https://docs.thismightnot.work/linux/kubernetes/index.htmlHugoen-nzTue, 14 May 2024 21:27:29 +1200https://docs.thismightnot.work/linux/kubernetes/requirements/index.htmlTue, 14 May 2024 21:25:57 +1200https://docs.thismightnot.work/linux/kubernetes/requirements/index.htmlCluster requirements Hardware Minimum of 3 hosts (1 controller, 2 workers), this example will be using Ubuntu, this guide will assume the nodes are already setup Try keep the number of control nodes, this will ensure the (explanation better than I can explain here scale this up as required, the number of nodes in this case will not effect the setup process ensure you have an un-even number of control nodes to allow make sure leader election is reliable.https://docs.thismightnot.work/linux/kubernetes/installation/index.htmlTue, 14 May 2024 21:26:09 +1200https://docs.thismightnot.work/linux/kubernetes/installation/index.htmlMake sure Ubuntu is up-to-date sudo apt dist-upgradeInstall the required repo dependencies We need to install the required packages for the docker repository to grab the latest packages. sudo apt update sudo apt install -y \ ca-certificates \ curl \ gnupg \ lsb-releaseAdd the required repositories We will add the docker repository to get the latest version of the packages below # Create folder for new gpg keys sudo mkdir -p /etc/apt/keyrings # Docker repository for containerd curl -fsSL https://download.https://docs.thismightnot.work/linux/kubernetes/additional-os-configuration/index.htmlTue, 14 May 2024 21:26:40 +1200https://docs.thismightnot.work/linux/kubernetes/additional-os-configuration/index.htmldisable swap Kubernetes required that any swap partitions are disabled and will not work if enabled. Run the following commands to disable sudo swapoff -a # Disable swap without restarting sudo sed -i '/ swap / s/^/#/' /etc/fstab # Comment out any swap lines in /etc/fstab cat /etc/fstab # Validate that swap lines are commented outEnable required kernel modules Run the following commands to enable the br_netfilter kernel module sudo mkdir /etc/modules-load.https://docs.thismightnot.work/linux/kubernetes/load-balancer/index.htmlTue, 14 May 2024 21:27:07 +1200https://docs.thismightnot.work/linux/kubernetes/load-balancer/index.htmlA load balancer is required if you have multiple control nodes, this is to ensure nodes and users can connect to the control plane if one of the host nodes becomes inactive. This document will outline using a fresh Debian or Alpine based host using HAProxy. Any TLS load-balancer will work. Install HAProxy OS: Alpine Debian/Ubuntu sudo apk update # Update apk cache sudo apk add haproxy # Install HAProxy sudo rc-update add haproxy # Start HAProxy on boot sudo apt update # Update apt cache sudo apt install -y haproxy # Install HAProxy server sudo systemctl enable --now haproxy # Start and enable HAProxy on boot Configure HAProxy Set the configuration file for HAProxy as below - this is a base configuration and will need changes in the backend configuration at the bottom.https://docs.thismightnot.work/linux/kubernetes/initialise-cluster/index.htmlTue, 14 May 2024 21:27:20 +1200https://docs.thismightnot.work/linux/kubernetes/initialise-cluster/index.htmlInitialize To initialize a cluster the setup is quick and easy. Multi control node deployment To initialize the cluster, run the following command on each control node to pull the control node containers sudo kubeadm config images pullOnce the images have been pulled, run the following command on ONE control node to initialize the cluster. Update --control-plane-endpoint to have the load balancer hostname or ip. Update the pod network cidr if the range is already in use within your network.https://docs.thismightnot.work/linux/kubernetes/create-user/index.htmlTue, 14 May 2024 21:27:29 +1200https://docs.thismightnot.work/linux/kubernetes/create-user/index.htmlFor managing Kubernetes user accounts we are going to use certificates. Setup an admin ClusterRole (control node) From a control create the following file and apply to create a cluster role admin-role.yml Feel free to replace example-cluster-admin and example:masters with a different name e.g. myorg-cluster-admins or myorg:masters --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: example-cluster-admin roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - apiGroup: rbac.authorization.k8s.io kind: Group name: example:masters Apply the manifest above with