Kubernetes Build: Difference between revisions

From Wizard Rants
Jump to navigation Jump to search
← Older edit
VisualWikitext
adding MAC addresses
JohnNorthrup (talk | contribs)
administrator, Bureaucrats, home_assistant, interface administrator, interface administrators, Interface administrators, Administrators, wiki
68 edits
mNo edit summary
 
(8 intermediate revisions by one other user not shown)
Line 1: Line 1:
===Physical Build Out===
Information about home Kubernetes build.
 
==Physical Build Out==
 
===Networking===
The network design for this installation is one of high segmentation and access control. The [[Kubernetes Network|network]] design and [[Kubernetes Network Firewall|firewall rules.]]
 
==='''Physical Information'''===
 
Power Strip 10.1.2.8
maas / saam
 
Memory Configuration XMP 3200MHz Profile w/ 1.35V
 
CAS 16-18-18-36
 
Overcommit Ratio on KVM: CPU 3 / Memory 4
 


'''Physical Information'''
{| class="wikitable"
{| class="wikitable"
|+Network Layout
|+Network Layout
Line 16: Line 32:
|10.1.3.0/24
|10.1.3.0/24
|-
|-
|NLB East
|NLB West World
|10
|10
|10.1.10.0/24
|10.1.10.0/24
|-
|-
|NLB West
|NLB Shogun World
|11
|11
|10.1.11.0/24
|10.1.11.0/24
|-
|-
|K8S Edge East
|K8S Edge Westworld
|15
|15
|10.1.15.0/24
|10.1.15.0/24
|-
|-
|K8S Edge West
|K8S Edge Shogunworld
|16
|16
|10.1.16.0/24
|10.1.16.0/24
|-
|-
|K8S Masters East
|K8S Masters Westworld
|20
|20
|10.1.20.0/24
|10.1.20.0/24
|-
|-
|K8S Masters West
|K8S Masters Shogunworld
|21
|21
|10.1.21.0/24
|10.1.21.0/24
|-
|-
|K8S Nodes East
|K8S Nodes Westworld
|30
|30
|10.1.30.0/24
|10.1.30.0/24
|-
|-
|K8S Nodes West
|K8S Nodes Shogunworld
|31
|31
|10.1.31.0.24
|10.1.31.0.24
Line 52: Line 68:
!Node Name
!Node Name
!MAC Address
!MAC Address
!IP Address
|-
|-
|j
|j
|7085.c2d3.0d36
|7085.c2d3.0d36
|
|-
|-
|a
|a
|7085.c2d1.7efc
|7085.c2d1.7efc
|
|-
|-
|r
|r
|7085.c2d4.7fab
|7085.c2d4.7fab
|
|-
|-
|v
|v
|7085.c2d3.0b93
|7085.c2d3.0b93
|
|-
|-
|I
|i
|7085.c2d3.0d4a
|7085.c2d3.0d4a
|
|-
|-
|s
|s
|7085.c2d3.1053
|7085.c2d3.1053
|
|}
|}
'''Kubernetes Network'''<br>Pod Network CIDR 10.60.0.0/16
'''Kubernetes Network'''<br>Pod Network CIDR 10.60.0.0/16
Line 83: Line 92:
{| class="wikitable sortable"
{| class="wikitable sortable"
|-
|-
!Physical Node!!US Node Name!!EU Node Name!!Etcd Node!!NLB Node
!Physical Node!!Westworld Node Name!!Shogunworld Node Name!!Etcd Node!!NLB Node
|-
|-
|j||us-ctrl-01||eu-wrk-01||eu-etcd-01||us-nlb-01
|j||ww-ctrl-01||sw-wrk-01||sw-etcd-01||ww-nlb-01
|-
|-
|a||us-ctrl-02||eu-wrk-02||eu-etcd-02||us-nlb-02
|a||ww-ctrl-02||sw-wrk-02||sw-etcd-02||ww-nlb-02
|-
|-
|r||us-wrk-01||eu-wrk-03||eu-etcd-03||us-nlb-03
|r||ww-wrk-01||sw-wrk-03||sw-etcd-03||ww-nlb-03
|-
|-
|v||us-wrk-02||eu-wrk-04||us-etcd-01||eu-nlb-01
|v||ww-wrk-02||sw-wrk-04||ww-etcd-01||sw-nlb-01
|-
|-
|i||us-wrk-03||eu-ctrl-01||us-etcd-02||eu-nlb-02
|i||ww-wrk-03||sw-ctrl-01||ww-etcd-02||sw-nlb-02
|-
|-
|s||us-wrk-04||eu-ctrl-02||us-etcd-03||eu-nlb-03
|s||ww-wrk-04||sw-ctrl-02||ww-etcd-03||sw-nlb-03
|}
|}


