Setting up

Now, let's start setting up the machines.

You'll need to run all of the commands here on a control plane node, and as root.

First, you'll need to set up SSH. Calico will be setting up your networking, so we'll use the IP address of your machine in order to get started with this process. Keep in mind that Kubernetes networking has three basic layers:

  • The containers and pods that run on your nodes, which are either virtual machines or hardware servers.
  • Services, which are an aggregation and abstraction layer that lets you use the various Kubernetes controllers to set up your applications and ensure that your pods are scheduled according to its availability needs.
  • Ingress, which allows traffic from outside of your cluster and are routed to the right container.

So, we need to set up Calico in order to deal with these different layers. You'll need to get your node's CIDR address, which we recommend being installed as Calico for this example.

You can find more information on the CNI network documentation at https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#pod-network.

You'll need to make sure that the SSH agent on the configuration machine has access to all of the other nodes in the cluster. Turn on the agent, and then add our identity to the session:

eval $(ssh-agent)
ssh-add ~/.ssh/id_rsa

You can test to make sure that this is working correctly by using the -A flag, which preserves your identity across an SSH tunnel. Once you're on another node, you can use the -E flag to preserve the environment:

sudo -E -s

Next, we'll need to put a load balancer from our cloud environment in front of the kube-apiserver. This will allow your cluster's API server remain reachable in the case of one of the machines going down or becoming unresponsive. For this example, you should use a TCP capable load balancer such as an Elastic Load Balancer (AWS), Azure Load Balancer (Azure), or a TCP/UDP Load Balancer (GCE).

Make sure that your load balancer is resolvable via DNS, and that you set a health check that listens on the kube-apiserver port at 6443. You can test the connection to the API server once the load balancer is in place with nc -v LB_DNS_NAME PORT. Once you have the cloud load balancer set up, make sure that all of the control plane nodes are added to it.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.223.203.134