrequisitos del sistema
|
|
|
|
* Ubuntu 24.04 actualizado
|
|
* Acceso root o sudo
|
|
|
|
### a) Actualiza el sistema y paquetes básicos
|
|
|
|
```bash
|
|
sudo apt-get update
|
|
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
|
|
```
|
|
|
|
### b) Añade el repositorio oficial de Kubernetes
|
|
|
|
```bash
|
|
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
|
|
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
|
|
sudo chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg
|
|
sudo chmod 644 /etc/apt/sources.list.d/kubernetes.list
|
|
sudo apt-get update
|
|
```
|
|
|
|
---
|
|
|
|
## 2. Desactiva SWAP (requisito Kubernetes)
|
|
|
|
```bash
|
|
sudo swapoff -a
|
|
sudo sed -i '/ swap / s/^/#/' /etc/fstab
|
|
```
|
|
|
|
---
|
|
|
|
## 3. Instala containerd (runtime recomendado)
|
|
|
|
```bash
|
|
sudo apt-get install -y containerd
|
|
sudo mkdir -p /etc/containerd
|
|
containerd config default | sudo tee /etc/containerd/config.toml
|
|
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
|
|
sudo systemctl restart containerd
|
|
sudo systemctl enable containerd
|
|
```
|
|
|
|
---
|
|
|
|
## 4. Prepara el kernel y sysctl
|
|
|
|
```bash
|
|
sudo modprobe overlay
|
|
sudo modprobe br_netfilter
|
|
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
net.ipv4.ip_forward = 1
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
EOF
|
|
sudo sysctl --system
|
|
```
|
|
|
|
---
|
|
|
|
## 5. Instala kubeadm, kubelet, kubectl
|
|
|
|
```bash
|
|
sudo apt-get install -y kubelet kubeadm kubectl
|
|
sudo apt-mark hold kubelet kubeadm kubectl
|
|
```
|
|
|
|
---
|
|
|
|
## 6. Inicializa el clúster (mononodo/laboratorio)
|
|
|
|
> Si usas Flannel, usa este parámetro:
|
|
|
|
```bash
|
|
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
|
|
```
|
|
|
|
---
|
|
|
|
### a) Configura kubectl para tu usuario
|
|
|
|
```bash
|
|
mkdir -p $HOME/.kube
|
|
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
|
|
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
|
```
|
|
|
|
---
|
|
|
|
## 7. Instala la red de pods (Flannel)
|
|
|
|
```bash
|
|
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
|
|
```
|
|
|
|
---
|
|
|
|
## 8. Instala Multus (opcional, para múltiples redes)
|
|
|
|
```bash
|
|
kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset.yml
|
|
```
|
|
|
|
* Verifica:
|
|
|
|
```bash
|
|
kubectl get pods -n kube-system | grep multus
|
|
```
|
|
|
|
---
|
|
|
|
## 9. (Opcional) Quita el taint del nodo master para poder programar pods en él
|
|
|
|
```bash
|
|
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
|
|
kubectl taint nodes --all node-role.kubernetes.io/master-
|
|
```
|
|
|
|
---
|
|
|
|
## 10. Test rápido de Multus
|
|
|
|
La carpeta `multus/` del repositorio contiene el NAD y el pod de prueba:
|
|
|
|
* `multus/nad-br-servicios.yaml` (NetworkAttachmentDefinition)
|
|
* `multus/test-multus-pod.yaml` (pod alpine)
|
|
|
|
**Despliega la NAD:**
|
|
|
|
```bash
|
|
kubectl apply -f multus/nad-br-servicios.yaml
|
|
```
|
|
|
|
**Despliega el pod de test:**
|
|
|
|
```bash
|
|
kubectl apply -f multus/test-multus-pod.yaml
|
|
```
|
|
|
|
Comprueba las interfaces:
|
|
|
|
```bash
|
|
kubectl exec -it multus-test -- sh
|
|
ip a
|
|
```
|
|
|
|
El pod debería tener una interfaz extra de la red `br-servicios` además de la de Flannel.
|
|
|
|
Para limpiar:
|
|
|
|
```bash
|
|
kubectl delete pod multus-test
|
|
```
|
|
|
|
---
|
|
|
|
## 11. Instalación y configuración de MetalLB (LoadBalancer local)
|
|
|
|
MetalLB permite a tu clúster on-premise asignar IPs flotantes de tu red LAN a servicios tipo `LoadBalancer`, igual que en cloud. Ideal para exponer ingress-nginx, rancher, etc. directamente en tu red.
|
|
|
|
### a) Instala MetalLB
|
|
|
|
```bash
|
|
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.5/config/manifests/metallb-native.yaml
|
|
```
|
|
|
|
Esto crea el namespace `metallb-system` y despliega los pods necesarios.
|
|
|
|
---
|
|
|
|
### b) Crea la configuración del pool de IPs
|
|
|
|
En este repositorio, la carpeta `metallb/` contiene los recursos listos para aplicar:
|
|
|
|
```shell
|
|
metallb/
|
|
├── ipaddresspool.yaml
|
|
├── l2advertisement.yaml
|
|
└── kustomization.yaml
|
|
```
|
|
|
|
**Para aplicar:**
|
|
|
|
```bash
|
|
kubectl apply -k metallb/
|
|
```
|
|
|
|
---
|
|
|
|
### c) Uso de MetalLB
|
|
|
|
A partir de aquí, cualquier Service tipo LoadBalancer obtiene una IP flotante LAN automáticamente.
|
|
|
|
**Ejemplo mínimo de Service:**
|
|
|
|
```yaml
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: ejemplo
|
|
spec:
|
|
selector:
|
|
app: ejemplo
|
|
ports:
|
|
- port: 80
|
|
targetPort: 80
|
|
type: LoadBalancer
|
|
```
|
|
|
|
Verás la IP asignada en la columna `EXTERNAL-IP` al ejecutar:
|
|
|
|
```bash
|
|
kubectl get svc
|
|
```
|
|
|
|
Puedes acceder desde tu red local a esa IP.
|
|
|
|
---
|
|
|
|
## 12. Instalación de Traefik y cert-manager (Ingress + TLS)
|
|
|
|
### a) Instala Traefik como Ingress Controller
|
|
|
|
* Aplica todos los recursos con Kustomize:
|
|
|
|
```bash
|
|
kubectl apply -k traefik/
|
|
```
|
|
|
|
* Comprueba que MetalLB asigna una IP al Service principal:
|
|
|
|
```bash
|
|
kubectl get pods -n traefik
|
|
kubectl get svc -n traefik
|
|
```
|
|
|
|
### b) Instala cert-manager
|
|
|
|
* Crea el namespace:
|
|
|
|
```bash
|
|
kubectl apply -f cert-manager/namespace.yaml
|
|
```
|
|
|
|
* Aplica el manifiesto oficial de cert-manager:
|
|
|
|
```bash
|
|
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/latest/download/cert-manager.yaml
|
|
```
|
|
|
|
* Crea los `ClusterIssuer` para staging y producción:
|
|
|
|
```bash
|
|
kubectl apply -f cert-manager/clusterissuer-staging.yaml
|
|
kubectl apply -f cert-manager/clusterissuer-prod.yaml
|
|
```
|
|
|
|
* Comprueba los pods:
|
|
|
|
```bash
|
|
kubectl get pods -n cert-manager
|
|
```
|
|
|
|
---
|
|
|
|
## 13. Instala KubeVirt y CDI
|
|
|
|
**Nota:** Puedes usar manifiestos oficiales, o crear tu carpeta kubevirt/ si deseas versionar los YAML personalizados.
|
|
|
|
```bash
|
|
# Instala KubeVirt (recomendado hacerlo tras tener la red y almacenamiento)
|
|
export KUBEVIRT_VERSION=$(curl -s https://api.github.com/repos/kubevirt/kubevirt/releases/latest | grep tag_name | cut -d '"' -f 4)
|
|
kubectl create namespace kubevirt
|
|
kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-operator.yaml
|
|
kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/kubevirt-cr.yaml
|
|
|
|
# Instala CDI (para gestión de discos/ISOs)
|
|
export CDI_VERSION=$(curl -s https://api.github.com/repos/kubevirt/containerized-data-importer/releases/latest | grep tag_name | cut -d '"' -f 4)
|
|
kubectl create -f https://github.com/kubevirt/containerized-data-importer/releases/download/${CDI_VERSION}/cdi-operator.yaml
|
|
kubectl create -f https://github.com/kubevirt/containerized-data-importer/releases/download/${CDI_VERSION}/cdi-cr.yaml
|
|
```
|
|
|
|
---
|
|
|
|
## 14. Instala virtctl (CLI de KubeVirt)
|
|
|
|
```bash
|
|
curl -L -o virtctl https://github.com/kubevirt/kubevirt/releases/download/${KUBEVIRT_VERSION}/virtctl-${KUBEVIRT_VERSION}-linux-amd64
|
|
chmod +x virtctl
|
|
sudo mv virtctl /usr/local/bin/
|
|
```
|
|
|
|
---
|
|
|
|
## 15. Habilita KVM para tu usuario
|
|
|
|
```bash
|
|
sudo usermod -aG kvm $(whoami)
|
|
# Reinicia sesión o ejecuta 'newgrp kvm' para aplicar
|
|
```
|
|
|
|
---
|
|
|
|
## 16. Despliega kubevirt-manager
|
|
|
|
La carpeta `kubevirt-manager/` contiene todos los manifiestos organizados por tipo:
|
|
|
|
```bash
|
|
kubectl apply -k kubevirt-manager/
|
|
```
|
|
|
|
Puedes comprobar el estado:
|
|
|
|
```bash
|
|
kubectl get pods -n kubevirt-manager
|
|
```
|
|
|
|
---
|
|
|
|
## 17. Despliega el stack de almacenamiento NFS
|
|
|
|
La carpeta `storage/` tiene todos los manifiestos del servidor y provisioner NFS, organizados en subcarpetas:
|
|
|
|
```bash
|
|
kubectl apply -k storage/
|
|
```
|
|
|
|
Puedes comprobar el estado:
|
|
|
|
```bash
|
|
kubectl get pods -n nfs-provisioner
|
|
```
|
|
|
|
* Instala el cliente NFS en el nodo:
|
|
|
|
```bash
|
|
sudo apt install nfs-common
|
|
```
|
|
|
|
---
|