Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: kelseyhightower/kubernetes-the-hard-way
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: ivanfioravanti/kubernetes-the-hard-way-on-azure
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.

Commits on Sep 8, 2017

  1. Copy the full SHA
    538bb81 View commit details
  2. Small typo fixed

    ivanfioravanti committed Sep 8, 2017
    Copy the full SHA
    f3d3b5f View commit details

Commits on Sep 19, 2017

  1. removed hardcoded instance name

    Raja Ayyapusetty authored and Raja Ayyapusetty committed Sep 19, 2017
    Copy the full SHA
    371377d View commit details
  2. Merge pull request #1 from RajaAyyapusetty/routingDocs

    removed hardcoded instance name
    ivanfioravanti authored Sep 19, 2017
    Copy the full SHA
    0be9f64 View commit details

Commits on Oct 2, 2017

  1. Copy the full SHA
    a1cd3a6 View commit details

Commits on Oct 6, 2017

  1. Update 01-prerequisites.md

    Prerequisites updated to cover Azure Free Trial scenario.
    ivanfioravanti authored Oct 6, 2017
    Copy the full SHA
    128f65c View commit details

Commits on Oct 11, 2017

  1. Copy the full SHA
    a6f3bf6 View commit details

Commits on Oct 14, 2017

  1. Merge pull request #4 from DenisBiondic/patch-1

    Fixed kube-proxy client certificate signing request
    ivanfioravanti authored Oct 14, 2017
    Copy the full SHA
    9d28803 View commit details

Commits on Oct 24, 2017

  1. Copy the full SHA
    2ba66bd View commit details

Commits on Oct 25, 2017

  1. Merge pull request #5 from lastcoolnameleft/patch-1

    s/google routes/azure udr/
    ivanfioravanti authored Oct 25, 2017
    Copy the full SHA
    2d197cd View commit details

Commits on Jan 26, 2018

  1. Update 02-client-tools.md

    Added windows instructions on installing cfssl, cfssljson and kubectl
    taswar authored Jan 26, 2018
    Copy the full SHA
    3270b08 View commit details

Commits on Jan 29, 2018

  1. Merge pull request #7 from taswar/patch-1

    Update 02-client-tools.md
    ivanfioravanti authored Jan 29, 2018
    Copy the full SHA
    a964657 View commit details

Commits on Mar 13, 2018

  1. Copy the full SHA
    960044f View commit details
  2. removed .idea

    EamonKeane committed Mar 13, 2018
    Copy the full SHA
    5321a61 View commit details
  3. Copy the full SHA
    6058403 View commit details
  4. Copy the full SHA
    e8fb369 View commit details
  5. Copy the full SHA
    14949bd View commit details
  6. Copy the full SHA
    2edff05 View commit details
  7. Copy the full SHA
    37d5b41 View commit details
  8. Copy the full SHA
    16446c8 View commit details
  9. Copy the full SHA
    eb02c4d View commit details
  10. Copy the full SHA
    c9ad5bc View commit details
  11. Copy the full SHA
    d18fbde View commit details

Commits on Mar 14, 2018

  1. Merge pull request #10 from EamonKeane/master

    Update to k8s 1.9.4, etcd 3.3.2, cri 1-beta, CNI 0.7, and Azure Instance Metadata
    ivanfioravanti authored Mar 14, 2018
    Copy the full SHA
    a2cc1b1 View commit details

Commits on May 16, 2018

  1. Copy the full SHA
    16855a0 View commit details
  2. Copy the full SHA
    b8ae615 View commit details
  3. Update 03-compute-resources.md

    Fixed SSH keys
    Lukas Pollmann authored May 16, 2018
    Copy the full SHA
    9797f7f View commit details

Commits on May 17, 2018

  1. Merge pull request #12 from fmoctezuma/patch-1

    Update 09-bootstrapping-kubernetes-workers.md
    ivanfioravanti authored May 17, 2018
    Copy the full SHA
    991cf01 View commit details
  2. Merge pull request #13 from pmanlukas/master

    Update 03-compute-resources.md
    ivanfioravanti authored May 17, 2018
    Copy the full SHA
    42c69bd View commit details

Commits on May 31, 2018

  1. Copy the full SHA
    4a80b7e View commit details

Commits on Jun 13, 2018

  1. Copy the full SHA
    8b0e1f0 View commit details

Commits on Aug 15, 2018

  1. Merge pull request #16 from prabhatpankaj/patch-1

    Update 11-pod-network-routes.md
    ivanfioravanti authored Aug 15, 2018
    Copy the full SHA
    3fb4104 View commit details
  2. Merge pull request #18 from lastcoolnameleft/patch-2

    Change "VPC" reference to "Vnet"
    ivanfioravanti authored Aug 15, 2018
    Copy the full SHA
    e4b7b61 View commit details

Commits on Sep 29, 2018

  1. Select latest Ubuntu Server

    Add CLI command to list latest available Ubuntu release for user to select from.
    rahulvmarathe authored Sep 29, 2018
    Copy the full SHA
    30af85d View commit details

Commits on Sep 30, 2018

  1. Copy the full SHA
    e736df6 View commit details

Commits on Oct 10, 2018

  1. Merge pull request #21 from rahulvmarathe/master

    Select latest Ubuntu Server
    ivanfioravanti authored Oct 10, 2018
    Copy the full SHA
    1cbaff0 View commit details

Commits on Oct 12, 2018

  1. Copy the full SHA
    41d82fa View commit details
  2. Merge pull request #22 from csinge/patch-1

    Corrected the file to be downloaded
    ivanfioravanti authored Oct 12, 2018
    Copy the full SHA
    147664c View commit details

Commits on Oct 17, 2018

  1. Fixed wrong labeling controller

    This section describes steps to do on all worker nodes.
    lukibahr authored Oct 17, 2018
    Copy the full SHA
    9e4b06f View commit details

Commits on Oct 26, 2018

  1. Merge pull request #23 from lukibahr/patch-1

    Fixed wrong labeling: "controller"
    ivanfioravanti authored Oct 26, 2018
    Copy the full SHA
    988117c View commit details

Commits on Nov 18, 2018

  1. fixing dns validation

    4c74356b41 authored Nov 18, 2018
    Copy the full SHA
    0f60d60 View commit details
  2. Copy the full SHA
    cbca758 View commit details
  3. Merge pull request #24 from 4c74356b41/patch-1

    fixing dns validation
    ivanfioravanti authored Nov 18, 2018
    Copy the full SHA
    3a951e8 View commit details
  4. Merge pull request #25 from 4c74356b41/patch-2

    Update 11-pod-network-routes.md
    ivanfioravanti authored Nov 18, 2018
    Copy the full SHA
    324bad4 View commit details

Commits on Nov 25, 2018

  1. Copy the full SHA
    37d5067 View commit details
  2. CoreDNS added

    ivanfioravanti committed Nov 25, 2018
    Copy the full SHA
    f1263d0 View commit details
  3. Copy the full SHA
    aed0f1e View commit details

Commits on Dec 7, 2018

  1. I think there is a

    In the original repo you the `10-bridge.conf` & `99-loopback.conf` is placed in a specific directory not at the current directory. This was leading to a 
    
    ``` 
    NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized
    ```
    When running `kubectl get nodes` 
    I found the fix in the original repo at this commit (dated May 12): b974042#diff-03d99155352c96169d8f7f7b99410320
    timmyreilly authored Dec 7, 2018
    Copy the full SHA
    1ddd814 View commit details
  2. Merge pull request #27 from timmyreilly/patch-1

    Discrepancy in cni configuration
    ivanfioravanti authored Dec 7, 2018
    Copy the full SHA
    b6ed8a7 View commit details

Commits on Dec 11, 2018

  1. Update 02-client-tools.md

    missing l in cfssljson.exe (download for windows)
    heoelri authored Dec 11, 2018
    Copy the full SHA
    54af0b6 View commit details
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
workdir
26 changes: 18 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,16 @@
# Kubernetes The Hard Way
# Kubernetes The Hard Way on Azure

This tutorial walks you through setting up Kubernetes the hard way. This guide is not for people looking for a fully automated command to bring up a Kubernetes cluster. If that's you then check out [Google Container Engine](https://cloud.google.com/container-engine), or the [Getting Started Guides](http://kubernetes.io/docs/getting-started-guides/).
This tutorial is designed for [Microsoft Azure](https://azure.microsoft.com) and [Azure CLI 2.0](https://github.com/azure/azure-cli).
It is a fork of the great [Kubernetes The Hard Way](https://github.com/kelseyhightower/kubernetes-the-hard-way) from [Kelsey Hightower](https://twitter.com/kelseyhightower) that describes same steps using [Google Cloud Platform](https://cloud.google.com).

Azure part is based on the superb translation done by [Jonathan Carter - @lostintangent](https://twitter.com/LostInTangent) in this [fork](https://github.com/lostintangent/kubernetes-the-hard-way). He is the one who is really behind the Azure "translation".

This tutorial walks you through setting up Kubernetes the hard way. This guide is not for people looking for a fully automated command to bring up a Kubernetes cluster. If that's you then check out [Azure Kubernetes Service]](https://azure.microsoft.com/en-us/products/kubernetes-service/), or the [Getting Started Guides](http://kubernetes.io/docs/getting-started-guides).

Kubernetes The Hard Way is optimized for learning, which means taking the long route to ensure you understand each task required to bootstrap a Kubernetes cluster.

Kubernetes Dashboard configuration has been added at the end of the tutorial, to let you play with the cluster through a UI.

> The results of this tutorial should not be viewed as production ready, and may receive limited support from the community, but don't let that stop you from learning!
## Target Audience
@@ -14,14 +21,16 @@ The target audience for this tutorial is someone planning to support a productio

Kubernetes The Hard Way guides you through bootstrapping a highly available Kubernetes cluster with end-to-end encryption between components and RBAC authentication.