====HA Config for Etcd & K8S Masters====
====HA Config for Etcd & K8S Masters====
Two virtual IP addresses, 10.1.10.5 and 10.1.10.6, are shared between us-nlb-01 and us-nlb-02.
Two virtual IP addresses, 10.1.10.5 and 10.1.10.6, are shared between ww-nlb-01 and ww-nlb-02.


[[K8S HAProxy Configuration|HAProxy Configuration]]
[[K8S HAProxy Configuration|HAProxy Configuration]]

Latest revision as of 15:45, 13 August 2023

Information about home Kubernetes build.

Physical Build Out

Networking

The network design for this installation is one of high segmentation and access control. The network design and firewall rules.

Physical Information

Power Strip 10.1.2.8 maas / saam

Memory Configuration XMP 3200MHz Profile w/ 1.35V

CAS 16-18-18-36

Overcommit Ratio on KVM: CPU 3 / Memory 4


Network Layout
VLAN Name VLAN ID Network
Management 2 10.1.2.0/24
Physical Nodes 3 10.1.3.0/24
NLB West World 10 10.1.10.0/24
NLB Shogun World 11 10.1.11.0/24
K8S Edge Westworld 15 10.1.15.0/24
K8S Edge Shogunworld 16 10.1.16.0/24
K8S Masters Westworld 20 10.1.20.0/24
K8S Masters Shogunworld 21 10.1.21.0/24
K8S Nodes Westworld 30 10.1.30.0/24
K8S Nodes Shogunworld 31 10.1.31.0.24
Physical Node
Node Name MAC Address
j 7085.c2d3.0d36
a 7085.c2d1.7efc
r 7085.c2d4.7fab
v 7085.c2d3.0b93
i 7085.c2d3.0d4a
s 7085.c2d3.1053

Kubernetes Network
Pod Network CIDR 10.60.0.0/16

Node Build Out

Physical Node Westworld Node Name Shogunworld Node Name Etcd Node NLB Node
j ww-ctrl-01 sw-wrk-01 sw-etcd-01 ww-nlb-01
a ww-ctrl-02 sw-wrk-02 sw-etcd-02 ww-nlb-02
r ww-wrk-01 sw-wrk-03 sw-etcd-03 ww-nlb-03
v ww-wrk-02 sw-wrk-04 ww-etcd-01 sw-nlb-01
i ww-wrk-03 sw-ctrl-01 ww-etcd-02 sw-nlb-02
s ww-wrk-04 sw-ctrl-02 ww-etcd-03 sw-nlb-03

HA Config for Etcd & K8S Masters

Two virtual IP addresses, 10.1.10.5 and 10.1.10.6, are shared between ww-nlb-01 and ww-nlb-02.

HAProxy Configuration

Heartbeat Configuration Files

ha.cf
authkeys
haresources

us-nlb-[01,02] have heartbeat installed to manage the shared IP addresses between the two.

10.1.10.5 is for usage as the Etcd load-balanced IP address
10.1.10.6 is for usage as the Kubernetes API endpoint

Kubernetes Installation

Certificate Authority
Kubernetes Config Files
Data Encryption
Bootstrapping etcd
Bootstrapping K8S Controllers
Bootstrapping K8S Workers
Configure Kubectl
Installing Cilium / Network Routing
Installing CoreDNS
Kubernetes Terms

Building Upon Kubernetes

CNI Networking : Cilium
Service Mesh : Istio
LoadBalancing : MetalLB

Services To Deploy

Vault

Prometheus

Fluentd

elasticsearch

grafana

Additional Elements

Harbor

Rook

GitLab

jaeger

Open Policy Agent

kured

Retrieved from "https://wiki.8bitwizard.net/index.php?title=Kubernetes_Build&oldid=267"