It’s time! Time to migrate my cluster to something even more exciting! I’ve got a couple new nodes, I’ve got some motivation, and some time on my hands!
Following the k8s@home template cluster, I’m going to be migrating my cluster to a public format so that it’s viewable online, and also secure!
We’ll be migrating my app deployments from my personal cluster, which I had running on a Hades Canyon NUC, to 3 nodes:
- Dell PowerEdge R720 (Worker Node)
- Cisco UCS C220 M3 (Worker Node)
- Hades Canyon NUC (Control Node)
I’ll be adding content from the k8s@Home readme below for their template cluster, so you can see what we’ll be doing! I’ll be following this initially to a T, so this is accurate!
- One or more nodes with a fresh install of Ubuntu Server 20.04. These nodes can be bare metal or VMs.
- A Cloudflare account with a domain, this will be managed by Terraform.
- Some experience in debugging problems and a positive attitude ;)
📍 You should install the below CLI tools on your workstation. Make sure you pull in the latest versions.
|ansible||Preparing Ubuntu for Kubernetes and installing k3s|
|direnv||Exports env vars based on present working directory|
|flux||Operator that manages your k8s cluster based on your Git repository|
|age||A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.|
|go-task||A task runner / simpler Make alternative written in Go|
|ipcalc||Used to verify settings in the configure script|
|jq||Used to verify settings in the configure script|
|kubectl||Allows you to run commands against Kubernetes clusters|
|sops||Encrypts k8s secrets with Age|
|terraform||Prepare a Cloudflare domain to be used with the cluster|
|helm||Manage Kubernetes applications|
|kustomize||Template-free way to customize application configuration|
|pre-commit||Runs checks pre |
|gitleaks||Scan git repos (or files) for secrets|
|prettier||Prettier is an opinionated code formatter.|
It is advisable to install pre-commit and the pre-commit hooks that come with this repository. sops-pre-commit and gitleaks will check to make sure you are not by accident committing your secrets un-encrypted.
After pre-commit is installed on your machine run:
Remember to run this on each new clone of the repository for it to have effect.
Commands are of interest, for learning purposes:
This command makes it so pre-commit runs on
git commit, and also installs environments per the config file.
pre-commit install --install-hooks
This command checks for new versions of hooks, though it will occasionally make mistakes, so verify its results.
For the rest of the initial setup, I’m following the README.md on k8s@home’s Template Cluster. Feel free to follow along!
The next post will be about my infrastructure-specific setup, as well as getting everything up and running!
2022-01-24 00:00 (Last updated: 2022-02-09 03:53)
4aaaf1b @ 2022-02-09