Good day. For the past few months I have been trying to launch a kubernetes cluster for mutual torture and exploration. During this time, I read a large number of different articles, many of which were good, but completely inappropriate for a person who has not encountered kuber.
Disclaimer
In this article, I do not pursue the goal of telling "how to do it right", I want to tell you how to make it work and give people the opportunity to study further, and not go bald and gray before the prescribed age
Initially, I wanted to run a cluster on a dedicated server with hyper-v virtual machines, but I found out that "just starting the wizard and connecting the nodes" is not enough for a full-fledged cluster, you still need to install a network plugin, take care of Persistent volumes and, preferably, some kind of loadbalancer.
Further attempts led me to hetzner and rancher.
Why hetzner? They have one very significant advantage. Here is the price for a virtual server at hetzner:
And to its counterpart in Mail Cloud:
Yes, hetzner does not have managed databases, queues, s3 storage and other things, but what they already have is quite enough to get a working cluster, and everything else can be run in it, or on neighboring / dedicated servers (the physical server can be connected to a private network of virtual servers)
Rancher ( ) , , ui, .
, rancher hetzner cloud, , , .
, .
. Hetzner Cloud, , Networks, Create Network, 16 8, , .
Security -> API Tokens, Generate API Token, Read & Write:
, , :
, rancher. Servers Add Server. , Helsinki (, ). - Standart CX21 ( , ).
Network , . , ( rancher), Create & Buy now. , .
( A ) , .
ssh ( putty ssh ) rancher.
docker:
apt-get update
apt install -y docker.io
systemctl start docker
systemctl enable docker
rancher:
docker run -d --restart=unless-stopped \ -p 80:80 -p 443:443 \ -v /root/rancher:/var/lib/rancher \ --privileged \ --name rancher-server \ rancher/rancher:latest \ --acme-domain your.domain.com
your.domain.com , . , rancher ssl .
rancher docker
rancher (Single Node Using Docker) ,
. , , ,
, rancher .
hetzner. Tools > Drivers
Node Drivers Add Node Driver
:
linux_amd64 ( https://github.com/JonasProgrammer/docker-machine-driver-hetzner/releases/download/3.3.0/docker-machine-driver-hetzner_3.3.0_linux_amd64.tar.gz) "Download Url".
UI Custom UI URL ( https://storage.googleapis.com/hcloud-rancher-v2-ui-driver/component.js) "Custom UI URL"
White List storage.googleapis.com
Create, . .
( > Global), "Add Cluster". Hetzner,
( Cluster Name), Prefix , etc Control Pane, Add Node Template:
API Token Hetzner ( , ).
(, ), , (CP21 ). "Use private network" .
, Add Node Pool, , Worker, ( , , , ).
, Cluster Options, Kubernetes Options, ( , .. hetzner ), Network provider - Flannel, Cloud Provider - external, "Edit as YAML".
Edit as YAML , ,
rancher_kubernetes_engine_config:
...
rancher_kubernetes_engine_config:
...
addons: |-
---
apiVersion: v1
stringData:
token: <API Token>
network: <Network name>
kind: Secret
metadata:
name: hcloud
namespace: kube-system
---
apiVersion: v1
stringData:
token: <API Token>
kind: Secret
metadata:
name: hcloud-csi
namespace: kube-system
addons_include:
- https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/latest/download/ccm-networks.yaml
- https://raw.githubusercontent.com/hetznercloud/csi-driver/master/deploy/kubernetes/hcloud-csi.yml
...
<API Token> hetzner ( ), <Network name> , . Cloud Controller Manager Container Storage Interface driver. , kubernetes (CCM With Networks support)
- :
"Create" : rancher , . Cluster explorer ( ) . , kubernetes.
In the next article I will talk about deploying and installing applications via helm (for example, gitlab runner).
PS When creating the LoadBalancer service, it will not be able to start on its own, because you need to indicate the place of its physical location. To do this, go to Services, click the three points at the desired service> Edit Config> Labels & Annotations and add annotations
load-balancer.hetzner.cloud/location - datacenter
load-balancer.hetzner.cloud/use-private-ip true
PPS: It is stated here that this can be avoided by adding parameters to the default cluster variables, but I do not know how to do this.