How to deploy Kubernetes and Containerum on Digital Ocean
by Nikita Mazur
Foreword
Several days ago we decided that Containerum Online — a hosted PaaS for launching and managing docker images, which has been running for about a year by now — will not be supported anymore and will be closed for registration within a week.
It was not a spontaneous decision — back in February we started rewriting Containerum for open source, and in May Containerum Platform 1.0 was released on GitHub. Since then we concentrated on the open source version, and the more time and effort we invested in it, the clearer it became that this model gives us more flexibility and opportunities for development and communication with community.
As of now, Containerum Platform 1.2.0 provides many of the features introduced with Containerum Online and brings in new functionality, but now it works on top of a Kubernetes cluster and can be installed via Helm (a dedicated installer is a WIP now). This article will describe the installation steps to run your own Kubernetes+Containerum cluster on Digital Ocean machine(s).
Let’s start
We will assume that you don’t have a Kubernetes cluster yet (in case you have one, skip Kubernetes installation process). In this tutorial we will install Containerum Platform on a small demo K8s cluster. We will setup it on a Digital Ocean instance since it is very easy to provision a machine, and the price is very reasonable.
Here’s what we will do in this tutorial:
- Buy machines on Digital Ocean
- Install Kubernetes with Kubeadm
- Install ingress-controller
- Install Helm
- Install Containerum
So, let’s go!
Buy a machine on Digital Ocean
For the sake of simplicity we will setup a single-node Kubernetes cluster. Of course, a production-ready Kubernetes cluster demands a lot more that just one node — you need at least one master, three workers, three etcd and three storage nodes. However, if you want to try working with Kubernetes in cloud, the basic configuration used throughout this article will do.
We recommend using a machine that is at least 2CPU and 2GB RAM. The machine I will use has 2CPU, 4GB RAM to ensure better performance. Machines on DO are billed on an hourly basis, so if you just want to bootstrap a cluster for experimentation, you can buy a powerful machine for several hours/days and pay very little.
→ We will use Ubuntu 18.04 x64 throughout the manual.
Install Kubernetes with Kubeadm
Once we have bought a machine, ssh to it:
ssh root@MACHINE'S_IPWe will use kubeadm to bootstrap a single-node cluster. Kubeadm is an easy Kubernetes installer which allows setting up a cluster in a matter of minutes. We will Docker as container runtime. So, first install Docker:
apt-get update
apt-get install -y docker.ioThen install kubeadm, kubelet (node agent) and kubectl (Kubernetes cli):
apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl→ Optional: in case you want to use worker nodes, you should run the commands above (including Docker installation) on all nodes.
Now initialize kubeadm. First, we have to choose the CNI plugin for our cluster and pass the flag to kubeadm init. We will use Calico, but if you want to use Flannel or another plugin, you can see the flags here. Let’s initialize kubeadm with Calico:
kubeadm init --pod-network-cidr=192.168.0.0/16To make kubectl work for your non-root user, run:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config→ Optional: in case you use more than one node, run the command starting with kubeadm join (you can find it in the output after kubeadm intialization) on all worker nodes.
Now let’s install the CNI. For Calico run:
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
By default, deployments are not scheduled on the master node. To enable it on a single-node cluster, run:
kubectl taint nodes --all node-role.kubernetes.io/master-Done! You’ve just bootstrapped a Kubernetes cluster. Check if it works by running
kubectl get pods --all-namespacesYou should now see that all pods are running.
Now let’s install Nginx Ingress-Controller.
Install ingress-controller
In order to configure an HTTP load balancer Kubernetes uses an object called Ingress. But for the Ingress resource to work, the cluster must have an Ingress controller running. In this manual we will use Nginx Ingress-Controller.
Installing an ingres-controller is pretty simple. First, install it from the Kubernetes repository:
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yamlSecond, create ingress-controller.yaml for the service with the following content (change %EXTERNAL IP% to the machine’s external ip address):
apiVersion: v1
kind: Service
metadata:
name: ingress-nginx
namespace: ingress-nginx
spec:
ports:
- name: http
port: 80
targetPort: 80
protocol: TCP
- name: https
port: 443
targetPort: 443
protocol: TCP
selector:
app.kubernetes.io/name: ingress-nginx
externalIPs:
- %EXTERNAL IP%Now create the service:
kubectl create -f ingress-controller.yamlCheck it:
kubectl get svc -n ingress-nginxOutput:
Ok, now let’s install Helm.
