How to Install Kubernetes on Hidora: Production-Grade Container Orchestration
Nowadays, Kubernetes is one of the most interesting technologies in the DevOps world.
Recently, it became very popular because Kubernetes gives answers to the most important questions like how to quickly deploy, update and scale the modules and services of the application in the cloud, effectively using all the computing power available.
Kubernetes (K8s) is an open source platform. This platform allows you to automate operations with containers – running, scaling, managing containerized applications, and so on.
It goes further, compared to standard Docker containers and groups containers of the same micro-service in logical units (Pods, Deployments, StatefulSets, etc), which makes it easy to manage, discover and scale applications. Kubernetes can help you save plenty of your time.
Kubernetes was originally developed by Google. Google has been using container technology for more than fifteen years to manage its gigantic infrastructure of millions of containers.
Automatic health checking and healing of your applications
Kubernetes has built-in support for health checks and automatically replaces unhealthy nodes of your applications. It means that you can make your application fault-tolerant and almost unbreakable.
Kubernetes uses a concept of deployment manifests that look and behave the same way when you run them locally, on bare metal or any cloud. It means that you can achieve a great level of standardization and application portability.
Kubernetes manages containers’ resources and scales them hassle-free automatically based on actual needs. It can run effectively both tens and thousands of containers.
Benefits of running Kubernetes on Hidora
Traditionally, Kubernetes is running on top of bare metal nodes or virtual machines. Although this approach is simple, it has some disadvantages: bad granularity and lack of vertical scaling of Kubernetes nodes.
It means that you can use only the whole capacity of a bare metal machine or VM, and fully pay for it even if you utilize only 10 % of its capacity.
In contrast to traditional Kubernetes deployment, Hidora offers a unique option: it allows you to run Kubernetes nodes inside containers. Due to this fact, your Kubernetes nodes can scale dynamically up and down, and, moreover, you pay only for resources you are currently using.
How it works: you define the minimum and maximum size for your Kubernetes nodes and number of nodes. Then you deploy your Kubernetes apps into the Kubernetes cluster and Hidora will manage K8S nodes scaling, adding more resources (RAM and CPU) if needed and removing unused resources from particular nodes.
This unique feature may reduce your Kubernetes hosting bill by 2x-3x compared to VM-based public cloud.
Another benefit is that installation of Kubernetes cluster on Hidora is fully automated, so you don’t need to spend days installing and configuring it.
Kubernetes architecture on Hidora
Each Kubernetes cluster on Hidora has at least one master and a node. For high availability, it is recommended having 3 masters and at least two nodes. Kubernetes masters are shipped with etcd database that is used to store all configuration of all Kubernetes objects.
If you have 3 masters, etcd nodes will form a cluster topology, which is important for high availability and resilient storage. We install Weave as a network plugin that allows you using Ingress network policy and protect your Kubernetes applications using a virtual firewall.
Although there are several ways to access your application from the external world such as NodePort, ClusterIP and LoadBalancer, we recommend using Ingress, because it is the most flexible way.
Using Ingress you can enable DNS-based and path-based load balancing for your Kubernetes apps. We preinstall Traefik Ingress Controller for that.
Among other useful add-ons are Kubernetes Dashboard for simple management through UI and Heapster as a built-in monitoring solution. We also enable RBAC to ensure your clusters are properly secured.
Lastly, you can use dynamic provisioning of persistent volumes based on storage classes thanks to Hidora’s storage provisioner.
Summing up, Hidora’s Kubernetes package includes the following list of pre-installed components:
- CNI plugin (powered by Weave) for overlay network support;
- Traefik ingress control for transferring HTTP/HTTPS requests;
- HELM package manager to auto-install pre-packed solutions from repositories; CoreDNS for internal names resolution;
- Dynamic provisioner of persistent volumes;
- Heapster for gathering stats;
- Hidora SSL for protecting ingress network;
- Kubernetes Dashboard.
How to install Kubernetes on Hidora?
Perform the deployment of Kubernetes just in a few steps using Hidora’s marketplace.
Log in app.hidora.com and open the marketplace. Find Kubernetes Cluster application and click Install button.
Choose the number of Workers and if you want a storage node.
Wait for several minutes and your environment will be created.
You will receive an email with the Kubernetes UI URL and the Access Token.
It has several ways to drive the Kubernetes cluster: UI, Kubectl & REST API.
In this document, I will show you how to connect to the Kubernetes Cluster with Kubectl and then deploy a WordPress and MySQL cluster with Persistent Volumes.
Kubectl is a command line interface for running commands against Kubernetes clusters.
The easy way to use kubectl on Hidora is to SSH to the master node.
If you have not done so already, import your SSH public key to your Hidora account: https://docs.jelastic.com/ssh-add-key
Then connect to the gateway: ssh “user-id”@gate.hidora.com -p 3022
Choose your Kubernetes environment and the master node
Once you are connected on your master node, test the kubectl CLI
$ kubectl cluster-info
You can also use kubectl from your local machine.
For that, install kubectl binary: https://kubernetes.io/docs/tasks/tools/install-kubectl/
For example, for a Linux platform :
$ curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl $ chmod +x ./kubectl $ sudo mv ./kubectl /usr/local/bin/kubectl
And then, copy/paste the content of the .kube/config file from the master node to your local .kube/config file modifying the server IP by the public IP of the master node.
You have now to regenerate the certificate with the public IP.
On the master node run the following commands :
$ rm /etc/kubernetes/pki/apiserver.* $ kubeadm init phase certs all --apiserver-advertise-address=0.0.0.0 --apiserver-cert-extra-sans=”Public-IP”,”Private-IP” $ docker rm -f `docker ps -q -f 'name=k8s_kube-apiserver*'` $ systemctl restart kubelet
From your local machine, run the following command to test your config :
$ kubectl cluster-info
The kubectl binary of your local machine is now ready to drive your Hidora K8s cluster.
Deploying WordPress and MySQL with Persistent Volumes on your Hidora K8s cluster
Let’s go through the process of a WordPress site and MySQL database deployment on your Hidora K8s cluster. To store data both apps use PersistentVolumes and PersistentVolumeClaims.
Create a Secret to store MySQL Password
Use the following command to create a secret for MySQL password (don’t forget to change YOUR_PASSWORD to the actual password):
$ kubectl create secret generic mysql-pass --from-literal=password=YOUR_PASSWORD
$ kubectl create -f https://k8s.io/examples/application/wordpress/mysql-deployment.yaml
Check that the MySQL Pod is running by executing the following command :
$ kubectl get pods -w
The response should be like this:
NAME READY STATUS RESTARTS AGE wordpress-mysql-1894417608-x5dzt 1/1 Running 0 40s
$ kubectl create -f https://k8s.io/examples/application/wordpress/wordpress-deployment.yaml
Retrieve the NodePort from the service with this command:
$ kubectl get services wordpress -w
The response should be like this:
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE wordpress ClusterIP 10.0.0.89 <pending> 80:32406/TCP 4m
You can now access to your site by entering the master’s public IP and the NodePort. In my example, it looks like this: http://220.127.116.11:32406
Here we go, you should see the standard WordPress setup page and then proceed through WordPress configuration wizard.