820fd2e74c
gcloud --version Google Cloud SDK 154.0.1 app-engine-python 1.9.52 bq 2.0.24 cloud-datastore-emulator 1.2.1 core 2017.05.04 docker-credential-gcr gcloud gsutil 4.25 kubectl $ for host in worker0 worker1 worker2; do > gcloud compute scp ca.pem kube-proxy.pem kube-proxy-key.pem ${host}:~/ > done ERROR: (gcloud.compute) Invalid choice: 'scp'. for host in worker0 worker1 worker2; do gcloud compute copy-files ca.pem kube-proxy.pem kube-proxy-key.pem ${host}:~/; done Warning: Permanently added 'compute.6461459711323000154' (ECDSA) to the list of known hosts. ca.pem 100% 1367 1.3KB/s 00:00 kube-proxy.pem 100% 1428 1.4KB/s 00:00 kube-proxy-key.pem 100% 1679 1.6KB/s 00:00 Warning: Permanently added 'compute.601335813592567078' (ECDSA) to the list of known hosts. ca.pem 100% 1367 1.3KB/s 00:00 kube-proxy.pem 100% 1428 1.4KB/s 00:00 kube-proxy-key.pem 100% 1679 1.6KB/s 00:00 Warning: Permanently added 'compute.1617219287039593734' (ECDSA) to the list of known hosts. ca.pem 100% 1367 1.3KB/s 00:00 kube-proxy.pem 100% 1428 1.4KB/s 00:00 kube-proxy-key.pem 100% 1679 1.6KB/s 00:00 |
||
---|---|---|
deployments | ||
docs | ||
services | ||
LICENSE | ||
README.md |
README.md
Kubernetes The Hard Way
This tutorial will walk you through setting up Kubernetes the hard way. This guide is not for people looking for a fully automated command to bring up a Kubernetes cluster. If that's you then check out Google Container Engine, or the Getting Started Guides.
This tutorial is optimized for learning, which means taking the long route to help people understand each task required to bootstrap a Kubernetes cluster. This tutorial requires access to Google Compute Engine.
The results of this tutorial should not be viewed as production ready, and may receive limited support from the community, but don't let that prevent you from learning!
Target Audience
The target audience for this tutorial is someone planning to support a production Kubernetes cluster and wants to understand how everything fits together. After completing this tutorial I encourage you to automate away the manual steps presented in this guide.
Cluster Details
- Kubernetes 1.6.0
- Docker 1.12.6
- etcd 3.1.4
- CNI Based Networking
- Secure communication between all components (etcd, control plane, workers)
- Default Service Account and Secrets
- RBAC authorization enabled
- TLS client certificate bootstrapping for kubelets
- DNS add-on
What's Missing
The resulting cluster will be missing the following features:
- Cloud Provider Integration
- Logging
- Cluster add-ons
Labs
This tutorial assumes you have access to Google Cloud Platform and the Google Cloud SDK(148.0.0+). While GCP is used for basic infrastructure needs the things learned in this tutorial can be applied to every platform.
- Cloud Infrastructure Provisioning
- Setting up a CA and TLS Cert Generation
- Setting up TLS Client Bootstrap and RBAC Authentication
- Bootstrapping a H/A etcd cluster
- Bootstrapping a H/A Kubernetes Control Plane
- Bootstrapping Kubernetes Workers
- Configuring the Kubernetes Client - Remote Access
- Managing the Container Network Routes
- Deploying the Cluster DNS Add-on
- Smoke Test
- Cleaning Up