In this section, we guide you by installing a Kubernetes cluster using k3s for evaluation purposes. Please don't consider installing the Kubernetes cluster described here as a complete, production-grade setup. The installation of the cluster and the related infrastructure is the responsibility of the user.
If you don't have a ready-to-use Kubernetes cluster you can install K3S, a lightweight certified Kubernetes distribution.
For example, on a machine with Ubuntu 22.04 (e.g. an instance from AWS EC2 or DigitalOcean), you can install Kubernetes running:
curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml
Read and confirm shell script content before piping from curl to the shell.
Never run scripts from the internet before knowing what they do.
After a few seconds, your Kubernetes cluster will be ready:
kubectl get nodes
NAME STATUS ROLES AGE VERSION
host Ready control-plane,master 2m v...
Helm is the package manager for Kubernetes. Please refer to the Helm official documentation to install the Helm CLI on your system.
To install the latest version of the Helm package manager, run:
curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
Read and confirm shell script content before piping from curl to the shell.
Never run scripts from the internet before knowing what they do.
To verify helm
is correctly installed, you can list the installed applications running:
helm version
To list the applications installed, run:
helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
cert-manager automates certificate management in cloud native environments. It builds on top of Kubernetes to provide X.509 certificate management, including integration with Let's Encrypt.
To install cert-manager on the Kubernetes cluster using the Helm chart, run:
helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager \
--namespace cert-manager \
--create-namespace \
--version v1.16.1 \
--set crds.enabled=true
Create the Let's Encrypt issuer:
export LETSENCRYPT_SERVER_URL="https://acme-v02.api.letsencrypt.org/directory"
export LETSENCRYPT_EMAIL="your-email@example.com"
cat >issuer-letsencrypt.yml <<EOF
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
name: letsencrypt
spec:
acme:
server: ${LETSENCRYPT_SERVER_URL}
email: ${LETSENCRYPT_EMAIL}
privateKeySecretRef:
name: letsencrypt
solvers:
- http01:
ingress: {}
EOF
kubectl apply -f issuer-letsencrypt.yml
© 2024 Northern.tech AS