From b83ea64a5b726bc857724f82d2bdab6a80ab89f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tomislav=20Kopi=C4=87?= Date: Sat, 13 Apr 2024 12:50:31 +0000 Subject: [PATCH] Add Kubernetes --- Kubernetes.md | 143 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 Kubernetes.md diff --git a/Kubernetes.md b/Kubernetes.md new file mode 100644 index 0000000..2487758 --- /dev/null +++ b/Kubernetes.md @@ -0,0 +1,143 @@ +# Setting up K3S/K8S from scratch + +[[TOC]] + +## Requirements +### Control plane node: +- 2 or more cores +- 1GB of RAM +- 16GB of disk space +### Worker node: +- 1 or more cores +- 512MB of RAM +- 16GB of disk space + +# Node installation +## K3S control plane node +You need atleast 3 of these, for a micro cluster of 2-3 nodes you can only have one if you wish so. +Be sure to store your token in a safe place as you will need it to connect additional nodes in the future. +First node: +``` +curl -sfL https://get.k3s.io | K3S_TOKEN="" sh -s - server --cluster-init --disable servicelb --disable traefik +``` + +Other nodes: +``` +curl -sfL https://get.k3s.io | K3S_TOKEN="" sh -s - server --server https://:6443 --disable servicelb --disable traefik +``` + +## K3S worker node +``` +curl -sfL https://get.k3s.io | K3S_TOKEN="" sh -s - agent --server https://:6443 ---disable servicelb --disable traefik +``` + +you can check the state of the cluster by SSHing to any of the master nodes and running +``` +kubectl get node +``` +or you can install https://k9scli.io for fancy terminal UI(highly recommendded) + +# Network configuration +## Installing MetalLB +MetalLB hooks into your Kubernetes cluster, and provides a network load-balancer implementation. In short, it allows you to expose services via IP address. +``` +kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.14.4/config/manifests/metallb-native.yaml +``` + +### MetalLB IP pool +Create a new yaml file with the following content and be sure to customize your ip range: +``` +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + name: first-pool + namespace: metallb-system +spec: + addresses: + - 192.168.1.240-192.168.1.250 +``` + +save and apply the IPAddressPool config +``` +kubectl apply -f file.yaml +``` + +### IP pool advertising +Create a file: +``` +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: example + namespace: metallb-system +``` + +save and apply the L2Advertisement config +``` +kubectl apply -f file.yaml +``` + + +# Ingress nginx + +Ingress Nginx is a special nginx container setup that allows you to expose HTTP(s) apps from your kubernetes to the outside world via MetalLB ip address +First clone the ingress repo from git: +``` +git clone https://github.com/nginxinc/kubernetes-ingress.git +cd kubernetes-ingress +``` +Then apply these files: +``` +kubectl apply -f deployments/common/ns-and-sa.yaml +kubectl apply -f deployments/rbac/rbac.yaml +kubectl apply -f examples/shared-examples/default-server-secret/default-server-secret.yaml +kubectl apply -f deployments/common/nginx-config.yaml +kubectl apply -f deployments/common/ingress-class.yaml +kubectl apply -f config/crd/bases/k8s.nginx.org_virtualservers.yaml +kubectl apply -f config/crd/bases/k8s.nginx.org_virtualserverroutes.yaml +kubectl apply -f config/crd/bases/k8s.nginx.org_transportservers.yaml +kubectl apply -f config/crd/bases/k8s.nginx.org_policies.yaml +kubectl apply -f config/crd/bases/k8s.nginx.org_globalconfigurations.yaml +kubectl apply -f deployments/daemon-set/nginx-ingress.yaml +kubectl apply -f deployments/service/loadbalancer.yaml +``` + +# Longhorn + +Longhorn is a system that manages permanent storage inside your kubernetes cluster. +On each storage node in your cluster you must install: + +``` +apt-get install open-iscsi nfs-common +``` + +before installing Longhorn itself +``` +kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.6.1/deploy/longhorn.yaml +``` + +To make longhorn UI available trough ingress, create a file: + +``` +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: longhorn-ingress + namespace: longhorn-system +spec: + rules: + - http: + paths: + - pathType: Prefix + path: "/" + backend: + service: + name: longhorn-frontend + port: + number: 80 +``` + +then apply it: +``` +kubectl apply -f file.yml +```