BestHub
Sign in
Cloud Native 19 min read

Step-by-Step Guide to Build a Kubernetes Cluster on CentOS 7

This article walks through installing and configuring a Kubernetes 0.6.2 cluster on CentOS 7, covering core concepts, environment setup, master and minion configuration, deployment of pods, services, replication controllers, and practical testing of load balancing and scaling.

21CTO
21CTO
21CTO
Step-by-Step Guide to Build a Kubernetes Cluster on CentOS 7

Introduction

Kubernetes is Google’s open‑source container cluster management system built on Docker, providing resource scheduling, load balancing, service registration, and dynamic scaling. The article explains core concepts—Pods, Replication Controllers, Services, Labels, and Proxy—before detailing a CentOS 7 deployment of version 0.6.2.

Core Concepts

Pods : the smallest deployable unit, which may contain one or more containers.

Replication Controllers : ensure a specified number of pod replicas are running, recreating them on other nodes if needed.

Services : expose pods via a virtual IP and port, using iptables NAT for routing.

Labels : key/value pairs used to identify and select pods, services, and controllers.

Proxy : resolves port conflicts on a node and provides load‑balancing via random or round‑robin algorithms.

Environment Deployment

Platform versions :

CentOS 7.0

Kubernetes 0.6.2

etcd 0.4.6

Docker 1.3.2

System initialization (minimal install) and firewall configuration:

# yum -y install wget ntpdate bind-utils
# wget http://mirror.centos.org/centos/7/extras/x86_64/Packages/epel-release-7-2.noarch.rpm
# yum update

Switch from firewalld to iptables:

# systemctl stop firewalld.service
# systemctl disable firewalld.service
# yum install iptables-services
# systemctl start iptables.service
# systemctl enable iptables.service

Install etcd on the master (192.168.1.10):

# mkdir -p /home/install && cd /home/install
# wget https://github.com/coreos/etcd/releases/download/v0.4.6/etcd-v0.4.6-linux-amd64.tar.gz
# tar -zxvf etcd-v0.4.6-linux-amd64.tar.gz
# cp etcd* /bin/
# /bin/etcd -version
# mkdir /data/etcd
# /bin/etcd -name etcdserver -peer-addr 192.168.1.10:7001 -addr 192.168.1.10:4001 -data-dir /data/etcd -peer-bind-addr 0.0.0.0:7001 -bind-addr 0.0.0.0:4001 &
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 4001 -j ACCEPT
# iptables -I INPUT -s 192.168.1.0/24 -p tcp --dport 7001 -j ACCEPT

Install Kubernetes via yum repository:

# curl https://copr.fedoraproject.org/coprs/eparis/kubernetes-epel-7/repo/epel-7/eparis-kubernetes-epel-7-epel-7.repo -o /etc/yum.repos.d/eparis-kubernetes-epel-7-epel-7.repo
# yum -y install kubernetes

Upgrade to v0.6.2:

# mkdir -p /home/install && cd /home/install
# wget https://github.com/GoogleCloudPlatform/kubernetes/releases/download/v0.6.2/kubernetes.tar.gz
# tar -zxvf kubernetes.tar.gz
# tar -zxvf kubernetes/server/kubernetes-server-linux-amd64.tar.gz
# cp kubernetes/server/bin/kube* /usr/bin

Verify installation: # /usr/bin/kubectl version Sample output shows client and server version 0.6.2.

Master Configuration

Configuration files reside in /etc/kubernetes:

# /etc/kubernetes/config
KUBE_ETCD_SERVERS="--etcd_servers=http://192.168.1.10:4001"
KUBE_LOGTOSTDERR="--logtostderr=true"
KUBE_LOG_LEVEL="--v=0"
KUBE_ALLOW_PRIV="--allow_privileged=false"

API server:

# /etc/kubernetes/apiserver
KUBE_API_ADDRESS="--address=0.0.0.0"
KUBE_API_PORT="--port=8080"
KUBE_MASTER="--master=192.168.1.200:8080"
KUBELET_PORT="--kubelet_port=10250"
KUBE_SERVICE_ADDRESSES="--portal_net=10.254.0.0/16"

Controller manager:

# /etc/kubernetes/controller-manager
KUBELET_ADDRESSES="--machines=192.168.1.201,192.168.1.202"

Scheduler:

# /etc/kubernetes/scheduler
KUBE_SCHEDULER_ARGS=""

Start master services:

# systemctl daemon-reload
# systemctl start kube-apiserver.service kube-controller-manager.service kube-scheduler.service
# systemctl enable kube-apiserver.service kube-controller-manager.service kube-scheduler.service

Minion Configuration

Update Docker daemon to listen on TCP:

# vi /etc/sysconfig/docker
OPTIONS=--selinux-enabled -H tcp://0.0.0.0:2375 -H fd://

Open firewall for kubelet:

# iptables -I INPUT -s 192.168.1.200 -p tcp --dport 10250 -j ACCEPT

Minion config ( /etc/kubernetes/config) mirrors the master etcd settings.

# /etc/kubernetes/kubelet
KUBELET_ADDRESS="--address=0.0.0.0"
KUBELET_PORT="--port=10250"
KUBELET_HOSTNAME="--hostname_override=192.168.1.201"

Proxy config:

# /etc/kubernetes/proxy
KUBE_PROXY_ARGS=""

Start minion services:

# systemctl daemon-reload
# systemctl enable docker.service kubelet.service kube-proxy.service
# systemctl start docker.service kubelet.service kube-proxy.service

Practical Operations

Create an LNMP replication controller using the image yorko/webserver:

{
  "id": "webserverController",
  "kind": "ReplicationController",
  "apiVersion": "v1beta1",
  "labels": {"name": "webserver"},
  "desiredState": {"replicas": 2, "replicaSelector": {"name": "webserver_pod"}, "podTemplate": {"desiredState": {"manifest": {"version": "v1beta1", "id": "webserver", "volumes": [{"name":"httpconf","source":{"hostDir":{"path":"/etc/httpd/conf"}}},{"name":"httpconfd","source":{"hostDir":{"path":"/etc/httpd/conf.d"}}},{"name":"httproot","source":{"hostDir":{"path":"/data"}}}], "containers": [{"name":"webserver","image":"yorko/webserver","command":["/bin/sh","-c","/usr/bin/supervisord -c /etc/supervisord.conf"],"volumeMounts":[{"name":"httpconf","mountPath":"/etc/httpd/conf"},{"name":"httpconfd","mountPath":"/etc/httpd/conf.d"},{"name":"httproot","mountPath":"/data"}],"cpu":100,"memory":50000000,"ports":[{"containerPort":80},{"containerPort":22}]}]},"labels":{"name":"webserver_pod"}}}}

Create the service to expose the pods:

{
  "id": "webserver",
  "kind": "Service",
  "apiVersion": "v1beta1",
  "selector": {"name": "webserver_pod"},
  "protocol": "TCP",
  "containerPort": 80,
  "port": 8080
}

After creation, verify pods and service with kubectl get pod and kubectl get services. The proxy creates NAT rules such as:

Chain KUBE-PROXY (2 references)
 pkts bytes target prot opt in out source destination
 0 0 REDIRECT tcp -- * * 0.0.0.0/0 10.254.216.51 /* webserver */ tcp dpt:8080 redir ports 40689

Access the web server via http://192.168.1.201:40689/info.php and observe load‑balancing across pod replicas.

Testing Process

Delete a pod ( fedoraapache) and observe the replication controller automatically recreating it to maintain the desired replica count.

Test hostPort behavior: specifying hostPort in a replication controller causes errors, while setting it only in the pod definition works correctly.

Ensure that the replicaSelector, pod labels, and service selector all use the same key/value pair (e.g., name=webserver_pod) for proper association.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

DockerKubernetesetcdCluster DeploymentCentOS
21CTO
Written by

21CTO

21CTO (21CTO.com) offers developers community, training, and services, making it your go‑to learning and service platform.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment