Terraform

Kubernetes Tutorial

GKE with a cluster autoscaler is fairly inexpensive for what you get. But if your time is free and you like to tinker, self-managing on a VPS might be for you. Be prepared to invest a fair amount of time. Kubernetes is simple in each part, but there are lots of parts to learn. Also, Kubernetes is hard to stay up-to-date, but it aims to improve later on.


Terraform

Setup Terraform
1
2
3
4
5
6
7
8
sudo apt install -y jq curl wget unzip

# retrieve latest version into var
V=$(curl -s https://checkpoint-api.hashicorp.com/v1/check/terraform | jq -r -M '.current_version')

# install
wget "https://releases.hashicorp.com/terraform/${V}/terraform_${V}_linux_amd64.zip" -O tf.zip
sudo unzip tf.zip terraform -d /usr/local/bin/ && rm tf.zip

Install Terraform on Windows by using scoop:

scoop install terraform which vim touch

Confirm it’s working:

terraform -v

and setup autocomplete simply with:

terraform -install-autocomplete
Terraform Basics

The most important files are: main.tf, variables.tf, outputs.tf

  • main.tf should be the primary entrypoint
  • variables.tf and outputs.tf should contain the declarations for variables and outputs, respectively

tobkle/terraform-rancher-hetzner: Rancher 2.0 Cluster on Hetzner using Terraform



Cloud init

Both Hetzner Cloud and Exoscale support “User data” standard formats like cloud-init: Exoscale User Data

Really great example of cloud-init for Hetzner: tech-otaku/hetzner-cloud-init


Infrastructure as code

programmable infrastructure, Infrastructure as code

Terraform is similar in concept to CloudFormation — it lets you declaratively define your infrastructure in a versioned template file. AWS has AWS-specific CloudFormation that is the same thing. Supports both Exoscale & Hetzner Terraform providers

This is like abstracting their specific CLI tools.


K8S on Digital Ocean step by step

How to Deploy a Resilient Go Application to DigitalOcean Kubernetes | DigitalOcean


Skaffold je nešto Google, ali komplikovano to meni…


Installing Kubernetes is not hard, configuring, upgrading and scaling is!


Kubernetes installers

Rancher & RKE

Centralized Management of Any Kubernetes Cluster. Includes Rancher Kubernetes Engine (RKE) as a light-weight Kubernetes installer that supports installation on bare-metal and virtualized servers.

Rancher vs. RKE: What Is the Difference?

Rancher is more GUI, written in Golang and its binary is packaged and distributed as a Docker container. RKE stands for Rancher Kubernetes Engine and is Rancher’s command-line utility, like Terraform, with simple YAML configuration file (rke up)

Rancher uses RKE under the hood, but standalone RKE is enough to create clusters.

On Rancher

Lightweight Kubernetes for testing

Synonym: Kubernetes Distribution

Those are also great for CI.

  • k3s by Rancher, only 512 MB of RAM needed. It uses really fast and small k3OS is an operating system completely managed by Kubernetes.

  • MicroK8s by Canonical

Communication between k8s Clusters

  • Submariner by Rancher enables direct networking between pods in different Kubernetes clusters

Helm example? Not important

helm repo add ibm-charts https://raw.githubusercontent.com/IBM/charts/master/repo/stable/
helm install --name default --set autoscaling.enabled=true --set autoscaling.minReplicas=2 ibm-charts/ibm-open-liberty --version 1.6.0  --debug
kubectl apply -f https://raw.githubusercontent.com/jelastic-jps/kubernetes/master/addons/openliberty.yaml

Woow: Parse is Firebase but self-hosted open-source.


Why is Kubernetes better?

K8s vs Docker Swarm

  1. K8s is developed much faster and is market leader (K8s 51% vs Swarm 11%)
  2. Swarm does not support auto-scaling

10 Basic Facts about Kubernetes that You Didn’t Know

K8s vs OpenStack?

  1. K8s was originally developed by Google for a long time this it became a stable service, even in first version. OpenStack was developed from scratch by the community and is therefore more fragmented. Both the community and about 30 different companies make their own versions. K8S is more like Apple and OpenStack is more like Android.

Pod or container?

In K8s, the control unit is the pod, not the container. A pod is a group of one or more containers that perform the same function, i.e. This is a component of a single application. Kubernetes manages pods, scales and monitors their condition. The application in Kubernetes is scaled by the number of pods, but not containers.


token=$(microk8s.kubectl -n kube-system get secret | grep default-token | cut -d " " -f1) microk8s.kubectl -n kube-system describe secret $token

http://127.0.0.1:8879/charts

git clone https://github.com/Skeen/helm-bitwarden_rs.git cd helm* DOMAIN=vault.koviljaca.rs helm install –wait –set “ingress.hosts={$DOMAIN},ingress.tls[0].hosts={$DOMAIN},ingress.tls[0].secretName=bitwarden-tls-secret” .

snap install microk8s –classic

Skeen/helm-bitwarden_rs: Helm chart for the bitwarden_rs project.

