Lab with Kubernetes and Traefik on Raspberry

Edmund Haselwanter | 22.04.2017 Cloud Native

Install then base OS

install the flash tool GitHub - hypriot/flash: Command line script to flash SD card images of any kind

1curl -O https://raw.githubusercontent.com/hypriot/flash/master/$(uname -s)/flash
2chmod +x flash
3sudo mv flash /usr/local/bin/flash

if you want a progress bar install pv and for downloading it is good to have wget

1brew install pv wget

get a version from Releases hypriot/image-builder-rpi GitHub

1wget https://github.com/hypriot/image-builder-rpi/releases/download/v1.2.1/hypriotos-rpi-v1.2.1.img.zip

1flash --hostname node01 hypriotos-rpi-v1.2.1.img.zip
2flash --hostname node02 hypriotos-rpi-v1.2.1.img.zip
3flash --hostname node03 hypriotos-rpi-v1.2.1.img.zip

1ssh pirate@black-pearl.local # password "hypriot"

You should ensure that the IP address of your devices do not change. Either configure DHCP to give out the same IP all the time, or edit /etc/network/interfaces.d/eth0, and change it from DHCP:

1iface eth0 inet dhcp

To a static IP config:

1iface eth0 inet static
2address your-static-ip
3gateway your-gateway-ip
4#google dns servers
5domain_name_servers=8.8.8.8, 8.8.4.4

Upgrade OS

Releases · hypriot/image-builder-rpi · GitHub

1$ sudo apt-get update
2$ sudo apt-get upgrade -y
3$ sudo reboot

Fix machine-id

/etc/machine-id the same on every installation · Issue #167 · hypriot/image-builder-rpi · GitHub

Run

1dbus-uuidgen > /etc/machine-id

Change Init

If you want to change e.g. hostname or do other things on init. The device-init tool reads the file /boot/device-init.yaml to initialize several settings while booting your device. GitHub - hypriot/device-init: Initialize a device on boot with user defined configuration

Install Kubernetes

Follow Installing Kubernetes on Linux with kubeadm Kubernetes

Basically (April/2017) do:

Become root on all your machines and run:

1apt-get update && apt-get install -y apt-transport-https
2curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
3cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
4deb http://apt.kubernetes.io/ kubernetes-xenial main
5EOF
6apt-get update
7# Install docker if you don't have it already.
8apt-get install -y docker-engine
9apt-get install -y kubelet kubeadm kubectl kubernetes-cni

Initialize the master:

1kubeadm init

Which should finish with something like:

 1Your Kubernetes master has initialized successfully!
 2
 3To start using your cluster, you need to run (as a regular user):
 4
 5  sudo cp /etc/kubernetes/admin.conf $HOME/
 6  sudo chown $(id -u):$(id -g) $HOME/admin.conf
 7  export KUBECONFIG=$HOME/admin.conf
 8
 9You should now deploy a pod network to the cluster.
10Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
11  http://kubernetes.io/docs/admin/addons/
12
13You can now join any number of machines by running the following on each node
14as root:
15
16  kubeadm join --token <token> <master-ip>:<master-port>

install a pod network. You have to choose a plugin for that. Integrating Kubernetes via the Addon - Weaveworks

1export KUBECONFIG=$HOME/admin.conf
2kubectl apply -f https://git.io/weave-kube-1.6

now join the remaining nodes

1$node2: kubeadm join --token <token> <master-ip>:<master-port>
2$node3: kubeadm join --token <token> <master-ip>:<master-port>

Test the cluster

Install a tiny service

1kubectl run hypriot --image=hypriot/rpi-busybox-httpd --replicas=3 --port=80

Expose the port to access it from now of your nodes

1kubectl expose deployment hypriot --port 80

Access the endpoints

1$ kubectl get endpoints hypriot
2NAME      ENDPOINTS                                AGE
3hypriot   10.32.0.3:80,10.32.0.4:80,10.40.0.1:80   1h

And test it with curl

 1HypriotOS/armv7: pirate@raspi-01 in ~
 2$ curl 10.32.0.3
 3<html>
 4<head><title>Pi armed with Docker by Hypriot</title>
 5  <body style="width: 100%; background-color: black;">
 6    <div id="main" style="margin: 100px auto 0 auto; width: 800px;">
 7      <img src="pi_armed_with_docker.webp" alt="pi armed with docker" style="width: 800px">
 8    </div>
 9  </body>
10</html>

Access it from the Outside - Ingress with Traefik

A good explanation on Kubernetes Ingress can be found here: Kubernetes Ingress – Jay Gorrell – Medium Since we use Kubernetes >= 1.6 with RBAC we need to do a little bit more then in the past. A starting point can be found here: https://doc.traefik.io/traefik/v1.7/user-guide/kubernetes/#role-based-access-control-configuration-kubernetes-16-only

Since we run Træfik on Kubernetes we must change the example to use a arm image.

