Initializing the Kubernetes cluster: Difference between revisions
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
== | == Kubernetes and pre-requisites == | ||
Install Kubernetes on Ubuntu 18.04. Assuming version 1.14.2 is pulled, check how to fix version. | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
| Line 8: | Line 8: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Reconfigure docker runtime. Edit /etc/docker/daemon.json as follows: | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
{ | { | ||
| Line 20: | Line 19: | ||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Restart docker daemon: | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
> mkdir -p /etc/systemd/system/docker.service.d | > mkdir -p /etc/systemd/system/docker.service.d | ||
| Line 27: | Line 27: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
Make sure swap is off | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
> sudo swapoff -a | > sudo swapoff -a | ||
| Line 33: | Line 33: | ||
Check /etc/fstab if swap is still configured there, delete if this is the case. | Check /etc/fstab if swap is still configured there, delete if this is the case. | ||
== Create cluster configuration scripts == | |||
<syntaxhighlight lang="bash"> | <syntaxhighlight lang="bash"> | ||
> cd init/templates | > cd init/templates | ||
| Line 44: | Line 45: | ||
This will generate the init config from the config template and store it in /home/kubernetes/clusters/ccu. | This will generate the init config from the config template and store it in /home/kubernetes/clusters/ccu. | ||
== Spin up the master node == | |||
Use kubeadm with the generated config to initialize the control plane. | Use kubeadm with the generated config to initialize the control plane. | ||
| Line 53: | Line 55: | ||
> sudo kubeadm init --config kubeadm-init-config.yaml | > sudo kubeadm init --config kubeadm-init-config.yaml | ||
</syntaxhighlight> | </syntaxhighlight> | ||
If this fails at any point, use kubeadm reset after problems have been fixed before trying to re-initialize. | |||
Revision as of 13:38, 14 June 2019
Kubernetes and pre-requisites
Install Kubernetes on Ubuntu 18.04. Assuming version 1.14.2 is pulled, check how to fix version.
> cd init
> ./install_kubernetes.sh
Reconfigure docker runtime. Edit /etc/docker/daemon.json as follows:
{
"exec-opts": ["native.cgroupdriver=systemd"],
"log-driver": "json-file",
"log-opts": {
"max-size": "100m"
},
"storage-driver": "overlay2"
}
Restart docker daemon:
> mkdir -p /etc/systemd/system/docker.service.d
> systemctl daemon-reload
> systemctl restart docker
Make sure swap is off
> sudo swapoff -a
Check /etc/fstab if swap is still configured there, delete if this is the case.
Create cluster configuration scripts
> cd init/templates
# edit cluster information in the following config file
> nano make_init_config.sh
> touch /home/kubernetes/.rnd
> ./make_init_config.sh
This will generate the init config from the config template and store it in /home/kubernetes/clusters/ccu.
Spin up the master node
Use kubeadm with the generated config to initialize the control plane.
> cd /home/kubernetes/clusters/ccu
> sudo systemctl enable docker.service
> sudo kubeadm init --config kubeadm-init-config.yaml
If this fails at any point, use kubeadm reset after problems have been fixed before trying to re-initialize.
- Flannel daemonset (node communication)
- nVidia daemonset
- Update kubelet configuration for master node
Authentication systems
DEX with LDAP
TODO: outdated, switched to containerized DEX. Check what still needs to be done.
Set up according to this tutorial with customized install scripts in kubernetes/init/dex/
- Create secrets for TLS connections, use certs for ccu.uni-konstanz.de
- Modify ca-cm.yml to contain correct ca.
- Run upload_ccu_tls.sh
- Spin up login application service.
- Modify loginapp-cm.yml: server config
- Modify loginapp-ing-srv.yml: service data, mapping of ports to outside world
- Modify loginapp-deploy.yml: ID secret for TLS
- Run start-login-service.sh
- Spin up dex
- Modify dex-cm.yml: server data and LDAP configuration
- Modify dex-ing-srv.yml: service data, mapping of ports to outside world
- Modify dex-deploy.yml: ID secret for TLS
- Run start-dex-service.sh