Create a kubernetes cluster all-in-one virtual machine for kubernetes learning/experimentation.

Note: There is a little video on https://microk8s.io/ if that is more of your cup of tea.

Ingredients

  • Virtual Machine (e.g. AWS EC2 instance) 
  • Ubuntu 18.04 LTS (or any linux distribution with snap support)

Create cluster using microk8s

Like Magic:

sudo snap install microk8s --classic

You can confirm it is running with:

microk8s.kubectl cluster-info

…and you should get something like:

Kubernetes master is running at http://127.0.0.1:8080 
To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.

Create an alias for microk8s.kubectl so you can save a lot of typing:

sudo snap alias microk8s.kubectl kubectl

Enable auto completion for kubectl (current session):

source <(kubectl completion bash)

Configure bash:

echo "source <(kubectl completion bash)" >> ~/.bashrc

UI (Dashboard)

Expose management UI (Dashboard).

microk8s.enable dns dashboard ingress

Start Proxy

You can change the firewall to only allow access to this host on port 8001 but this is unsafe and will allow anybody access to the kubernetes dashboard.

If using AWS EC2 you can configure the “Security Group” used by this host to only allow incoming requests only from your IP. 

Another (better) option is to, from your development machine, use ssh with port forwarding to connect to this host. On your development machine:

ssh -L 8081:localhost:8081 <user>@<host>

Now start the dashboard proxy

On the microk8s host:

microk8s.kubectl proxy --accept-hosts=.* --address=0.0.0.0 &

On the browser in your desktop navigate to:

http://{your_micro8ks_host_name}:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

Microk8s Add-ons

microk8s.enable --help
Usage: microk8s.enable ADDON...
Enable one or more ADDON included with microk8s
Example: microk8s.enable dns storage

Available addons:

  dashboard
  dns
  gpu
  ingress
  istio
  metrics-server
  registry
  storage

Troubleshooting

On a ubuntu 18 AWS ec2 instance (without any changes) pods couldn’t access “the internet”. Turns out it was the iptables configuration. 

I got some help by running (on microk8s host):

microk8s.inspect 

and got some useful feedback:

...
WARNING: IPtables FORWARD policy is DROP.
Consider enabling traffic forwarding with:
sudo iptables -P FORWARD ACCEPT
...

and running it did resolved the problem with my pods accessing anything outside the pod.

What’s next?

Check this follow up post to setup your private docker registry.

References:


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *