Difference between revisions of "Initializing the Kubernetes cluster"

From Collective Computational Unit
Jump to navigation Jump to search
m (Authentication systems)
m
Line 1: Line 1:
 +
== Master node from scratch ==
 +
 +
* Install Kubernetes on Ubuntu 18.04. Assuming version 1.14.2 is pulled, check how to fix version.
 +
 +
<syntaxhighlight lang="bash">
 +
> sudo snap install kubeadm --classic
 +
> sudo snap install kubelet --classic
 +
> sudo snap install kubectl --classic
 +
> sudo apt install rand faketime
 +
</syntaxhighlight>
 +
 +
* Create cluster configuration scripts.
 +
<syntaxhighlight lang="bash">
 +
> cd init/templates
 +
# edit cluster information in the following config file
 +
> nano make_init_config.sh
 +
> touch /home/kubernetes/.rnd
 +
> ./make_init_config.sh
 +
</syntaxhighlight>
 +
 +
* Spin up the master node.
 +
 +
* Flannel daemonset (node communication)
 +
 +
* nVidia daemonset
 +
 +
* Update kubelet configuration for master node
 +
 +
 +
 +
 +
  
  
Line 5: Line 37:
  
 
=== DEX with LDAP ===
 
=== DEX with LDAP ===
 +
 +
TODO: outdated, switched to containerized DEX. Check what still needs to be done.
  
 
Set up according to [https://github.com/krishnapmv/k8s-ldap this tutorial]
 
Set up according to [https://github.com/krishnapmv/k8s-ldap this tutorial]

Revision as of 20:05, 11 June 2019

Master node from scratch

  • Install Kubernetes on Ubuntu 18.04. Assuming version 1.14.2 is pulled, check how to fix version.
> sudo snap install kubeadm --classic
> sudo snap install kubelet --classic
> sudo snap install kubectl --classic
> sudo apt install rand faketime
  • Create cluster configuration scripts.
> cd init/templates
# edit cluster information in the following config file
> nano make_init_config.sh
> touch /home/kubernetes/.rnd
> ./make_init_config.sh
  • Spin up the master node.
  • Flannel daemonset (node communication)
  • nVidia daemonset
  • Update kubelet configuration for master node





Authentication systems

DEX with LDAP

TODO: outdated, switched to containerized DEX. Check what still needs to be done.

Set up according to this tutorial with customized install scripts in kubernetes/init/dex/

  1. Create secrets for TLS connections, use certs for ccu.uni-konstanz.de
    1. Modify ca-cm.yml to contain correct ca.
    2. Run upload_ccu_tls.sh
  2. Spin up login application service.
    1. Modify loginapp-cm.yml: server config
    2. Modify loginapp-ing-srv.yml: service data, mapping of ports to outside world
    3. Modify loginapp-deploy.yml: ID secret for TLS
    4. Run start-login-service.sh
  3. Spin up dex
    1. Modify dex-cm.yml: server data and LDAP configuration
    2. Modify dex-ing-srv.yml: service data, mapping of ports to outside world
    3. Modify dex-deploy.yml: ID secret for TLS
    4. Run start-dex-service.sh