2016-09-11 09:34:14 +03:00
# Cloud Infrastructure Provisioning - Google Cloud Platform
2016-09-11 09:32:40 +03:00
2016-09-27 15:23:35 +03:00
This lab will walk you through provisioning the compute instances required for running a H/A Kubernetes cluster. A total of 6 virtual machines will be created.
2016-09-11 17:42:23 +03:00
2016-09-11 09:32:40 +03:00
After completing this guide you should have the following compute instances:
```
gcloud compute instances list
```
````
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
2016-09-27 15:23:35 +03:00
controller0 us-central1-f n1-standard-1 10.240.0.10 XXX.XXX.XXX.XXX RUNNING
controller1 us-central1-f n1-standard-1 10.240.0.11 XXX.XXX.XXX.XXX RUNNING
controller2 us-central1-f n1-standard-1 10.240.0.12 XXX.XXX.XXX.XXX RUNNING
worker0 us-central1-f n1-standard-1 10.240.0.20 XXX.XXX.XXX.XXX RUNNING
worker1 us-central1-f n1-standard-1 10.240.0.21 XXX.XXX.XXX.XXX RUNNING
worker2 us-central1-f n1-standard-1 10.240.0.22 XXX.XXX.XXX.XXX RUNNING
2016-09-11 09:32:40 +03:00
````
> All machines will be provisioned with fixed private IP addresses to simplify the bootstrap process.
To make our Kubernetes control plane remotely accessible, a public IP address will be provisioned and assigned to a Load Balancer that will sit in front of the 3 Kubernetes controllers.
2017-03-25 19:44:23 +03:00
## Prerequisites
2016-09-11 09:32:40 +03:00
2017-03-25 19:44:23 +03:00
Set the compute region and zone to us-central1:
2016-09-20 18:42:34 +03:00
```
gcloud config set compute/region us-central1
```
```
gcloud config set compute/zone us-central1-f
```
2017-03-24 05:48:14 +03:00
2017-03-25 19:44:23 +03:00
## Setup Networking
Create a custom network:
2016-09-20 18:42:34 +03:00
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
gcloud compute networks create kubernetes-the-hard-way --mode custom
2016-09-11 09:32:40 +03:00
```
Create a subnet for the Kubernetes cluster:
```
gcloud compute networks subnets create kubernetes \
2017-03-25 19:44:23 +03:00
--network kubernetes-the-hard-way \
2017-04-28 21:07:48 +03:00
--range 10.240.0.0/24 \
2017-04-14 18:16:37 +03:00
--region us-central1
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
### Create Firewall Rules
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
gcloud compute firewall-rules create allow-internal \
--allow tcp,udp,icmp \
--network kubernetes-the-hard-way \
--source-ranges 10.240.0.0/24,10.200.0.0/16
2016-09-11 09:32:40 +03:00
```
2017-01-20 20:32:53 +03:00
```
2017-03-25 19:44:23 +03:00
gcloud compute firewall-rules create allow-external \
--allow tcp:22,tcp:3389,tcp:6443,icmp \
--network kubernetes-the-hard-way \
2016-09-11 09:32:40 +03:00
--source-ranges 0.0.0.0/0
```
```
2017-03-25 19:44:23 +03:00
gcloud compute firewall-rules create allow-healthz \
2016-09-11 09:32:40 +03:00
--allow tcp:8080 \
2017-03-25 19:44:23 +03:00
--network kubernetes-the-hard-way \
2017-05-02 18:45:15 +03:00
--source-ranges 130.211.0.0/22,35.191.0.0/16
2016-09-11 09:32:40 +03:00
```
```
2017-03-25 19:44:23 +03:00
gcloud compute firewall-rules list --filter "network=kubernetes-the-hard-way"
2016-09-11 09:32:40 +03:00
```
```
2017-03-25 19:44:23 +03:00
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
allow-external kubernetes-the-hard-way 0.0.0.0/0 tcp:22,tcp:3389,tcp:6443,icmp
2017-06-30 17:18:42 +03:00
allow-healthz kubernetes-the-hard-way 130.211.0.0/22,35.191.0.0/16 tcp:8080
2017-03-25 19:44:23 +03:00
allow-internal kubernetes-the-hard-way 10.240.0.0/24,10.200.0.0/16 tcp,udp,icmp
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
### Create the Kubernetes Public Address
2016-09-11 09:32:40 +03:00
Create a public IP address that will be used by remote clients to connect to the Kubernetes control plane:
```
2017-03-25 19:44:23 +03:00
gcloud compute addresses create kubernetes-the-hard-way --region=us-central1
2016-09-11 09:32:40 +03:00
```
```
2017-03-25 19:44:23 +03:00
gcloud compute addresses list kubernetes-the-hard-way
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
2016-09-11 09:32:40 +03:00
```
2017-03-25 19:44:23 +03:00
NAME REGION ADDRESS STATUS
kubernetes-the-hard-way us-central1 XXX.XXX.XXX.XXX RESERVED
2016-09-11 09:32:40 +03:00
```
## Provision Virtual Machines
2017-03-25 19:44:23 +03:00
All the VMs in this lab will be provisioned using Ubuntu 16.04 mainly because it runs a newish Linux kernel with good support for Docker.
2016-09-11 09:32:40 +03:00
2016-09-11 12:53:34 +03:00
### Virtual Machines
2016-09-11 09:32:40 +03:00
2016-09-11 12:53:34 +03:00
#### Kubernetes Controllers
2016-09-11 09:32:40 +03:00
```
gcloud compute instances create controller0 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.10 \
2016-09-11 09:32:40 +03:00
--subnet kubernetes
```
```
gcloud compute instances create controller1 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.11 \
2016-09-11 09:32:40 +03:00
--subnet kubernetes
```
```
gcloud compute instances create controller2 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.12 \
2016-09-11 09:32:40 +03:00
--subnet kubernetes
```
2016-09-11 12:53:34 +03:00
#### Kubernetes Workers
2016-09-11 09:32:40 +03:00
2017-07-02 18:26:48 +03:00
Include socat depedency on worker VMs to enable kubelet's portfw functionality.
2016-09-11 09:32:40 +03:00
```
gcloud compute instances create worker0 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.20 \
2017-07-02 18:26:48 +03:00
--subnet kubernetes \
--metadata startup-script='#! /bin/bash
apt-get update
apt-get install -y socat
EOF'
2016-09-11 09:32:40 +03:00
```
```
gcloud compute instances create worker1 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.21 \
2017-07-02 18:26:48 +03:00
--subnet kubernetes \
--metadata startup-script='#! /bin/bash
apt-get update
apt-get install -y socat
EOF'
2016-09-11 09:32:40 +03:00
```
```
gcloud compute instances create worker2 \
--boot-disk-size 200GB \
--can-ip-forward \
2017-03-17 20:40:39 +03:00
--image ubuntu-1604-xenial-v20170307 \
2016-09-11 09:32:40 +03:00
--image-project ubuntu-os-cloud \
--machine-type n1-standard-1 \
2016-09-27 15:23:35 +03:00
--private-network-ip 10.240.0.22 \
2017-07-02 18:26:48 +03:00
--subnet kubernetes \
--metadata startup-script='#! /bin/bash
apt-get update
apt-get install -y socat
EOF'
2016-09-11 09:32:40 +03:00
```