You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
chris
5eb79cac28
|
1 year ago | |
|---|---|---|
| setup | 1 year ago | |
| README.md | 1 year ago | |
| admin-role.yaml | 2 years ago | |
| admin-user.yaml | 2 years ago | |
| ansible-haproxy.yaml | 2 years ago | |
| certmanager-default.yaml | 1 year ago | |
| certmanager-manifest.yaml | 1 year ago | |
| haproxy.cfg | 1 year ago | |
| helm-wordpress.yaml | 2 years ago | |
| k8spress.yaml | 1 year ago | |
| kubernetes-dashboard.yaml | 2 years ago | |
| letsencrypt-prod.yaml | 1 year ago | |
| letsencrypt-staging.yaml | 1 year ago | |
| nginx-ingress.yaml | 1 year ago | |
| nginx-nodeport.yaml | 1 year ago | |
| rook-block.yaml | 2 years ago | |
| rook-cluster.yaml | 1 year ago | |
| rook-filesystem.yaml | 2 years ago | |
| rook-object.yaml | 2 years ago | |
| staticpage-ingress-ssl.yaml | 1 year ago | |
| staticpage-ingress.yaml | 1 year ago | |
| staticpage.yaml | 1 year ago | |
| tiller.yaml | 2 years ago | |
README.md
Cluster playground
patch & install hetzner-kube
docker pull golang
docker run --rm -ti --name=golang golang bash
git clone https://github.com/xetys/hetzner-kube
cd hetzner-kube
sed -i s'/kubernetes-cni/kubernetes-cni=0.6.0-00/' pkg/clustermanager/provision_node.go
go build
docker cp golang:/go/hetzner-kube/hetzner-kube .local/bin/hetzner-kube
chmod +x .local/bin/hetzner-kube
setup cluster
hetzner-kube cluster create --name k8s-test --node-cidr 10.42.23.0/24 --ssh-key melpomene (-w 3)
hetzner-kube cluster kubeconfig k8s-test
kubectl cluster-info
helm
install kubernetes-helm from your package manager…
kubectl apply -f tiller.yaml
helm init --service-account tiller
rook.io
helm repo add rook-beta https://charts.rook.io/beta
helm install --namespace rook-ceph-system rook-beta/rook-ceph
kubectl apply -f rook-cluster.yaml
kubectl apply -f rook-block.yaml
kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
kubectl apply -f rook-filesystem.yaml
kubectl apply -f rook-object.yaml
dashboard
kubectl apply -f kubernetes-dashboard.yaml
kubectl apply -f admin-user.yaml
kubectl apply -f admin-role.yaml
kubectl -n kube-system get secret | grep admin-user | cut -d' ' -f1
kubectl -n kube-system describe secret admin-user-token-...
kubectl proxy
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
nginx-ingress
kubectl apply -f nginx-ingress.yaml
kubectl apply -f nginx-nodeport.yaml
frontend LB variante 1
scp haproxy.conf root@ssh root@$(hetzner-kube cluster master-ip k8s-test):
ssh root@$(hetzner-kube cluster master-ip k8s-test)
apt install -y haproxy
mv haproxy.cfg /etc/haproxy/haproxy.cfg
systemctl restart haproxy
frontend LB variante 2
ssh root@$(hetzner-kube cluster master-ip k8s-test) apt install -y python
ansible-playbook -i "$(hetzner-kube cluster master-ip k8s-test)," -u root ansible-haproxy.yaml
static page
kubectl apply -f staticpage.yaml
kubectl proxy
http://localhost:8001/api/v1/namespaces/testsite/pods/http:static-nginx:/proxy/#!
add ingress
kubectl apply -f staticpage-ingress.yaml
set up SSL
kubectl create namespace cert-manager
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
kubectl apply -f certmanager-manifest.yaml
create issuers
adapt email!
kubectl apply -f letsencrypt-staging.yaml
kubectl apply -f letsencrypt-prod.yaml
default issuer
kubectl apply -f certmanager-default.yaml
add ssl to testsite
kubectl apply -f staticpage-ingress-ssl.yaml
test deployment
kubectl apply -f k8spress.yaml
(adapt hostname!)
teardown
hetzner-kube cluster delete k8s-test