No description
Find a file
2024-05-18 04:45:52 +03:00
blobs import from rtg 2024-05-18 04:45:52 +03:00
docs import from rtg 2024-05-18 04:45:52 +03:00
env import from rtg 2024-05-18 04:45:52 +03:00
ssl import from rtg 2024-05-18 04:45:52 +03:00
systemd import from rtg 2024-05-18 04:45:52 +03:00
tools import from rtg 2024-05-18 04:45:52 +03:00
yaml import from rtg 2024-05-18 04:45:52 +03:00
.gitignore import from rtg 2024-05-18 04:45:52 +03:00
attach_private_registry.sh import from rtg 2024-05-18 04:45:52 +03:00
attach_storage_ceph.sh import from rtg 2024-05-18 04:45:52 +03:00
build_crypto.sh import from rtg 2024-05-18 04:45:52 +03:00
config-api.ini.dist import from rtg 2024-05-18 04:45:52 +03:00
config-coreapps.dist import from rtg 2024-05-18 04:45:52 +03:00
config.dist import from rtg 2024-05-18 04:45:52 +03:00
deploy_cert_manager.sh import from rtg 2024-05-18 04:45:52 +03:00
deploy_env.sh import from rtg 2024-05-18 04:45:52 +03:00
deploy_ingress_nginx.sh import from rtg 2024-05-18 04:45:52 +03:00
deploy_monitoring.sh import from rtg 2024-05-18 04:45:52 +03:00
deploy_system.sh import from rtg 2024-05-18 04:45:52 +03:00
health.sh import from rtg 2024-05-18 04:45:52 +03:00
init.sh import from rtg 2024-05-18 04:45:52 +03:00
README.md import from rtg 2024-05-18 04:45:52 +03:00

#k8x - deploys k8s with 3 masters

tested OS:

  • debian 10

Configuration

config.dist - copy to config and setup the cluster deployment specific settings.

config-coreapps.dist - copy to config-coreapps and setup the core applications specific settings.

Installation of cluster nodes

./build_crypto.sh - run once to generate a CA and pack it as cryptopack.b64 file which should be shared on all nodes

./init.sh - install k8s master or worker capabilities on each kubernetes node. requires the initial hostname to be set up as those listed in the config file. run simultaniously on all masters to setup etcd, and then once on each worker node.

Installation of core applications

Note: Run the scripts from a node which has a config-coreapps config file

./deploy_system.sh - installs the calico sdn, coredns and metrics server into the kube-system namespace, setups helm and kubelet rbac

./deploy_cert_manager.sh - installs the letsencrypt acme ssl certificate manager into the cert-manager namespace

./deploy_ingress_nginx.sh - install the ingress-nginx ingress controller into the ingress-nginx namespace

./attach_storage_ceph.sh - create ceph storage keys into kube-system namespace and the rados-block storage class which pvcs could attach to for dynamic provisioning

./deploy_monitoring.sh - install prometheus, loki, grafana and zabbix

Installation of additional environments

./deploy_env.sh staging - install the staging namespace with wildcard ssl

./deploy_env.sh develop - install the develop namespace with wildcard ssl, and common docker registry

./deploy_env.sh live - install the production namespace

Tools

./health.sh - displays the cluster health

./health.sh objects - displays the cluster and cluster objects health

k9s - start the kubernetes ncurses admin panel

watch -n 5 "k get pods --sort-by=.status.startTime --all-namespaces -o wide | tac" - watch for cluster pod state changes

source config ; export KUBECONFIG=$ADMIN_KUBECONFIG - exports the cluster admin key to use the kubectl (or k) command cluster-wide

Additional Tasks

  1. Setup Grafana to access kube-apiserver in order to fetch pod metrics Plugin: https://grafana.com/plugins/grafana-kubernetes-app Data Source: https://kubernetes.default.svc.cluster.local Auth: With Credentials, With CA Cert, TLS Client Auth