Catatan Mas Wachid

Ubuntu

Cara menginstall Kubernetes microk8s di Ubuntu 22.04

Byadmin web

Feb 7, 2024 
masadmin@PowerEdge-R740:/$ sudo snap install microk8s --classic --channel=1.29
[sudo] password for masadmin:
microk8s (1.29/stable) v1.29.0 from Canonical✓ installed
masadmin@PowerEdge-R740:/$ sudo usermod -a -G microk8s $USER
masadmin@PowerEdge-R740:/$ sudo chown -f -R $USER ~/.kube
masadmin@PowerEdge-R740:/$

masadmin@PowerEdge-R740:/$ sudo microk8s status --wait-ready
microk8s is running
high-availability: no
  datastore master nodes: 127.0.0.1:19001
  datastore standby nodes: none
addons:
  enabled:
    dns                  # (core) CoreDNS
    ha-cluster           # (core) Configure high availability on the current node
    helm                 # (core) Helm - the package manager for Kubernetes
    helm3                # (core) Helm 3 - the package manager for Kubernetes
  disabled:
    cert-manager         # (core) Cloud native certificate management
    cis-hardening        # (core) Apply CIS K8s hardening
    community            # (core) The community addons repository
    dashboard            # (core) The Kubernetes dashboard
    gpu                  # (core) Alias to nvidia add-on
    host-access          # (core) Allow Pods connecting to Host services smoothly
    hostpath-storage     # (core) Storage class; allocates storage from host directory
    ingress              # (core) Ingress controller for external access
    kube-ovn             # (core) An advanced network fabric for Kubernetes
    mayastor             # (core) OpenEBS MayaStor
    metallb              # (core) Loadbalancer for your Kubernetes cluster
    metrics-server       # (core) K8s Metrics Server for API access to service metrics
    minio                # (core) MinIO object storage
    nvidia               # (core) NVIDIA hardware (GPU and network) support
    observability        # (core) A lightweight observability stack for logs, traces and metrics
    prometheus           # (core) Prometheus operator for monitoring and logging
    rbac                 # (core) Role-Based Access Control for authorisation
    registry             # (core) Private image registry exposed on localhost:32000
    rook-ceph            # (core) Distributed Ceph storage using Rook
    storage              # (core) Alias to hostpath-storage add-on, deprecated
masadmin@PowerEdge-R740:/$
masadmin@PowerEdge-R740:/$ sudo microk8s kubectl get nodes
[sudo] password for masadmin:
NAME             STATUS   ROLES    AGE   VERSION
poweredge-r740   Ready    <none>   16m   v1.29.0
masadmin@PowerEdge-R740:/$
masadmin@PowerEdge-R740:/$ sudo microk8s enable dashboard
Infer repository core for addon dashboard
Enabling Kubernetes Dashboard
Infer repository core for addon metrics-server
Enabling Metrics-Server
serviceaccount/metrics-server created
clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
clusterrole.rbac.authorization.k8s.io/system:metrics-server created
rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
service/metrics-server created
deployment.apps/metrics-server created
apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
clusterrolebinding.rbac.authorization.k8s.io/microk8s-admin created
Metrics-Server is enabled
Applying manifest
serviceaccount/kubernetes-dashboard created
service/kubernetes-dashboard created
secret/kubernetes-dashboard-certs created
secret/kubernetes-dashboard-csrf created
secret/kubernetes-dashboard-key-holder created
configmap/kubernetes-dashboard-settings created
role.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
deployment.apps/kubernetes-dashboard created
service/dashboard-metrics-scraper created
deployment.apps/dashboard-metrics-scraper created
secret/microk8s-dashboard-token created

If RBAC is not enabled access the dashboard using the token retrieved with:

microk8s kubectl describe secret -n kube-system microk8s-dashboard-token

Use this token in the https login UI of the kubernetes-dashboard service.

In an RBAC enabled setup (microk8s enable RBAC) you need to create a user with restricted
permissions as shown in:
https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md

masadmin@PowerEdge-R740:/$
masadmin@PowerEdge-R740:/$ sudo microk8s enable hostpath-storage
Infer repository core for addon hostpath-storage
Enabling default storage class.
WARNING: Hostpath storage is not suitable for production environments.
         A hostpath volume can grow beyond the size limit set in the volume claim manifest.

deployment.apps/hostpath-provisioner created
storageclass.storage.k8s.io/microk8s-hostpath created
serviceaccount/microk8s-hostpath created
clusterrole.rbac.authorization.k8s.io/microk8s-hostpath created
clusterrolebinding.rbac.authorization.k8s.io/microk8s-hostpath created
Storage will be available soon.
masadmin@PowerEdge-R740:/$
masadmin@PowerEdge-R740:/$ sudo microk8s kubectl get all --all-namespaces
NAMESPACE     NAME                                             READY   STATUS    RESTARTS   AGE
kube-system   pod/dashboard-metrics-scraper-5657497c4c-8kpzj   1/1     Running   0          118m
kube-system   pod/kubernetes-dashboard-54b48fbf9-sf4pk         1/1     Running   0          118m
kube-system   pod/coredns-864597b5fd-gct65                     1/1     Running   0          136m
kube-system   pod/metrics-server-848968bdcd-4clwz              1/1     Running   0          118m
kube-system   pod/calico-kube-controllers-77bd7c5b-5q5nn       1/1     Running   0          136m
kube-system   pod/calico-node-299nf                            1/1     Running   0          136m

