2016-07-07 17:40:50 +03:00
# Cloud Infrastructure Provisioning
Kubernetes can be installed just about anywhere physical or virtual machines can be run. In this lab we are going to focus on Google Cloud Platform (IaaS).
This lab will walk you through provisioning the compute instances required for running a H/A Kubernetes cluster. A total of 9 virtual machines will be created.
After completing this guide you should have the following compute instances:
```
gcloud compute instances list
```
````
2016-07-08 00:06:24 +03:00
NAME ZONE MACHINE_TYPE PREEMPTIBLE INTERNAL_IP EXTERNAL_IP STATUS
2016-07-08 20:26:32 +03:00
controller0 us-central1-f n1-standard-1 10.240.0.20 XXX.XXX.XXX.XXX RUNNING
controller1 us-central1-f n1-standard-1 10.240.0.21 XXX.XXX.XXX.XXX RUNNING
controller2 us-central1-f n1-standard-1 10.240.0.22 XXX.XXX.XXX.XXX RUNNING
etcd0 us-central1-f n1-standard-1 10.240.0.10 XXX.XXX.XXX.XXX RUNNING
etcd1 us-central1-f n1-standard-1 10.240.0.11 XXX.XXX.XXX.XXX RUNNING
etcd2 us-central1-f n1-standard-1 10.240.0.12 XXX.XXX.XXX.XXX RUNNING
worker0 us-central1-f n1-standard-1 10.240.0.30 XXX.XXX.XXX.XXX RUNNING
worker1 us-central1-f n1-standard-1 10.240.0.31 XXX.XXX.XXX.XXX RUNNING
worker2 us-central1-f n1-standard-1 10.240.0.32 XXX.XXX.XXX.XXX RUNNING
2016-07-07 17:40:50 +03:00
````
> All machines will be provisioned with fixed private IP addresses to simplify the bootstrap process.
2016-07-08 17:28:40 +03:00
To make our Kubernetes control plane remotely accessible, a public IP address will be provisioned and assigned to a Load Balancer that will sit in front of the 3 Kubernetes controllers.
2016-07-07 17:40:50 +03:00
2016-07-08 20:26:32 +03:00
## Create a Custom Network
```
gcloud compute networks create kubernetes --mode custom
```
```
NAME MODE IPV4_RANGE GATEWAY_IPV4
kubernetes custom
```
2016-07-09 02:46:47 +03:00
Create a subnet for the Kubernetes cluster:
2016-07-08 20:26:32 +03:00
```
gcloud compute networks subnets create kubernetes \
--network kubernetes \
2016-07-09 02:45:43 +03:00
--range 10.240.0.0/24 \
--region us-central1
2016-07-08 20:26:32 +03:00
```
```
NAME REGION NETWORK RANGE
kubernetes us-central1 kubernetes 10.240.0.0/24
```
### Firewall Rules
```
gcloud compute firewall-rules create kubernetes-allow-icmp \
2016-07-09 02:43:29 +03:00
--allow icmp \
2016-07-08 20:26:32 +03:00
--network kubernetes \
2016-07-09 02:43:29 +03:00
--source-ranges 0.0.0.0/0
2016-07-08 20:26:32 +03:00
```
```
gcloud compute firewall-rules create kubernetes-allow-internal \
2016-07-09 02:43:29 +03:00
--allow tcp:0-65535,udp:0-65535,icmp \
2016-07-08 20:26:32 +03:00
--network kubernetes \
2016-07-09 02:43:29 +03:00
--source-ranges 10.240.0.0/24
2016-07-08 20:26:32 +03:00
```
```
gcloud compute firewall-rules create kubernetes-allow-rdp \
2016-07-09 02:43:29 +03:00
--allow tcp:3389 \
2016-07-08 20:26:32 +03:00
--network kubernetes \
2016-07-09 02:43:29 +03:00
--source-ranges 0.0.0.0/0
2016-07-08 20:26:32 +03:00
```
```
gcloud compute firewall-rules create kubernetes-allow-ssh \
2016-07-09 02:43:29 +03:00
--allow tcp:22 \
2016-07-08 20:26:32 +03:00
--network kubernetes \
2016-07-09 02:43:29 +03:00
--source-ranges 0.0.0.0/0
2016-07-08 20:26:32 +03:00
```
```
gcloud compute firewall-rules create kubernetes-allow-healthz \
--allow tcp:8080 \
2016-07-09 02:43:29 +03:00
--network kubernetes \
2016-07-08 20:26:32 +03:00
--source-ranges 130.211.0.0/22
```
```
gcloud compute firewall-rules create kubernetes-allow-api-server \
2016-07-09 02:43:29 +03:00
--allow tcp:6443 \
2016-07-08 20:26:32 +03:00
--network kubernetes \
2016-07-09 02:43:29 +03:00
--source-ranges 0.0.0.0/0
2016-07-08 20:26:32 +03:00
```
```
gcloud compute firewall-rules list --filter "network=kubernetes"
```
```
NAME NETWORK SRC_RANGES RULES SRC_TAGS TARGET_TAGS
kubernetes-allow-api-server kubernetes 0.0.0.0/0 tcp:6443
kubernetes-allow-healthz kubernetes 130.211.0.0/22 tcp:8080
kubernetes-allow-icmp kubernetes 0.0.0.0/0 icmp
kubernetes-allow-internal kubernetes 10.240.0.0/24 tcp:0-65535,udp:0-65535,icmp
kubernetes-allow-rdp kubernetes 0.0.0.0/0 tcp:3389
kubernetes-allow-ssh kubernetes 0.0.0.0/0 tcp:22
```
2016-07-07 17:40:50 +03:00
## Create the Kubernetes Public IP Address
Create a public IP address that will be used by remote clients to connect to the Kubernetes control plane:
2016-07-07 17:15:59 +03:00
```
gcloud compute addresses create kubernetes
```
```
2016-07-08 20:26:32 +03:00
gcloud compute addresses list kubernetes
2016-07-07 17:40:50 +03:00
```
```
2016-07-08 20:26:32 +03:00
NAME REGION ADDRESS STATUS
kubernetes us-central1 XXX.XXX.XXX.XXX RESERVED
2016-07-07 17:15:59 +03:00
```
2016-07-07 17:40:50 +03:00
## Provision Virtual Machines
2016-07-07 17:44:07 +03:00
All the VMs in this lab will be provisioned using Ubuntu 16.04 mainly because it runs a newish Linux Kernel that has good support for Docker.
2016-07-07 17:40:50 +03:00
### etcd
2016-07-07 17:15:59 +03:00
```
gcloud compute instances create etcd0 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.10 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create etcd1 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.11 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create etcd2 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.12 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
2016-07-07 17:40:50 +03:00
### Kubernetes Controllers
2016-07-07 17:15:59 +03:00
```
gcloud compute instances create controller0 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.20 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create controller1 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.21 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create controller2 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.22 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
2016-07-07 17:40:50 +03:00
### Kubernetes Workers
2016-07-07 17:15:59 +03:00
```
gcloud compute instances create worker0 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.30 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create worker1 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.31 \
--subnet kubernetes
2016-07-07 17:15:59 +03:00
```
```
gcloud compute instances create worker2 \
--boot-disk-size 200GB \
--can-ip-forward \
--image ubuntu-1604-xenial-v20160627 \
2016-07-09 02:53:55 +03:00
--image-project ubuntu-os-cloud \
2016-07-07 17:15:59 +03:00
--machine-type n1-standard-1 \
2016-07-09 02:53:55 +03:00
--private-network-ip 10.240.0.32 \
--subnet kubernetes
2016-07-08 17:28:40 +03:00
```