Install Helm
Helm is a package manager for Kubernetes that makes it easy to install many applications (including Containerum Platform) just like yum for CentOS and apt for Ubuntu. To install Helm download the binary from the official repository. We will use v. 2.10.0 Summer Edition 🌻:
curl -LO https://storage.googleapis.com/kubernetes-helm/helm-v2.10.0-linux-amd64.tar.gzUnpack the archive:
tar xvf helm-v2.10.0-linux-amd64.tar.gzMove Helm to /usr/bin:
mv linux-amd64/helm /usr/binNow we need to create a service account for Helm. Create rbac-config.yamlas follows:
apiVersion: v1
kind: ServiceAccount
metadata:
name: tiller
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
name: tiller
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: tiller
namespace: kube-systemNow run:
kubectl create -f rbac-config.yamlFinally, initialize Helm:
helm init --service-account tillerYou should get a message like this:
All right, all we have left to do now is install Containerum Platform!
Install Containerum Platform
You can install Containerum in its basic configuration with helm install containerum/containerum, but will pass some flags to launch it with Prometheus for metrics collection and mail server that allows you to use mail templates for registering new users.
Before we run the commands, let’s look at the two flags we will use in Helm. The following flag enables node monitoring and installs Prometheus.
--set tags.monitoring=trueThe next flag enables smtp-server.
--set mail.env.global.CH_MAIL_SMTP_ADDR=mail:465 --set mail.env.global.CH_MAIL_SMTP_LOGIN=noreply@containerum.io --set mail.env.local.CH_MAIL_SMTP_PASSWORD=verystrongpassword --set mail.env.global.CH_MAIL_SENDER_MAIL_SIMPLE=sender@containerum.io containerum/containerumDon’t forget to change the fields appropriately:
- mail:465 - mail smtp server address and port
- noreply@containerum.io — your login
- verystrongpassword - your password
- sender@containerum.io - sender’s email
You can use your mail account, for example smtp.gmail.com:465 if you use gmail, and your credentials there.
Let’s install Containerum Platform as follows:
helm repo add containerum https://charts.containerum.io
helm repo update
helm install containerum/containerum --set tags.monitoring=true --set mail.env.global.CH_MAIL_SMTP_ADDR=mail:465 --set mail.env.global.CH_MAIL_SMTP_LOGIN=noreply@containerum.io --set mail.env.local.CH_MAIL_SMTP_PASSWORD=verystrongpassword --set mail.env.global.CH_MAIL_SENDER_MAIL_SIMPLE=sender@containerum.ioCheck that all pods are up:
kubectl get po
Now add the machine’s IP address to /etc/hosts on your local machine:
sudo nano /etc/hostsAdd the following string and save:
EXTERNAL_IP local.containerum.io api.local.containerum.ioNote, that Containerum Platform launches pods only on nodes labelled as slave, so for our single-node cluster we have to run the following command on the master (and in case of a multi-node cluster — on each application node):
kubectl label node NODENAME role=slavewhere NODENAME is the nome of your host.
Go to local.containerum.io and login using the standard credentials admin@local.containerum.io and verystrongpassword:
Now you can launch and manage your applications using Containerum Platform, see node utilization metrics, manage users, and more!
You can start with creating a project and launching an application from Docker Hub, but I recommend you to spend five minutes configuring the platform first — add a private registry, external IP, etc. (see docs).
After that you will have a Kubernetes cluster with Helm and Containerum Platform on board. Containerum allows abstracting users from Kubernetes and working with Deployments, Services, and others Kubernetes objects from an intuitive Web UI.
As of September 2018, Containerum Platform is quite young, but full of enthusiasm and ambitions. We are constantly working on new features (and bugfixes), delivering new releases every several weeks or so. We have a team of great developers and engineers, but what we really lack is feedback. And building a good solution without feedback is tough. So if you have something to add or advice us, suggest a new feature or report a bug, please share on the GitHub page! This will help us shape Containerum Platform in the right direction.
Thanks for reading! I hope the instructions here are quite clear and easy to follow, but please comment if I missed something.
Don’t forget to follow us on Twitter and join our Telegram chat to stay tuned!
