On a first step I created and configured a virtual machine.
When creating the VM, I added an ssh public key to it in order to connect from my laptop without problems in the future.
After creation I checked the connection to the VM.
The connection is successful.
Next, I moved on to setting up a remote installation of Kubernetes using ansible.
I cloned Kubespray release repository to my personal laptop. I did this using the following commands.
git clone https://github.com/kubernetes-sigs/kubespray.git
cd kubespray
git checkout release-2.20
In the next step, I copied and modified the inventory file.
After that, I modified the addons.yml and k8s-cluster.yml files according to my settings and thus enabled MetalLB.
In file addons.yml:
nano inventory/mycluster/group_vars/k8s_cluster/addons.yml
Added the following strings:
metallb_enabled: true
metallb_speaker_enabled: true
metallb_avoid_buggy_ips: true
metallb_ip_range:
- "10.132.0.9/32"
In file k8s-cluster.yml:
nano inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml
The following setting is changed from "false" to "true".
kube_proxy_strict_arp: true
With the following command, I mounted the folder with kubespray and ssh keys to the docker container and started it.
docker run --rm -it -v /home/svjtosha/kubespray:/mnt/kubespray \
-v /home/svjtosha/.ssh:/pem \
quay.io/kubespray/kubespray:v2.20.0 bash
In the next step I went to kubespray folder and start ansible-playbook.
cd /mnt/kubespray
ansible-playbook -i inventory/mycluster/inventory.ini --private-key /pem/gcp_rsa -e ansible_user=svjtosha -b cluster.yml
Ansible playbook worked successfully.
After successful installation I connected to VM and copy kubectl configuration file.
mkdir ~/.kube
sudo cp /etc/kubernetes/admin.conf ~/.kube/config
sudo chmod 777 ~/.kube/config
As result I saw:
Next, I installed the ingress controller. To do this, I created the nginx-ctl.yaml and path_provisioner.yaml files with the appropriate instructions on the virtual machine and ran them with the following commands:
kubectl apply -f nginx-ctl.yaml
kubectl apple -f path_provisioner.yml
After entering the following command, I saw that the ingress controller was working correctly and the external IP appeared on the load balancer:
kubectl get svc --all-namespaces
In the next step, I registered the gl-basecamp.dynv6.net domain at the free registrar dynv6.com and added the IP of my virtual machine in the domain settings. (For the test, I created a deployment with services that I will talk about below.)
Now my site with nginx is available on the Internet under the domain name I created, but still with an insecure connection.
I used https://cert-manager.io/ with Letsencrypt to setup the ssl certificate.
On first I used next command to install cert manager to Kubernetes cluster:
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.yaml
Then I prepared 2 yaml files staging_clusterIssuer.yaml to verify that the certificate is generated correctly and prod_clusterIssuer.yaml to apply the ssl certificate to our cluster. I transferred these files to the VM and ran them with the following command:
kubectl apply -f staging_clusterIssuer.yaml
kubectl apply -f prod_clusterIssuer.yaml
After executing the following command, we can see that our clusterissuers are working.
kubectl get clusterissuers
After that, the ingress.yaml file was created and configured, where my host gl-basecamp.dynv6.net and cluster-issuer were specified. At first it was stanging, and after checking that everything works correctly, I replaced stanging with prod.
After updating the ingress file with the prod settings, a secure connection was created for my cluster.
The nginx page now works over the secure https protocol.
As it was said a little above, to perform the task I prepared a deployment with the ClusterIP service as and ingress file with connecting to ClusterIssuer and use the letsencrypt certificate. I add all these files to my repository.
In the end, I decided to slightly modify the nginx image in my deployment and add my html page to it. Using docker on my laptop, I created a new image to which I added my page. I then uploaded this image to dockerhub. By changing the image in deployment and running the following command, I changed the look of my site.
kubectl apply -f nginx-deployment.yaml