Kubernetes
- Kubernetes / AWS Architecture Platform - https://github.com/ObrienlabsDev/kubernetes-aws-platform-infra
- vertical and horizonatl autoscaling - https://karpenter.sh/
Tracking: https://github.com/ObrienlabsDev/blog/issues/75
Use 60g HD, 10 of 16 cores, 8G ram.
Don't add anything except Open SSH server
install net-tools for ifconfig
sudo apt install net-tools
Test remote login and add ssh-key
On both machines...
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
start at
https://kubernetes.io/docs/setup/
we will come back to the learning section
https://kubernetes.io/docs/tasks/tools/
We go directly to "installing kubeadm" in the production section
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
Check prerequisites
MAC addresses are different - if VMs were independently created.
Disable swap
Add a container runtime
https://kubernetes.io/docs/setup/production-environment/container-runtimes/
IPv4 Packet filtering
ubuntu@ubuntu01:~$ cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
EOF
net.ipv4.ip_forward = 1
ubuntu@ubuntu01:~$ cat /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
ubuntu@ubuntu01:~$ sudo sysctl --system
sysctl net.ipv4.ip_forward
Containerd install
https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd via https://github.com/containerd/containerd/blob/main/docs/getting-started.md
Rancher 1.6 to 2.0 was the goto bare metal or VM supported kubernetes distribution in the 2017-2019 timeframe around Kubernetes 1.7. The rancher product was integrated into SUSE and continues to support RKE 1 (original) and RKE 2 (FedRAMP compliant). K3s is the edge version of the RKE distribution as a CNCF project.
see - https://github.com/ObrienlabsDev/biometric-backend/issues/11
Limit installations to Ubuntu 22.04+ on IA64 (ARM64 is experimental). As of 202408 the following kubernetes components are supported for v1.30.2
- Kubernetes: v1.30.2
- RKE2 Version: v1.30.2+rke2r1
- Etcd: v3.5.13-k3s1
- Containerd: v1.7.17-k3s1
- Runc: v1.1.12
- Metrics-server: v0.7.1
- CoreDNS: v1.11.1
- Ingress-Nginx: v1.10.1-hardened1
- Helm-controller: v0.16.1
- CNI: Canal (Flannel: v0.25.4, Calico: v3.28.0)
- CNI: Calico v3.27.3
- CNI: Cilium v1.15.5
- CNI: Multus v4.0.2
curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64
sudo install minikube-linux-amd64 /usr/local/bin/minikube && rm minikube-linux-amd64
minikube start
Enable kubernetes 1.29
For
ichaelobrien@mbp7 kubernetes % kubectl get nodes
E0802 19:52:50.751864 60075 memcache.go:265] couldn't get current server API group list: Get "https://127.0.0.1:64151/api?timeout=32s": dial tcp 127.0.0.1:64151: connect: connection refused
The connection to the server 127.0.0.1:64151 was refused - did you specify the right host or port?
If previously running "kind" switch to docker desktop
michaelobrien@mbp7 kubernetes % kubectl get nodes
NAME STATUS ROLES AGE VERSION
docker-desktop Ready control-plane 4m18s v1.29.2
- setup eksctl https://docs.aws.amazon.com/eks/latest/userguide/install-kubectl.html#eksctl-install-update
- 20241025: follow https://docs.aws.amazon.com/eks/latest/userguide/create-cluster.html
Create a VPC with 2 public, 2 private subnets - https://docs.aws.amazon.com/eks/latest/userguide/creating-a-vpc.html#_public_and_private_subnets
Select Kubernetes V1.31 - as V1.30 will autocharge support fees in 8 months "End of standard support for Kubernetes version 1.30 is July 28, 2025. On that date, your cluster will enter the extended support period with additional fees. For more information"
aws eks update-kubeconfig --region us-east-1 --name prod
Added new context arn:aws:eks:us-east-1:45..:cluster/prod to /Users/..n/.kube/config
kubectl get nodes
NAME STATUS ROLES AGE VERSION
ip-172-31-42-248.ec2.internal Ready <none> 21h v1.30.4-eks-a737599
ip-172-31-80-165.ec2.internal Ready <none> 21h v1.30.4-eks-a737599
kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system aws-node-8bwzk 2/2 Running 0 21h
kube-system aws-node-f9mz4 2/2 Running 0 21h
kube-system coredns-586b798467-fdvwr 1/1 Running 0 11d
kube-system coredns-586b798467-gff7r 1/1 Running 0 11d
kube-system eks-pod-identity-agent-cq8nn 1/1 Running 0 21h
kube-system eks-pod-identity-agent-g4wxv 1/1 Running 0 21h
kube-system kube-proxy-b8v4z 1/1 Running 0 21h
kube-system kube-proxy-h2ttb 1/1 Running 0 21h
- Latest 4.12
- https://www.redhat.com/en/services/training/do080-deploying-containerized-applications-technical-overview
- https://www.redhat.com/en/services/training/red-hat-openshift-administration-i-operating-a-production-cluster
- https://www.redhat.com/en/services/training/do281-red-hat-openshift-administration-ii-configuring-a-production-cluster-with-exam
- https://www.redhat.com/en/technologies/cloud-computing/openshift/pricing
- https://www.redhat.com/en/technologies/cloud-computing/openshift/kubernetes-engine#buy
- config-syncer (was kubed) - similar to GCP config-sync - https://github.com/config-syncer/config-syncer