Kubernetes para impostores

Submitted by elmanytas on

En este artículo vamos a ver como instalar Kubernetes en Ubuntu para luego desplegar una aplicación en él accesible desde tu pc.

En el siguiente veremos como hacer lo mismo pero en un servidor con Ubuntu, certificados https válidos, de que hacer backup, ...

microk8s

Usaremos microk8s que tiene versión para Linux, Windows y MAC.

Versión corta

Copia y pega esto en un terminal:

sudo snap install kubectl --classic

Te habrá pedido la contraseña. Para el resto ya la tiene:

sudo snap install helm --classic
sudo snap install microk8s --classic
microk8s.start
mkdir $HOME/.kube
microk8s.config > $HOME/.kube/config
microk8s enable dns
microk8s enable dashboard
microk8s enable ingress
microk8s enable storage

Hasta aquí son unos 3 minutos con una conexión que baja a 10MB/s .

Cuando todos los pods estén en estado Running habremos terminado:

~$  kubectl get po --all-namespaces
NAMESPACE     NAME                                              READY   STATUS    RESTARTS   AGE
ingress       nginx-ingress-microk8s-controller-l5ccz           1/1     Running   0          2m41s
kube-system   coredns-588fd544bf-ftfz7                          1/1     Running   0          2m51s
kube-system   dashboard-metrics-scraper-db65b9c6f-mbh96         1/1     Running   0          2m43s
kube-system   heapster-v1.5.2-58fdbb6f4d-hln5h                  4/4     Running   0          2m43s
kube-system   hostpath-provisioner-75fdc8fccd-v4bth             1/1     Running   0          2m34s
kube-system   kubernetes-dashboard-67765b55f5-hpnnn             1/1     Running   0          2m43s
kube-system   monitoring-influxdb-grafana-v4-6dc675bf8c-mmwr7   2/2     Running   0          2m43s
~$

Hasta aquí otros 3 minutos.

El proceso completo de instalación de Kubernetes no deberían ser más de 10 minutos.

Cuando termines, si te conectas a localhost en tu navegador, debería saludarte con un 404 Not Found un tal openresty.

Ahora vamos a ver si funciona instalando un wordpress con el chart de bitnami

helm repo add bitnami https://charts.bitnami.com/bitnami
helm upgrade --install wordpress \
  --set wordpressUsername=admin \
  --set wordpressPassword=admin \
  --set service.type=ClusterIP \
  --set ingress.enabled=true \
  --set ingress.hostname=localhost \
  bitnami/wordpress

Comprobamos que los pods se levanten:

~$ kubectl get po
NAME                         READY   STATUS    RESTARTS   AGE
wordpress-7d5756c684-pjgfq   1/1     Running   0          2m37s
wordpress-mariadb-0          1/1     Running   0          2m37s

Y en 3 minutos más:

El proceso completo desde 0 hasta un wordpress levantado en kubernetes no deberían ser más de 15 minutos.

Lo de arriba pero con la salida de los comandos.

Instalamos los clientes kubectl y helm:

~$ sudo snap install kubectl --classic
kubectl 1.17.3 from Canonical✓ installed
~$ sudo snap install helm --classic
helm 3.1.2 from Snapcrafters installed

Instalamos Kubernetes con microk8s:

~$ sudo snap install microk8s --classic
microk8s v1.18.0 from Canonical✓ installed
~$ microk8s.enable
~$ microk8s.start
Iniciado.
Enabling pod scheduling
node/yinyan already uncordoned

Configuramos el .kube/config para que los clientes sepan llegar a Kubernetes:

~$ mkdir $HOME/.kube
~$ microk8s.config > $HOME/.kube/config

Activamos algunos addons:

