k8s-playground/README.md

107 lines
2.9 KiB
Markdown
Raw Normal View History

2019-04-16 11:37:13 +00:00
# Cluster playground
2019-04-16 17:52:19 +00:00
2019-04-16 11:37:13 +00:00
## patch & install hetzner-kube
docker pull golang
docker run --rm -ti --name=golang golang bash
git clone https://github.com/xetys/hetzner-kube
cd hetzner-kube
sed -i s'/kubernetes-cni/kubernetes-cni=0.6.0-00/' pkg/clustermanager/provision_node.go
go build
docker cp golang:/go/hetzner-kube/hetzner-kube .local/bin/hetzner-kube
chmod +x .local/bin/hetzner-kube
## setup cluster
2019-05-22 11:37:13 +00:00
hetzner-kube cluster create --name k8s-test --node-cidr 10.42.23.0/24 --ssh-key melpomene (-w 3)
2019-04-16 11:37:13 +00:00
hetzner-kube cluster kubeconfig k8s-test
kubectl cluster-info
2019-04-16 11:37:13 +00:00
## helm
install kubernetes-helm from your package manager…
kubectl apply -f tiller.yaml
helm init --service-account tiller
2019-04-16 11:37:13 +00:00
## rook.io
helm repo add rook-beta https://charts.rook.io/beta
helm install --namespace rook-ceph-system rook-beta/rook-ceph
kubectl apply -f rook-cluster.yaml
kubectl apply -f rook-block.yaml
kubectl patch storageclass rook-ceph-block -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
kubectl apply -f rook-filesystem.yaml
kubectl apply -f rook-object.yaml
2019-04-16 11:37:13 +00:00
2019-04-16 11:37:13 +00:00
## dashboard
2019-04-16 11:37:13 +00:00
2019-04-16 11:37:13 +00:00
kubectl apply -f kubernetes-dashboard.yaml
kubectl apply -f admin-user.yaml
kubectl apply -f admin-role.yaml
kubectl -n kube-system get secret | grep admin-user | cut -d' ' -f1
kubectl -n kube-system describe secret admin-user-token-...
kubectl proxy
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
2019-04-16 11:37:13 +00:00
## nginx-ingress
kubectl apply -f nginx-ingress.yaml
kubectl apply -f nginx-nodeport.yaml
### frontend LB variante 1
scp haproxy.conf root@ssh root@$(hetzner-kube cluster master-ip k8s-test):
ssh root@$(hetzner-kube cluster master-ip k8s-test)
2019-05-19 11:37:13 +00:00
apt install -y haproxy
mv haproxy.cfg /etc/haproxy/haproxy.cfg
2019-04-16 11:37:13 +00:00
systemctl restart haproxy
### frontend LB variante 2
ssh root@$(hetzner-kube cluster master-ip k8s-test) apt install -y python
ansible-playbook -i "$(hetzner-kube cluster master-ip k8s-test)," -u root ansible-haproxy.yaml
2019-05-19 11:37:13 +00:00
## static page
kubectl apply -f staticpage.yaml
kubectl proxy
http://localhost:8001/api/v1/namespaces/testsite/pods/http:static-nginx:/proxy/#!
### add ingress
kubectl apply -f staticpage-ingress.yaml
## set up SSL
2019-05-19 11:37:13 +00:00
kubectl create namespace cert-manager
kubectl label namespace cert-manager certmanager.k8s.io/disable-validation=true
kubectl apply -f certmanager-manifest.yaml
### create issuers
2019-05-20 11:37:13 +00:00
adapt email!
kubectl apply -f letsencrypt-staging.yaml
kubectl apply -f letsencrypt-prod.yaml
2019-05-19 11:37:13 +00:00
### default issuer
kubectl apply -f certmanager-default.yaml
## add ssl to testsite
2019-05-19 11:37:13 +00:00
kubectl apply -f staticpage-ingress-ssl.yaml
2019-04-16 11:37:13 +00:00
## test deployment
2019-05-21 11:37:13 +00:00
kubectl apply -f k8spress.yaml
2019-04-16 11:37:13 +00:00
(adapt hostname!)
## teardown
hetzner-kube cluster delete k8s-test