How to Setup a Kubernetes Cluster on Your Vps

This tutorial guides you through the installation of a Kubernetes cluster accessible over the internet. The cluster will have a unique master & slave node that manages the cluster and runs the workload.

This guide will also cover the deployment of a basic Hello World application on an HTTPS endpoint.

Resources are accessible in this repo.

Stack:

• image Ubuntu 20.04 VPS
• container runtime Docker
• orchestrator Kubernetes
• networking model Cilium
• reverse proxy Nginx
• certificate manager Jetstack
• certificate issuer Let’s Encrypt

Prerequisites:

• SSH knowledge
• A domain name

It is recommended to execute the following commands on a freshly deployed VPS.

Set up a Ubuntu 20.04 image on your favorite cloud provider.

Set up your SSH keys so you can connect to your server over SSH.

Once your server is fired up. Get its IP address.

The IP address will, from now on, be referred as $VPS_IP.

# connect to your VPS as root
ssh root@$VPS_IP

Once you are connected to your server, execute this command:

curl -L https://raw.githubusercontent.com/lapwat/cluster/main/setup.sh | sh

This command does several things:

• update your system
• install Docker, Kubernetes and Helm on the server
• start the cluster
• install Cilium, Nginx and Jetstack on the cluster

Your Kubernetes cluster is now running.

Kubernetes client lets you control your cluster from any machine connected to the internet. Make sure you have kubectl installed on your local machine then open a new terminal.

# copy the configuration of the cluster
scp root@$VPS_IP:/root/.kube/config $HOME/.kube/config

kubectl get nodes
# NAME            STATUS   ROLES                  AGE    VERSION
# ubuntu-hitman   Ready    control-plane,master   3m50   v1.21.0

kubectl get svc
# NAME                                 TYPE           CLUSTER-IP       EXTERNAL-IP     PORT(S)                      AGE
# ingress-nginx-controller             LoadBalancer   XX.XXX.XX.XXX    $VPS_IP         80:31327/TCP,443:30931/TCP   3m20s
# ingress-nginx-controller-admission   ClusterIP      XX.XXX.XXX.XXX   <none>          443/TCP                      3m20s
# kubernetes                           ClusterIP      XX.XX.X.X        <none>          443/TCP                      4m26s

Though we have not defined any route yet, queries from the Internet are correctly processed by Nginx.

curl $VPS_IP
# <html>
# <head><title>404 Not Found</title></head>
# <body>
# <center><h1>404 Not Found</h1></center>
# <hr><center>nginx</center>
# </body>
# </html>

Install Let’s Encrypt

Install Let’s Encrypt to issue trusted HTTPS certificate to your cluster.

Edit your email address when the editor shows up.

kubectl create --edit -f https://raw.githubusercontent.com/lapwat/cluster/main/letsencrypt-issuer.yaml

Deploy a dummy service

kubectl create -f https://raw.githubusercontent.com/lapwat/cluster/main/hello-service.yaml

Configure its HTTPS route

Edit the 2 lines with your subdomain when the editor shows up.

kubectl create --edit -f https://raw.githubusercontent.com/lapwat/cluster/main/ingress.yaml

Configure your DNS to point to the subdomain specified above. Then you can check that the service is accessible through an encrypted endpoint.

curl https://subdomain.domain.com
# Hello World!