Skip to content

Deployment Overview of MicroK8s on Server

Prerequisites and Basic Requirements

  • Operating System: Ubuntu Linux.

  • Privileges: Root access is required to perform the installation and manage system services.

  • Package Manager: apt for system updates and snapd for MicroK8s installation.

  • Network: The server must have outbound internet access to download packages and certificates.

FQDN of the Final Panel

Based on the provided configuration, no specific FQDN in the format <prefix><Server ID>.hostkey.in:<port> is defined for a user-facing web panel. The MicroK8s Dashboard is exposed locally via port forwarding.

File and Directory Structure

The deployment utilizes the following paths for data and configuration storage:

Path Description
/snap/bin Location of microk8s and kubectl binaries.
/data/nginx/nginx-certbot.env Environment file for Nginx and Certbot configuration.
/data/nginx/user_conf.d Directory for custom Nginx user configurations.
/etc/letsencrypt Mount point for SSL certificate storage (via named volume).

Application Installation Process

The MicroK8s cluster is installed as a Snap package using the 1.31/stable channel. The installation process involves the following steps:

  1. Update the apt package index.

  2. Install the snapd package if not already present.

  3. Install MicroK8s via Snap: 

    snap install microk8s --channel 1.31/stable --classic

  4. Add the current user to the microk8s group to enable command execution without sudo for cluster management.

  5. Enable essential addons for DNS, storage, and the dashboard: 

    microk8s enable dns hostpath-storage dashboard

  6. Wait for the cluster to become ready: 

    microk8s status --wait-ready

  7. Create a shell alias for kubectl: 

    snap alias microk8s.kubectl kubectl

Docker Containers and Their Deployment

A containerized Nginx service is deployed using Docker Compose. The configuration includes:

  • Image: jonasal/nginx-certbot:latest

  • Restart Policy: unless-stopped

  • Network Mode: host

  • Environment Variables:

    • CERTBOT_EMAIL: Set to [email protected]

    • Additional settings loaded from /data/nginx/nginx-certbot.env

  • Volumes:

    • nginx_secrets: An external volume mounted at /etc/letsencrypt for SSL certificates.

    • /data/nginx/user_conf.d: Mounted at /etc/nginx/user_conf.d for custom Nginx configurations.

The deployment utilizes the docker-compose tool to manage the Nginx container lifecycle based on the provided YAML definition.

Proxy Servers

The Nginx container acts as a reverse proxy and handles SSL certificate management using Certbot.

  • Configuration File: /data/nginx/nginx-certbot.env

  • Custom Configs: Placed in /data/nginx/user_conf.d

  • SSL Storage: Managed via the nginx_secrets volume at /etc/letsencrypt.

Access Rights and Security

  • User Group: The root user is added to the microk8s group to manage the cluster.

  • Firewall: No specific firewall rules or port restrictions are defined in the provided configuration files.

  • Access Control: Access to the Kubernetes dashboard is granted via a token generated by kubectl.

Starting, Stopping, and Updating

  • Dashboard Access Token: To access the MicroK8s dashboard, generate a token using: 

    microk8s kubectl create token default

  • Port Forwarding: To access the dashboard, port 10443 on the host is forwarded to port 443 of the dashboard service: 

    microk8s kubectl port-forward -n kube-system service/kubernetes-dashboard 10443:443 &

  • Container Management: Docker containers managed by Compose can be started, stopped, or updated using standard docker compose commands corresponding to the project directory containing compose.yml.

Available Ports for Connection

  • 10443: Local port for accessing the MicroK8s Dashboard (requires active port-forwarding process).

  • 80/443: Standard HTTP/HTTPS ports handled by the Nginx container in host network mode.

question_mark
Is there anything I can help you with?
question_mark
AI Assistant ×