NAMESPACE     NAME                                TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)                  AGE
default       service/kubernetes                  ClusterIP   10.152.183.1     <none>        443/TCP                  136m
kube-system   service/kube-dns                    ClusterIP   10.152.183.10    <none>        53/UDP,53/TCP,9153/TCP   136m
kube-system   service/metrics-server              ClusterIP   10.152.183.251   <none>        443/TCP                  118m
kube-system   service/kubernetes-dashboard        ClusterIP   10.152.183.242   <none>        443/TCP                  118m
kube-system   service/dashboard-metrics-scraper   ClusterIP   10.152.183.40    <none>        8000/TCP                 118m

NAMESPACE     NAME                         DESIRED   CURRENT   READY   UP-TO-DATE   AVAILABLE   NODE SELECTOR            AGE
kube-system   daemonset.apps/calico-node   1         1         1       1            1           kubernetes.io/os=linux   136m

NAMESPACE     NAME                                        READY   UP-TO-DATE   AVAILABLE   AGE
kube-system   deployment.apps/coredns                     1/1     1            1           136m
kube-system   deployment.apps/calico-kube-controllers     1/1     1            1           136m
kube-system   deployment.apps/dashboard-metrics-scraper   1/1     1            1           118m
kube-system   deployment.apps/kubernetes-dashboard        1/1     1            1           118m
kube-system   deployment.apps/metrics-server              1/1     1            1           118m

NAMESPACE     NAME                                                   DESIRED   CURRENT   READY   AGE
kube-system   replicaset.apps/coredns-864597b5fd                     1         1         1       136m
kube-system   replicaset.apps/calico-kube-controllers-77bd7c5b       1         1         1       136m
kube-system   replicaset.apps/dashboard-metrics-scraper-5657497c4c   1         1         1       118m
kube-system   replicaset.apps/kubernetes-dashboard-54b48fbf9         1         1         1       118m
kube-system   replicaset.apps/metrics-server-848968bdcd              1         1         1       118m
root@PowerEdge-R740:/#
masadmin@PowerEdge-R740:/$ sudo microk8s kubectl port-forward -n kube-system service/kubernetes-dashboard --address 0.0.0.0 9443:443
Forwarding from 0.0.0.0:9443 -> 8443
Handling connection for 9443
Handling connection for 9443
Handling connection for 9443
Handling connection for 9443
Handling connection for 9443
masadmin@PowerEdge-R740:/$ token=$(microk8s kubectl -n kube-system get secret | grep default-token | cut -d " " -f1)
masadmin@PowerEdge-R740:/$ sudo microk8s kubectl -n kube-system describe secret $token
Name:         kubernetes-dashboard-certs
Namespace:    kube-system
Labels:       k8s-app=kubernetes-dashboard
Annotations:  <none>

Type:  Opaque

Data
====


Name:         microk8s-dashboard-token
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: default
              kubernetes.io/service-account.uid: ef98dbd6-4504-42c1-b300-8f0e61216169

Type:  kubernetes.io/service-account-token

Data
====
ca.crt:     1123 bytes
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IjNOQnR0ajdVdXJtVzBKSE5LVmxnYm1tSXVWejFNcGltZnJiRzhSeUJQd00ifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJtaWNyb2s4cy1kYXNoYm9hcmQtdG9rZW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6ImVmOThkYmQ2LTQ1MDQtNDJjMS1iMzAwLThmMGU2MTIxNjE2OSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTpkZWZhdWx0In0.frHzdXbwqRcisZFzCzyK-b4c8hq0qX-01Faxm-iu9zscFjLMbI80bO0_ctguwF4Eaj5OVd25ovwjU6OBPzHyieou5FhkkY6kAP4c02cMhUUhEnsg4zuYd77DPYikguRewk4ZcicDvTRbOLpCy61Kg3flhnOEISiStFeNSwb5zgFgFnFMaoUSigUFv5LPvxQmjXj5JrOhVNb4-Xtq_tx95pDqcedd8YiRyJgkFKNdTHcJc6bh9AGRuvMMHHtvndk9PdlS5QtMwjNrF2UoMOgYFiAbWcPDjhMZCOcu7VodzXXS3Oml6irsJ1fEC3Z0T4GxvYAnjLvAMmAYlQmqfHRQrg


Name:         kubernetes-dashboard-csrf
Namespace:    kube-system
Labels:       k8s-app=kubernetes-dashboard
Annotations:  <none>

Type:  Opaque

Data
====
csrf:  256 bytes


Name:         kubernetes-dashboard-key-holder
Namespace:    kube-system
Labels:       <none>
Annotations:  <none>

Type:  Opaque

Data
====
priv:  1679 bytes
pub:   459 bytes
masadmin@PowerEdge-R740:/$

By admin web

Related Post

Ubuntu

Cara menginstall 2FA login dengan google-authenticator di Ubuntu

Aug 4, 2024 admin web
Ubuntu

Cara menginstall mendownload dan install custom root ca Ubuntu

Jul 24, 2024 admin web
Ubuntu

Cara menginstall onlyoffice server di Ubuntu 22.04 dengan docker compose

Jul 18, 2024 admin web

Leave a Reply

Your email address will not be published. Required fields are marked *

You missed

Uncategorized

Cara mengupgrade Kubernetes K3s secara otomatis

November 12, 2024 admin web
Uncategorized

Cara convert VMDK ke qcow2

November 12, 2024 admin web
Kubernetes

Cara mengugrade Kubernetes K3s Manual

November 12, 2024 admin web
Uncategorized

Cara menginstall openspeed test di Ubuntu Desktop 24.04

November 10, 2024 admin web