* [Kubernetes](https://github.com/kubernetes/kubernetes) 1.7.4
* [CRI-O Container Runtime](https://github.com/kubernetes-incubator/cri-o) v1.0.0-beta.0
* [CNI Container Networking](https://github.com/containernetworking/cni) v0.6.0
* [etcd](https://github.com/coreos/etcd) 3.2.6
* [Kubernetes](https://github.com/kubernetes/kubernetes) 1.26.3
* [containerd Container Runtime](https://github.com/containerd/containerd) 1.7.0
* [gVisor](https://github.com/google/gvisor) latest
* [CNI Container Networking](https://github.com/containernetworking/cni) 1.1.2
* [etcd](https://github.com/coreos/etcd) v3.5.7
* [CoreDNS](https://github.com/coredns/coredns) v1.10.1

## Labs

This tutorial assumes you have access to the [Google Cloud Platform](https://cloud.google.com). While GCP is used for basic infrastructure requirements the lessons learned in this tutorial can be applied to other platforms.
This tutorial assumes you have access to the [Microsoft Azure](https://azure.microsoft.com). While Azure is used for basic infrastructure requirements the lessons learned in this tutorial can be applied to other platforms.

* [Prerequisites](docs/01-prerequisites.md)
* [Installing the Client Tools](docs/02-client-tools.md)
@@ -36,4 +45,5 @@ This tutorial assumes you have access to the [Google Cloud Platform](https://clo
* [Provisioning Pod Network Routes](docs/11-pod-network-routes.md)
* [Deploying the DNS Cluster Add-on](docs/12-dns-addon.md)
* [Smoke Test](docs/13-smoke-test.md)
* [Cleaning Up](docs/14-cleanup.md)
* [Dashboard](docs/14-dashboard.md)
* [Cleaning Up](docs/15-cleanup.md)
195 changes: 195 additions & 0 deletions deployments/coredns.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,195 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: coredns
namespace: kube-system
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: system:coredns
rules:
- apiGroups:
- ""
resources:
- endpoints
- services
- pods
- namespaces
verbs:
- list
- watch
- apiGroups:
- ""
resources:
- nodes
verbs:
- get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
annotations:
rbac.authorization.kubernetes.io/autoupdate: "true"
labels:
kubernetes.io/bootstrapping: rbac-defaults
name: system:coredns
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: system:coredns
subjects:
- kind: ServiceAccount
name: coredns
namespace: kube-system
---
apiVersion: v1
kind: ConfigMap
metadata:
name: coredns
namespace: kube-system
data:
Corefile: |
.:53 {
errors
health {
lameduck 5s
}
ready
kubernetes cluster.local in-addr.arpa ip6.arpa {
pods insecure
fallthrough in-addr.arpa ip6.arpa
ttl 30
}
prometheus :9153
forward . /etc/resolv.conf
cache 30
loop
reload
loadbalance
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: coredns
namespace: kube-system
labels:
k8s-app: kube-dns
kubernetes.io/name: "CoreDNS"
spec:
# replicas: not specified here:
# 1. Default is 1.
# 2. Will be tuned in real time if DNS horizontal auto-scaling is turned on.
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
selector:
matchLabels:
k8s-app: kube-dns
template:
metadata:
labels:
k8s-app: kube-dns
spec:
priorityClassName: system-cluster-critical
serviceAccountName: coredns
tolerations:
- key: "CriticalAddonsOnly"
operator: "Exists"
nodeSelector:
kubernetes.io/os: linux
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: k8s-app
operator: In
values: ["kube-dns"]
topologyKey: kubernetes.io/hostname
containers:
- name: coredns
image: coredns/coredns:1.6.7
imagePullPolicy: IfNotPresent
resources:
limits:
memory: 170Mi
requests:
cpu: 100m
memory: 70Mi
args: [ "-conf", "/etc/coredns/Corefile" ]
volumeMounts:
- name: config-volume
mountPath: /etc/coredns
readOnly: true
ports:
- containerPort: 53
name: dns
protocol: UDP
- containerPort: 53
name: dns-tcp
protocol: TCP
- containerPort: 9153
name: metrics
protocol: TCP
securityContext:
allowPrivilegeEscalation: false
capabilities:
add:
- NET_BIND_SERVICE
drop:
- all
readOnlyRootFilesystem: true
livenessProbe:
httpGet:
path: /health
port: 8080
scheme: HTTP
initialDelaySeconds: 60
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 5
readinessProbe:
httpGet:
path: /ready
port: 8181
scheme: HTTP
dnsPolicy: Default
volumes:
- name: config-volume
configMap:
name: coredns
items:
- key: Corefile
path: Corefile
---
apiVersion: v1
kind: Service
metadata:
name: kube-dns
namespace: kube-system
annotations:
prometheus.io/port: "9153"
prometheus.io/scrape: "true"
labels:
k8s-app: kube-dns
kubernetes.io/cluster-service: "true"
kubernetes.io/name: "CoreDNS"
spec:
selector:
k8s-app: kube-dns
clusterIP: 10.32.0.10
ports:
- name: dns
port: 53
protocol: UDP
- name: dns-tcp
port: 53
protocol: TCP
- name: metrics
port: 9153
protocol: TCP
Loading