3 Steps To Auto-Install K8S with Cloud-config
Part-1: Auto-Install, Configure K8S Cluster From scratch “For Beginner”
Me: “Son, can you plz install for me the K8S Cluster 😆 ??”
Son: ”On Prod Env ! 😲”
Me : “Yes Plz !! It’s easy than you think 😉”
Installing a K8S Cluster from scratch was challenging work to do 😫, the k8s official documentation is too big and the pieces of information are dispatched in different sections 😅, so for someone who wants to learn this technology from scratch, it takes much time to search, understand, install and configure.
I started this story with an imaginary conversation with my 3-year-old son to prove that it is too easy than you think to install a K8S cluster in a similar production environment without a complex implementation of the security aspect 😝.
The goal at first is to familiarize beginners with this environment by simplifying the installation and configuration of a K8S Cluster in a Similar Production Environment
You can find the bonus examples here 👌 :
Let get started 😁
Context
For Learning Environments, you can use minikube
, micro-k8s
or kind
, all these three installs and configure Kubernetes quickly, and no need for some advanced system configuration.
However, in a Production environment, we have 3 ways to do it :
kubeadm
kops
kubesray
I will simplify the steps to setting up our PAAS K8S with two Azure VM ( you can choose any other cloud provider VMs) with kubeadm
by using the Cloud-config data on the custom-data (user-data for other cloud providers) of the VMs, and trust me it will help you save time 😇.
Prerequisites :
→ Azure Account (or Create One)
Step 1: Create a Network Security Group
Before creating VMs, let create the required Network Security Groups (NSG) that will be used for different machines :
- Go to Network security groups and create these two NSG as mentioned in the image below:
medium-k8s-master-nsg
will be attached to the network interface of the control plane node (VM) → The inbound security rules must satisfy the k8s requirement, you should open these ports: 6443, 2379–2380, 10250- 10251
medium-k8s-worker-nsg
will be attached to the network interface of the worker’s node (VM) → The inbound security rules must satisfy the k8s requirement, you should open these ports: 10250, 30000–32767
For both don’t forget to open ssh 😉
Step 2: Create your VMs on Azure :
All VMs will run the latest version of Ubuntu and according to the doc they must have at less: RAM ≥2 GB & CPU≥ 2 CPUs
If you create a new account with Azure you will have 750 hours of Linux VM Free for 12 month and 200$ credit to use for 30 days to test Azure payed services like the VMs that we will used it in this tuto 😉
Go to virtual machines and click on “Create”, “Virtual machine”. try to follow the steps below by configuring each tab of the VM Creation 👌.
1. Basics Tab :
2. Networking tab
Go to the Networking tabs and select the NSG created before:
Now is time to go to “Advanced Tab” and paste the “magic code” on the Custom data
3. Advanced Tab
This code will update & upgrade the system, install docker, kubeadm, kubelet, and kubectl
, and Letting iptables
see bridged traffic.
I commented on each step and command of this file for a better understunding 👌.
- All is done, click on “Review + create” and “Create”
- Download the private key and save it at ~/.ssh folder
- Now repeat the same things to create the worker node machine by attaching the worker’s network security group for this time
medium-k8s-workers-nsg
- SSH your machine with your downloaded private key :
chmod 400 ~/.ssh/medium-k8s-master_key.pem
ssh -i ~/.ssh/medium-k8s-master_key.pem k8s-user@40.127.103.3 #the ip address of your machine
Step 3: Configure your K8S Cluster
Configure the Master Node:
You must deploy a Container Network Interface (CNI) based Pod network add-on so that your Pods can communicate with each other.
In our case, we will use Flannel as a
CNI
add-on to implements the Kubernetes networking model. so we have to pass that into thekubeadm init
command.
- On the master node, init your cluster by specifying the Pod Network CIDR
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
- Copy and save the generated join command
sudo kubeadm join 10.1.0.4:6443 --token 4tyt9j.uve6tfdb3a7rvb63 --discovery-token-ca-cert-hash sha256:04c3d3f38b3229fe7b8f808b02bbd48ce95d8a973882b281db579ce6734555c5
- Get the configuration in a publically available place for
kubectl
to use:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- Deploy Flannel Manually
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Configure the slave node :
Paste the join command on the worker node by adding --node-name worker1
.
Do the same if you have multiple workers 👌.
Example :
sudo kubeadm join 10.1.0.4:6443 --token 4tyt9j.uve6tfdb3a7rvb63 --discovery-token-ca-cert-hash sha256:04c3d3f38b3229fe7b8f808b02bbd48ce95d8a973882b281db579ce6734555c5 --node-name worker1
Check your cluster :
- on the Master node run
# to see all resources on all namespace
kubectl get all --all-namespaces# to verify the joined worker nodes
kubectl get nodesNAME STATUS ROLES AGE VERSION
medium-k8s-master Ready control-plane,master 3d22h v1.21.3
worker2 Ready <none> 3d22h v1.21.3
All is done for the installation and basic configuration of a K8S Cluster, now is time to deploy the Bonus Examples
See you on the next article 🙋
Conclusion
Cloud-init is a great tool to initialize cloud instances(Azure VM), it allows us to automate the packages installations, files creation, and command execution 💪.
This automation limit manual interventions to the configuration of the cluster. So in few minutes, you’ll have your cluster ready and you can start deploying basics examples like k8s dashboard & hello world).
You can now do whatever you want with your cluster: installing a MetalLb to create services of kind LoadBalancer, working with Ingress Controller, mounting volumes, deploying Prometheus and Grafana dashboard…
In the next story, you will have the bonus examples ✌️
If you are interested in AWS Cloud Architecture, please refer to my articles about micro and serverless architectures
Don’t forget to Clap, Comment, Share and Subscribe to be updated with the latest stories 😜
If you have any remarks, feel free to contact me on my Fb Page, Twitter, or via my website