  • dns:
  ~$ microk8s enable dns
  Enabling DNS
  Applying manifest
  serviceaccount/coredns created
  configmap/coredns created
  deployment.apps/coredns created
  service/kube-dns created
  clusterrole.rbac.authorization.k8s.io/coredns created
  clusterrolebinding.rbac.authorization.k8s.io/coredns created
  Restarting kubelet
  DNS is enabled
  • dashboard:
  ~$ microk8s enable dashboard
  Applying manifest
  serviceaccount/kubernetes-dashboard created
  service/kubernetes-dashboard created
  secret/kubernetes-dashboard-certs created
  secret/kubernetes-dashboard-csrf created
  secret/kubernetes-dashboard-key-holder created
  configmap/kubernetes-dashboard-settings created
  role.rbac.authorization.k8s.io/kubernetes-dashboard created
  clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
  rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
  clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
  deployment.apps/kubernetes-dashboard created
  service/dashboard-metrics-scraper created
  deployment.apps/dashboard-metrics-scraper created
  service/monitoring-grafana created
  service/monitoring-influxdb created
  service/heapster created
  deployment.apps/monitoring-influxdb-grafana-v4 created
  serviceaccount/heapster created
  clusterrolebinding.rbac.authorization.k8s.io/heapster created
  configmap/heapster-config created
  configmap/eventer-config created
  deployment.apps/heapster-v1.5.2 created

  If RBAC is not enabled access the dashboard using the default token retrieved with:

  token=$(microk8s kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)
  microk8s kubectl -n kube-system describe secret $token

  In an RBAC enabled setup (microk8s enable RBAC) you need to create a user with restricted
  permissions as shown in:
  https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
  • ingress:
  ~$ microk8s enable ingress
  Enabling Ingress
  namespace/ingress created
  serviceaccount/nginx-ingress-microk8s-serviceaccount created
  clusterrole.rbac.authorization.k8s.io/nginx-ingress-microk8s-clusterrole created
  role.rbac.authorization.k8s.io/nginx-ingress-microk8s-role created
  clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-microk8s created
  rolebinding.rbac.authorization.k8s.io/nginx-ingress-microk8s created
  configmap/nginx-load-balancer-microk8s-conf created
  daemonset.apps/nginx-ingress-microk8s-controller created
  Ingress is enabled
  • storage:
  ~$ microk8s enable storage
  Enabling default storage class
  deployment.apps/hostpath-provisioner created
  storageclass.storage.k8s.io/microk8s-hostpath created
  serviceaccount/microk8s-hostpath created
  clusterrole.rbac.authorization.k8s.io/microk8s-hostpath created
  clusterrolebinding.rbac.authorization.k8s.io/microk8s-hostpath created
  Storage will be available soon

Instalamos un wordpress:

~$ helm upgrade --install wordpress --set wordpressUsername=admin --set wordpressPassword=admin --set service.type=ClusterIP --set ingress.enabled=true --set ingress.hostname=localhost bitnami/wordpress
Release "wordpress" does not exist. Installing it now.
NAME: wordpress
LAST DEPLOYED: Sun Apr  5 22:41:25 2020
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
** Please be patient while the chart is being deployed **

To access your WordPress site from outside the cluster follow the steps below:

1. Get the WordPress URL and associate WordPress hostname to your cluster external IP:

   export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
   echo "WordPress URL: http://localhost/"
   echo "$CLUSTER_IP  localhost" | sudo tee -a /etc/hosts

2. Open a browser and access WordPress using the obtained URL.

3. Login with the following credentials below to see your blog:

  echo Username: admin
  echo Password: $(kubectl get secret --namespace default wordpress -o jsonpath="{.data.wordpress-password}" | base64 --decode)
~$

Y esperamos a que se levante:

~$ kubectl get po
NAME                         READY   STATUS    RESTARTS   AGE
wordpress-7d5756c684-pjgfq   1/1     Running   0          2m37s
wordpress-mariadb-0          1/1     Running   0          2m37s

El proceso completo desde 0 hasta un wordpress levantado en kubernetes no deberían ser más de 15 minutos.