This tutorial is the adpation of the original tutorial by Kelsey Hightower to in install a Kubernetes cluster by hand. It containes changes and annotations that specific to the way the Informatik Computer Cluster (ICC) is set up. Furthermore it will contain tags of those parts have been completed and those that are still pending further research and trials.
The target audience for this tutorial is someone planning to support a production Kubernetes cluster and wants to understand how everything fits together. After completing this tutorial I encourage you to automate away the manual steps presented in this guide.
- Kubernetes 1.7.2
- Docker 1.12.6
- etcd 3.1.4
- CNI Based Networking
- Secure communication between all components (etcd, control plane, workers)
- Default Service Account and Secrets
- RBAC authorization enabled
- TLS client certificate bootstrapping for kubelets
- High-Availability DNS add-on
- Logging
- [Monitoring]
The resulting cluster will be missing the following features:
- Cloud Provider Integration
This cluster's pet components are installed on a set of VMs provided by a VMWare-based infrastructure, while the worker nodes use a number of bare-metal hosts. Details can be found in the infrastructure document below.
- Infrastructure Provisioning
- Setting up a CA and TLS Cert Generation
- Setting up a HAProxy to provide reliable IP
- Setting up TLS Client Bootstrap and RBAC Authentication
- Configuring Nodes to use Private Docker Registry
- Bootstrapping a H/A etcd cluster
- Bootstrapping H/A Kubernetes Master Nodes
- Bootstrapping Kubernetes Workers
- Configuring the Kubernetes Client - Remote Access
- Managing the Container Network Routes
- Deploying the Cluster DNS Add-on
- Smoke Test
- Cleaning Up
- Managing Access
- Cluster Monitoring