1wget https://raw.githubusercontent.com/traefik/traefik/v1.7/examples/k8s/traefik-rbac.yaml

Find the line

1   - image: traefik

And change it to

1   - image: hypriot/rpi-traefik

apply the config

1kubectl apply -f traefik-with-rbac.yaml

And add an Ingress object:

 1$ cat > hypriot-ingress.yaml <<EOF
 2apiVersion: extensions/v1beta1
 3kind: Ingress
 4metadata:
 5  name: hypriot
 6spec:
 7  rules:
 8  - http:
 9      paths:
10      - path: /
11        backend:
12          serviceName: hypriot
13          servicePort: 80
14EOF

Now you should be able to access the hypriot deployment on the node were the loadbalancer got deployed

Deploy Kubernetes UI

Super simple:

1curl -sSL https://rawgit.com/kubernetes/dashboard/master/src/deploy/kubernetes-dashboard.yaml | sed "s/amd64/arm/g" | kubectl create -f -

Wait a little bit and run

1kubectl -n kube-system get service kubernetes-dashboard -o template --template="{{"{{ (index .spec.ports 0).nodePort "}}}}" | xargs echo

This will output the port were you can reach the k8s dashboard

Using Hostname Ingress with Traefik

A good writeup can be found here: Kubernetes - Træfɪk

 1$ cat > traefic-ui.yml <<EOF
 2apiVersion: v1
 3kind: Service
 4metadata:
 5  name: traefik-web-ui
 6  namespace: kube-system
 7spec:
 8  selector:
 9    k8s-app: traefik-ingress-lb
10  ports:
11  - port: 80
12    targetPort: 8081
13---
14apiVersion: extensions/v1beta1
15kind: Ingress
16metadata:
17  name: traefik-web-ui
18  namespace: kube-system
19spec:
20  rules:
21  - host: traefik-ui.example.com
22    http:
23      paths:
24      - backend:
25          serviceName: traefik-web-ui
26          servicePort: 80
27EOF

1kubectl apply -f traefic-ui.yml

Now either use your DNS server settings or an /etc/hosts setting to access the traffic UI

1echo "10.20.0.5 traefik-ui.example.com" | sudo tee -a /etc/hosts

1$ kubectl --namespace=kube-system get ingress
2NAME             HOSTS                               ADDRESS   PORTS     AGE
3traefik-web-ui   traefik-ui.example.com             80        1h

Go Back explore our courses

Agile Testing CI/CD Bootcamp

Run your tests on autopilot with CI/CD pipelines.

Terraform Foundations

Introduction to modern infrastructure provisioning.

Cloud Native Essentials

This is an introduction to Kubernetes, an open-source system for automating deployment, scaling, and management of containerized applications.

Matthias Theuermann | 14.11.2024 Devops

Understanding DevOps and Cloud Maturity Models: A Guide to Elevating Your IT Strategy

In today’s fast-paced technological landscape, DevOps and Cloud practices are integral to accelerating software delivery and optimizing cloud resources. But as

Martin Buchleitner | 04.11.2024 Devops, IAC

Efficient Testing Environments with Vagrant and Ansible: Simplifying Automation

Setting up consistent testing environments is essential for development, and Vagrant combined with Ansible is a powerful, flexible solution for automating this

Martin Buchleitner | 17.10.2024 Infrastructure as Code, Devops, HashiCorp, Packer, Vault, Mondoo

Github Action to Build Golden Images with HashiCorp Packer

In previous posts we have already shown multiple ways to use HashiCorp Packer to build Golden Images. In this post we will show how to automate the process with

Martin Buchleitner | 16.10.2024 Infrastructure as Code, Devops, HashiCorp, Consul

Automating DNS Updates from Kubernetes - HashiCorp Style

In dynamic Kubernetes environments, managing DNS records can be a challenge. As services scale, redeploy, or change IP addresses, ensuring that DNS records

Martin Buchleitner | 15.10.2024 Infrastructure as Code, Devops, HashiCorp, Consul, Nomad, Çonsul Connect', Traefik

Secure Communication between HashiCorp Nomad and Traefik with Consul Connect

In today's rapidly evolving cloud-native landscape, the need for efficient service orchestration, service discovery, and secure communication between services

We are here for you

You are interested in our courses or you simply have a question that needs answering? You can contact us at anytime! We will do our best to answer all your questions.