Setting up Microk8s - FIPost/docs GitHub Wiki

Getting started with Microk8s on ubuntu 20.04

1 Setup

Aliases

MicroK8s uses a namespaced kubectl command to prevent conflicts with any existing installs of kubectl. If you don’t have an existing install, it is easier to add an alias (append to ~/.bash_aliases) like this:

alias kubectl='microk8s kubectl'

source ~/.bash_aliases
source ~/.bashrc

Set Microk8s permissions

sudo usermod -a -G microk8s ubuntu
sudo chown -f -R ubuntu ~/.kube

You need to and login again to apply the changes.

exit

Enable DNS

microk8s enable dns

Enable ingress

microk8s enable ingress

Add .yml

Use your own ip address instead of 12.34.56.78.

Copy the files from the latest deployement config to the server.

scp -r mydir/ipost [email protected]:/home/ubuntu/kube_config

4 Certbot

Install Cerbot https://certbot.eff.org/lets-encrypt/ubuntufocal-nginx

Create cert.

Change *.fipost.nl with your domain.

certbot -d *.fipost.nl --manual --preferred-challenges dns certonly

Follow the instructions provided in the terminal. This will give you a key and tell you to add this in your DNS settings. For the domain fipost.nl we use Transip.

Name	TTL	Type	Value
acme-challenge	1 min.	TXT	{yourvalue}

When it is finished you will get something like this.

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/fipost.nl/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/fipost.nl/privkey.pem
   Your certificate will expire on 2021-08-19. To obtain a new or
   tweaked version of this certificate in the future, simply run
   certbot again. To non-interactively renew *all* of your
   certificates, run "certbot renew"
 - If you like Certbot, please consider supporting our work by:

Go to dir and copy to kube_config

Create a directory named after your domain in /home/ubuntu/kube_config/.

mkdir fipost.nl && cd fipost.nl

Copy the files to the new directory for easy access.

sudo cp /etc/letsencrypt/live/fipost.nl/cert.pem .

sudo cp /etc/letsencrypt/live/fipost.nl/privkey.pem .

Set right to read

sudo chmod a+r privkey.pem

Create Kubernetes Secret

kubectl create secret tls fipost2 \
  --cert=cert.pem \
  --key=privkey.pem

5 Finished

Run the final command to start the service.

kubectl apply -f .