Raspberry Pi 4 Kubernetes Cluster

Kubernetes Cluster with Simple NodeJS Kubernetes deployment.

Requirements: At least 2 Raspberry Pi 4 boards, with some way to power each one. I will be using 4 in this example and a decent speed SD card per Pi.

Ubuntu Server 20.04 LTS Installation

Flash each SD card with Ubuntu Server 20.04 LTS using something like balenaEtcher..

Setup

You will prob want to give each pi a static ip to make it easier to reach. If you add static ips, you could create an ssh hosts file to make ssh even easier.

Do this on each pi.

Edit the host name ex: `k8s-master` for the master and `k8s-worker-01`, `k8s-worker-02`, `k8s-worker-03` for the workers.

Configure boot options.

Add cgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1 swapaccount=1 to the end of the first line.

Install all updates and reboot.

Create a user.

Install Docker.

Set Docker Daemon options.

Add the following snippet.

Enable Routing

Find the line #net.ipv4.ip_forward=1 and uncomment it.

Check that the Docer service is running and run hello-world.

Install Kubernetes

Add the Kubernetes Repo.

Add the GPG key.

Install required Kubernetes packages.

Initialize Kubernetes.

Run this command on the Master only. This will return some commands as well as the node join command, save this for later.

Set up the config directory.

If the commands returned above are different from the ones below run those instead as they may have changed.

Install the flannel network driver.

Check pod status.

Add the worker nodes to the cluster.

Check node status.

The next set is to run a service.

Deployment

Creates a Simple NodeJS Server that displays an image. Deployment, with 3 replicas.

Kubernetes Dashboard

Install

Creating a Sample User

In this guide, we will find out how to create a new user using the Service Account mechanism of Kubernetes, grant this user admin permissions and login to Dashboard using a bearer token tied to this user.

IMPORTANT: Make sure that you know what you are doing before proceeding. Granting admin privileges to Dashboard's Service Account might be a security risk.

Creating a Service Account

We are creating Service Account with the name admin-user in namespace kubernetes-dashboard first.

dashboard-adminuser.yaml

Creating a ClustorRoleBinding

In most cases after provisioning the cluster using kops, kubeadm or any other popular tool, the ClusterRole cluster-admin already exists in the cluster. We can use it and create only a ClusterRoleBinding for our ServiceAccount. If it does not exist then you need to create this role first and grant required privileges manually.

cluster-role-binding.yaml

Get a Bearer Token

Now we need to get the token that we need to use to log in with. Execute the following command:

Access Kubernetes Dashboard from outside the Cluster

SCP config file from master /etc/kubernetes/admin.conf

Clean Up

Remove the admin ServiceAccount and ClusterRoleBinding.

Kubernetes Metrics Server

Download File:

Kubelet certificate needs to be signed by cluster Certificate Authority (or disable certificate validation by passing --kubelet-insecure-tls to Metrics Server)

Modify the file (Do not do this in production)

Add --kublet-insecure-tls to container args

Kubectl Commands

Get deployments across all namespaces.

Delete deployment.

Resources

• Setting up a Raspberry Pi Kubernetes Cluster with Ubuntu 20.04
• Kubernetes Dashboard
• Access Control
• Creating a Sample User
• Metrics Server
• Kubectl Cheatsheet