Install ingress using Helm via nginx-ingress

helm install stable/nginx-ingress

Ingress How To Set Up an Nginx Ingress Using Helm | DigitalOcean

kubectl itself has become like a low-level tool, with people looking for even easier workflows: Draft vs Gitkube vs Helm vs Ksonnet vs Metaparticle vs Skaffold

Basics of MicroK8s

Install

snap install microk8s --classic
microk8s.status # check availability with

Make an command alias with: snap alias microk8s.kubectl kubectl which can be easily reverted with: snap unalias kubectl

Fix networking

Check networking with microk8s.inspect. Usually will need to configure firewall on host with:

iptables -P FORWARD ACCEPT

# it is impossible to make it persistent
apt install iptables-persistent -y
iptables-save > /etc/iptables/rules.v4

Check again with microk8s.inspect

Kubernetes Playgrounds: Katacoda, Play with Kubernetes

Install Ingress controller: nginx-ingress

Installation Guide - NGINX Ingress Controller Using Helm charts/stable/nginx-ingress at master · helm/charts

Secure Kubernetes Services with Ingress, TLS and Let’s Encrypt Microk8s With Ingress Example

Replicate Kubernetes Ingress locally with Docker Compose Ingress is a resource you install in your cluster which can redirect requests to different services based on http requests. Simplified said it’s an already configured Nginx instance (if using the Nginx Ingress) which does proxy-passes.

Jelastic Explained

The Complex Jelastic Organism in Simple Words - DZone Cloud

  • Cloudlet: smallest unit (128 MiB RAM & 400 MHz CPU)

  • Contaniner: certified containers for Java, PHP, Ruby, Node.js, etc but also ability to deploy custom Docker containers. Has its own private IP and unique DNS record. Jelastic can automatically scale any container, both vertically and horizontally, making hosting of applications flexible.

  • Layer (Node Group)

  • Environment

Kubernetes Cluster Setup With Jelastic - DZone Cloud


docker-sync by EugenMayer


Kubernetes & Docker: 9 Reasons DevOps is better with Docker & K8S


MySQL Replication Types and How to Run Them in the Cloud


k8s explained Configure Kubernetes on premise - Ani Sinanaj - Medium


How To Set Up an Nginx Ingress on DigitalOcean Kubernetes Using Helm | DigitalOcean


Load Balancers

MetalLB, bare metal load-balancer for Kubernetes


Simple manual K8s on baremetal: How to Install and configure Kubernetes (k8s) on Ubuntu 18.04 LTS

How to Setup a Kubernetes Cluster with Rancher on CentOS

Install Cluster wherever (like Rancher Installation - Gravitational Gravity Gravity is written in Go.





Install Rio (μPaaS) on k8s

Edge-Focused Compact Kubernetes with MicroPaaS (μPaaS) — k3s/k3OS and Rio

# download CLI (available for macOS, Windows, Linux)
curl -sfL https://get.rio.io | sh -

Setup your cluster for Rio

$ rio install

Make sure all the pods are up and running. These takes several minutes.

$ kubectl get po -n rio-system

Run a sample service

$ rio run https://github.com/rancher/rio-demo

Check the status

$ rio ps $ rio console $ rio info



To push a new tag to this repository:

docker push fairwalter/private:tagname

You may push a new image to this repository:

docker tag local-image:tagname fairwalter/private:tagname
docker push fairwalter/private:tagname

hetzner-kube cluster addon list hetzner-kube cluster addon hetzner-kube cluster addon list hetzner-kube cluster addon install docker-registry -n k8s-personal hetzner-kube cluster addon install dashboard -n k8s-personal


In a Cloud environment, the creation of the Loadbalancer and the allocation of the external IP address is done by the Cloud platform. In a bare metal cluster, MetalLB is responsible for that allocation. For this a network address pool must be reserved for MetalLB. Once MetalLB has assigned an external IP address to a service, it needs to redirect the traffic from the external IP to the cluster. To do so, MetalLB uses standard protocols such as ARP, NDP, or BGP.


Point you DNS to any IP of worker nodes, and ingress will work.


helm upgrade bitwarden . –reset-values


How to use Private Docker Images in Kubernetes: Kubernetes Tips - Part 2


KubeDB Home

Package Kubernetes Applications with Helm


  • ConfigMap is simply a container for storing configuration data so all other entities, like pods, can access the data in a ConfigMap.
date 27. Aug 2019 | modified 28. May 2021
filename: Kubernetes » Dump