This project draws inspiration and closely follows kubernetes-the-hard-way. The entire repository has been modified to align with my implementation and understanding of each concept.
The goal of this project is to bootstrap a Kubernetes cluster locally on our machine using Vagrant and VirtualBox. It offers an extensive learning experience by taking the long route to ensure understanding of every task required to establish a Kubernetes cluster.
The project focuses on minute details; missing even one tiny step along the way can lead to issues.
Always execute the
cert_verifyscript where it's suggested, and ensure that you are on the correct node when performing actions. Ifcert_verifydisplays anything in red, it indicates an error in a previous step. For master node checks, run the check on bothmaster-1andmaster-2
This project bootstraps a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.
- Kubernetes 1.24.3
- Container Runtime 1.5.9
- CNI Container Networking 0.8.6
- Weave Networking
- etcd v3.5.3
- CoreDNS v1.9.4
We will build the following components:
- Two control plane nodes (
master-1andmaster-2) running control plane components as operating system services. - Two worker nodes (
worker-1andworker-2). - One
loadbalancerVM running HAProxy to balance requests between the two API servers.
- Prerequisites
- Provisioning Compute Resources
- Installing the Client Tools
- Provisioning the CA and Generating TLS Certificates
- Generating Kubernetes Configuration Files for Authentication
- Generating the Data Encryption Config and Key
- Bootstrapping the etcd Cluster
- Bootstrapping the Kubernetes Control Plane
- Installing CRI on Worker Nodes
- Bootstrapping the Kubernetes Worker Nodes
- TLS Bootstrapping the Kubernetes Worker Nodes
- Configuring kubectl for Remote Access
- Deploy Weave - Pod Networking Solution
- Kube API Server to Kubelet Configuration
- Deploying the DNS Cluster Add-on
- Smoke Test
- E2E Test
- Extra - Certificate Verification