blobs | ||
docs | ||
env | ||
ssl | ||
systemd | ||
tools | ||
yaml | ||
.gitignore | ||
attach_private_registry.sh | ||
attach_storage_ceph.sh | ||
build_crypto.sh | ||
config-api.ini.dist | ||
config-coreapps.dist | ||
config.dist | ||
deploy_cert_manager.sh | ||
deploy_env.sh | ||
deploy_ingress_nginx.sh | ||
deploy_monitoring.sh | ||
deploy_system.sh | ||
health.sh | ||
init.sh | ||
README.md |
#k8x - deploys k8s with 3 masters
tested OS:
- debian 10
Configuration
config.dist - copy to config and setup the cluster deployment specific settings.
config-coreapps.dist - copy to config-coreapps and setup the core applications specific settings.
Installation of cluster nodes
./build_crypto.sh - run once to generate a CA and pack it as cryptopack.b64 file which should be shared on all nodes
./init.sh - install k8s master or worker capabilities on each kubernetes node. requires the initial hostname to be set up as those listed in the config file. run simultaniously on all masters to setup etcd, and then once on each worker node.
Installation of core applications
Note: Run the scripts from a node which has a config-coreapps config file
./deploy_system.sh - installs the calico sdn, coredns and metrics server into the kube-system namespace, setups helm and kubelet rbac
./deploy_cert_manager.sh - installs the letsencrypt acme ssl certificate manager into the cert-manager namespace
./deploy_ingress_nginx.sh - install the ingress-nginx ingress controller into the ingress-nginx namespace
./attach_storage_ceph.sh - create ceph storage keys into kube-system namespace and the rados-block storage class which pvcs could attach to for dynamic provisioning
./deploy_monitoring.sh - install prometheus, loki, grafana and zabbix
Installation of additional environments
./deploy_env.sh staging - install the staging namespace with wildcard ssl
./deploy_env.sh develop - install the develop namespace with wildcard ssl, and common docker registry
./deploy_env.sh live - install the production namespace
Tools
./health.sh - displays the cluster health
./health.sh objects - displays the cluster and cluster objects health
k9s - start the kubernetes ncurses admin panel
watch -n 5 "k get pods --sort-by=.status.startTime --all-namespaces -o wide | tac" - watch for cluster pod state changes
source config ; export KUBECONFIG=$ADMIN_KUBECONFIG - exports the cluster admin key to use the kubectl (or k) command cluster-wide
Additional Tasks
- Setup Grafana to access kube-apiserver in order to fetch pod metrics Plugin: https://grafana.com/plugins/grafana-kubernetes-app Data Source: https://kubernetes.default.svc.cluster.local Auth: With Credentials, With CA Cert, TLS Client Auth