Installation of Kubernetes in Production

Kubernetes, often abbreviated as K8s, is a powerful container orchestration platform that simplifies containerized applications' deployment, scaling, and management in a production environment. Nowadays most organizations are moving towards managed service but that doesn't give you control over infrastructure. In some critical Business cases like FinTech BFSI industries or government applications where the environment is hybrid or On-premises. Deploying Kubernetes in a production setting requires careful planning and adherence to best practices to ensure reliability, scalability, and security. Here's an overview of the steps involved in installing Kubernetes in a production environment:

1. Planning:

• Infrastructure Design: Determine the number of nodes, their roles (master or worker), and the overall network architecture.
• Resource Requirements: Assess the resource needs for your applications and allocate sufficient resources to nodes.
• High Availability: Plan for high availability by distributing master components across multiple nodes.

2. Container Runtime:

• Choose a container runtime compatible with Kubernetes, such as Docker or Containerd.
• Could you make sure the selected container runtime is properly installed and configured on all nodes?

3. Cluster Initialization:

• Utilize a tool like kubeadm, kops, or an enterprise solution for initializing the Kubernetes cluster.
• Initialize the master node, configure networking, and deploy the initial control plane components.

4. Networking:

• Select a networking solution that meets your requirements. Options include Calico, Flannel, or others.
• Configure network policies to control communication between pods.

5. Security:

• Implement security best practices, including RBAC (Role-Based Access Control) and PodSecurityPolicies.
• Use secrets and ConfigMaps to manage sensitive information securely.
• Integrate with identity providers for authentication and authorization.

6. Storage:

• Choose a storage solution based on your needs (local storage, NFS, or cloud-native solutions like AWS EBS).
• Implement storage classes and persistent volumes for stateful applications.

7. Monitoring and Logging:

• Deploy monitoring tools like ELK or EFK Stack, Prometheus, and Grafana to track cluster performance.
• Set up centralized logging with tools such as Elasticsearch, Fluentd, and Kibana (EFK).

8. High Availability and Scaling:

• Configure multi-master setup for high availability.
• Implement horizontal pod autoscaling based on resource metrics.

9. Upgrades and Maintenance:

• Develop a strategy for Kubernetes upgrades, considering backward compatibility.
• Perform routine maintenance tasks, such as node updates and security patches.

10. Backup and Disaster Recovery:

• Establish a backup strategy for essential cluster data.
• Test and document disaster recovery procedures.

11. Integration with CI/CD:

• Integrate Kubernetes with your CI/CD pipeline for automated application deployments.
• Leverage tools like Helm for managing Kubernetes applications and releases.

12. Documentation and Training:

• Maintain comprehensive documentation for the entire Kubernetes environment.
• Provide training for the operations team on managing and troubleshooting Kubernetes.

Installing Kubernetes in a production environment is a complex but rewarding endeavor. Following best practices we are implementing for the demo. Regularly assessing and optimizing your setup to adapt to the evolving needs of your applications and users is the key to success.

Let's Install K8s on the Production environment

I use Amazon Web Services (AWS) EC2 general-purpose instances of t2.xlarge (4 Core CPU and 16 GB RAM). OS: AWS Linux2 Kernal version 5.10 hvm I used three instances one is master, and two are worker nodes.

Step 1: Spin up AWS EC2 instances

Step 2: Connect every instance by SSH

Step 3: Installation of container runtime in all three instances

# swtich user to root
sudo su -

yum install docker -y        

Starting docker service

systemctl start docker        

Step 4: Enabling permissive mode to install Kubernetes

As AWS Linux is based on Redhat and follows SELinux we have to give certain permission.

# Set SELinux in permissive mode (effectively disabling it)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config        

It helps containers to allow access to host filesystems.

Step 5: Adding Kubernetes repository to yum package manager

# This overwrites any existing configuration in /etc/yum.repos.d/kubernetes.repo
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF        

To check repository has been added or not

$ yum repolist        

Step 6: Installation of kubelet, kubeadm, and kubectl

sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes        

Step 7: Enable the kubelet service before running kubeadm

sudo systemctl enable --now kubelet        

Creating the Kubernetes Cluster

Step 1: Initialization of cluster

kubeadm init        

To access the cluster as a regular user we need to execute the following commands

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config        

For root user

 export KUBECONFIG=/etc/kubernetes/admin.conf        

Let's fire Kubectl commands

Wait Wait Wait!!!

It's not your end game!

Simply go to AWS EC2 into the security group and enable all traffic to port 6443

Save the rules that's it

Let's make the Cluster

To connect master nodes to worker nodes execute the following command into those worker nodes (the token and certificate will be changed don't copy it)

kubeadm join 172.31.39.197:6443 --token tc202o.tz0vcoxnfyob5y78 \
	--discovery-token-ca-cert-hash sha256:97f09b9654d6f71ccde527f9c318a4c4e2ca960aab5c8025168cc78994bf857b         

Installation of Calico Operator

For communication with pods and nodes, we need to establish the network for that we are using the calico operator to Create the Network.

Step 1: Install the Tigera Calico operator and custom resource definitions.

kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.2/manifests/tigera-operator.yaml        

Step 2: Install Calico by creating the necessary custom resource. For more information on configuration options available in this manifest.

kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.2/manifests/custom-resources.yaml        

(only for single node cluster)

Step 3: Remove the taints on the control plane so that you can schedule pods on it

kubectl taint nodes --all node-role.kubernetes.io/control-plane-
kubectl taint nodes --all node-role.kubernetes.io/master-        

Confirm that you have a node in your cluster with the following command.

kubectl get nodes -o wide        

kubectl get pods -A        

Congratulations you finally configured and installed Kubernetes on the production cluster.

References

• https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
• https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart