Comments (6)
Hey @abderraxim - this is an awesome request - from 0 to production. However, what is production? Every-one/situation will have a different production requirement. So, you'll have to define what production is to you. And then, you'll need to follow the steps that Venkat has documented so well to get you going.
For demos, deploying nginx into the cluster and showing how to access that service in a browser IS the production environment.
from kubernetes.
@abderraxim Perhaps you might take a look at https://homekube.org Its a complete tutorial on how to setup a barematal kubernetes cluster with references to @justmeandopensource and Techworld with nanas tutorials explaining the individual steps. Solution covers also cert-manger and automated certificate renewal for DNS01 (wildcard subdomains) with screenshots of a sample DNS service provider.
from kubernetes.
Thanks for your feedback, i will check that and get back to you, but before, i have a question or 2.
- where to start to achieve customized nameservers and external dns?
- how can route all the traffic on a single load balancing ip? Like we do on webserver we can design our subdomains or domains to hit the same ip but internally (via zone) hit different folders or in case of k8s different services
from kubernetes.
Let me explain how i see the thing:
I shall write necessities randomly and i hope you help me glue them, so let's start.
- building a cluster with multiple vps spread over different datacenters with multiple masters ( so there is no single point of failure)- minimum 3 to avoid split brain
- routing it via a load balancer which itself has no single point of failure ( as the hosting claims)
- having workers or not ( untaint masters )
- setting customized dns to assign after that domains from different registrars
- setting longhorn ( for k8s <1.25 ) to have shared scheduled space across all vps to avoid again single point of failure
- let's encrypt all over the cluster
- building dummy wordpress for example and route it to a subdomain
There might be other points i will be adding them later, thank you again
from kubernetes.
Thanks for your feedback, i will check that and get back to you, but before, i have a question or 2.
* where to start to achieve customized nameservers and external dns? * how can route all the traffic on a single load balancing ip? Like we do on webserver we can design our subdomains or domains to hit the same ip but internally (via zone) hit different folders or in case of k8s different services
CoreDns is a good choice for customized nameservers. We use it for providing our internal DNS. e.g. nas.internal.example.com, db.internal.example.com ... On your DNS providers config page you need to add your subdomain nameserver to the list of nameservers e.g. internal.example.com. You need to operate your own coreDNS server which is pretty straightforward and well explained. However to need to open port 53 tcp/udp on your public ip.
Not to confuse this nameserver for your site intrastructure with your kubernetes clusters nameservers which serve only for cluster internal name resolution.
For single ip loadbalancing we use haproxy as a doorkeeper. I'll add part of our haproxy.cfg file so you might get the idea.
global
log stdout local0 debug
# Adjust the timeout to your needs
defaults
log global
timeout client 30s
timeout server 30s
timeout connect 5s
# Single VIP
frontend https
bind *:443
mode tcp
option tcplog
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
# NOTICE its req.ssl_sni not req_ssl_sni (deprecated but still valid)
# NOTICE - do NOT use 'ssl_fc_sni' and 'ssl_fc_sni_end'
# That is only supported if the certificates are supplied to haproxy e.g. bind *.443 ssl cert ....
use_backend homekube if { req.ssl_sni -i dashboard.homekube.org }
use_backend homekube if { req.ssl_sni -i prometheus.homekube.org }
use_backend homekube if { req.ssl_sni -i grafana.homekube.org }
use_backend homekube if { req.ssl_sni -i whoami.homekube.org }
use_backend homekube if { req.ssl_sni -i auth.homekube.org }
# www.homekube.org is served by github -> @see cname config for homekube.org
# use_backend rainloop if { req.ssl_sni -i rainloop.homekube.org }
use_backend raspi if { req.ssl_sni -m end .pi.homekube.org }
default_backend backend_apache
# Using SNI to take routing decision
backend homekube
mode tcp
server ingress 192.168.1.200:443
# Using SNI to take routing decision
backend raspi
mode tcp
server raspi_ingress 192.168.1.48:443
# Default backend
# Servers 91 active and 96 backup
# server apache 192.168.1.96:443
backend backend_apache
mode tcp
server apache 192.168.1.91:443
192.168.1.200 and 192.168.1.48 are the entry points for the homekube.org demo cluster metallb configuration.
All the other parts of the configuration are documented here
Hope this helps. Good look !
from kubernetes.
I will see if I can put together some videos regarding this. I have a backlog of huge list of requested videos. I am going through them in order requested and will take a while to get to this. Cheers.
from kubernetes.
Related Issues (20)
- Feed-back, would you be kind enough to use nginx external load balancer? HOT 1
- unable to install istiod HOT 2
- Internet connection HOT 1
- Can't setup HA Cluster with 1.24.6 HOT 15
- Containers unstable HOT 1
- not able to run vagrant up on ubuntu 22.04 using the vagrant file HOT 1
- LXD provisioning for kubernetes isnt working HOT 2
- ingress-nginx define the localhost ip as ingress address instead of IP from metallb addresspool HOT 7
- Internet issue when running cluster in corporate network HOT 2
- ingress-nginx get 400 HOT 2
- bootstrap_kmaster task 1 is not able to pull HOT 4
- kmaster: [TASK 4] Generate and save cluster join command to /joincluster.sh step return a non-zero exit status HOT 4
- LXC/LXD - Kubernetes Cluster created but not working HOT 3
- ClusterAPI HOT 2
- Create Kubernetes cluster using Vagrant. HOT 2
- LXD Provisioning HOT 1
- lxc.mount.auto=proc:rw sys:rw freezes archlinux HOT 5
- vagrant provisioning HOT 1
- unexpected lxd-provisioning behaviour
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes.