Nels  Franecki

Nels Franecki

1625842980

Example of running a self-hosted Kubernetes

Oi! Almost all the time I’m working with clusters provided by AWS EKS and there are many things don’t need to be configured manually the configuration is already done by the cloud provider. But when it comes to deploying a bare-metal cluster, you may have lots of problems to be solved.

I’ve created several clusters where each node had a public IP. The main idea was that Kubernetes lives in the private network, but nodes could access the internet directly.

Each node has 2 interfaces

It was working fine, but there were several problems

  • I couldn’t add a new worker node, because I didn’t have more public addresses
  • It was hard to add a new master nodes because the control plane address was allocated by the first master
  • It was not very secure because all nodes were accessible from the internet

So I’ve decided that I should implement another scheme

Kubernetes behind the bastion host, where 10.43.83.0/24 is a private network

In this scheme, only one node (bastion) can access the Internet directly. All the others need to send traffic through the bastion.

Several steps need to be done to make this scheme work. Let’s assume that our **public IP is x.x.x.x andour private network is 10.43.83.0/24, **we have 5 nodes (1 — k8s master, 3 — k8s workers, 1 — bastion host), a private interface ens20 on all nodes,and a public interface ens19 only onthe bastion host.

I am using **Ubuntu 20.04 **as the main OS on all servers so I’m not sure that configuration will be the same on all others.

#devops #kubernetes

Example of running a self-hosted Kubernetes