In this article I will show how to enable SSH connections into a Kubernetes pod.
This tutorial guides you through the installation of a Kubernetes cluster accessible over the internet. The cluster will have a unique master & slave node that manages the cluster and runs the workload.
This guide will also cover the deployment of a basic Hello World application on an HTTPS endpoint.
Resources are accessible in this repo.
imageUbuntu 20.04 VPS
certificate issuerLet's Encrypt
- SSH knowledge
- A domain name
Get a VPS
It is recommended to execute the following commands on a freshly deployed VPS.
Set up a Ubuntu 20.04 image on your favorite cloud provider.
Set up your SSH keys so you can connect to your server over SSH.
Once your server is fired up. Get its IP address.
The IP address will, from now on, be referred as $VPS_IP.
# connect to your VPS as root ssh root@$VPS_IP
Set the cluster up
Once you are connected to your server, execute this command:
curl -L https://raw.githubusercontent.com/lapwat/cluster/main/setup.sh | sh
This command does several things:
- update your system
- install Docker, Kubernetes and Helm on the server
- start the cluster
- install Cilium, Nginx and Jetstack on the cluster
Your Kubernetes cluster is now running.
Test the installation
Kubernetes client lets you control your cluster from any machine connected to the internet. Make sure you have kubectl installed on your local machine then open a new terminal.
# copy the configuration of the cluster scp root@$VPS_IP:/root/.kube/config $HOME/.kube/config kubectl get nodes # NAME STATUS ROLES AGE VERSION # ubuntu-hitman Ready control-plane,master 3m50 v1.21.0 kubectl get svc # NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE # ingress-nginx-controller LoadBalancer XX.XXX.XX.XXX $VPS_IP 80:31327/TCP,443:30931/TCP 3m20s # ingress-nginx-controller-admission ClusterIP XX.XXX.XXX.XXX <none> 443/TCP 3m20s # kubernetes ClusterIP XX.XX.X.X <none> 443/TCP 4m26s
Though we have not defined any route yet, queries from the Internet are correctly processed by Nginx.
curl $VPS_IP # <html> # <head><title>404 Not Found</title></head> # <body> # <center><h1>404 Not Found</h1></center> # <hr><center>nginx</center> # </body> # </html>
Deploy an application on an HTTPS endpoint
Install Let's Encrypt
Install Let's Encrypt to issue trusted HTTPS certificate to your cluster.
Edit your email address when the editor shows up.
kubectl create --edit -f https://raw.githubusercontent.com/lapwat/cluster/main/letsencrypt-issuer.yaml
Deploy a dummy service
kubectl create -f https://raw.githubusercontent.com/lapwat/cluster/main/hello-service.yaml
Configure its HTTPS route
Edit the 2 lines with your subdomain when the editor shows up.
kubectl create --edit -f https://raw.githubusercontent.com/lapwat/cluster/main/ingress.yaml
Test the route
Configure your DNS to point to the subdomain specified above. Then you can check that the service is accessible through an encrypted endpoint.
curl https://subdomain.domain.com # Hello World!