Unfortunately I couldn't find time to complete this walkthrough. But it still can be valuable.
What a long name. 😵
This documentation is for creating scalable server environment. The main goal is not using anything provider-specific such as managed services etc. Reason of this is to stay provider agnostic and cheap. This may not be best for production but good for learning. 👍🏿
This is more a walkthrough than a documentation, and is not meant to teach you anything, instead; we're assuming here that you already know the what is
and what for
the main pieces are, such as VM
, Cluster
, SSH
, Kubernetes
, Firewall
, RabbitMQ
, PostgreSQL
etc, but having trouble at bringing them togehter. 🤷
Some things that you are going to read here is not written by me, i mostly just bring them togehter and make them complete by filling the gaps. But, believe me, there was great gaps which outputs lots of useless results. At first i tried to make reference to every resource i've used but at some point it become impossible for me. So sorry in advance for using contents without mentioning the authors. 😔
So this is a complete, tested, good for start server environment setup.
Minimum setup is includes 3 VMs
;
- First VM is for and only for databases;
- We have only one database at the moment which is
PostgreSQL
. - In the future you can (and should) add another VMs for database replication/sharding.
- We have only one database at the moment which is
- Second VM is our
master
VM. We gonna use it as;- Kubernetes Master
- Loadbalancer
- Kubernetes Cluster Node
- OpenVPN Server
- Third VM is our
slave
VM. We gonna use it as;- Kubernetes Slave Cluster Node.
Point is; in the future, you gonna add as many slave
nodes as you want. What we are describing here is the minimum initial setup, but if you want you can start more than one slave
nodes. In that case you dont have to (and you better not to) use master
node as a Kubernetes cluster node. Which means Kubernetes wont run PODs on it. But if you want to stay as cheap as possible for the initial setup its okay for now.
All VMs has to be CentOS
, and mine is CentOS 7.6
to be specific.
I'm using VMs (droplets
in digitalocean jargon) that has 2GB RAM
and 2 CPUs
on digitalocean for all of my VMs.
You need to have private networking enabled for VMs. In digitalocean this is done by clicking a checkbox when creating the VMs. In some providers you need to manually create a private network from dashboard and assign it to VMs. Find a way and make sure that every VM has internet access and private networking.
Also remember to enable backups
on first VM which has database on it.
I'm going to name my VMs as following;
ra-vm1-data-services
ra-vm2-master-node
ra-vm3-slave-node1
We're going to run our non-critical
in-memory
databases such as RabbitMQ
and Redis
inside kubernetes cluster for scale them easily.
In walkthrough you can see my username in various places which is ramesaliyev
and my home folder on my local machine is /Users/ramesaliyev
.
- First create a RSA key pair on your local machine.
- Create all infrastructure as described under Architecture title.
- Add hosts record
- For all 3 VMs on your local machine.
- Example;
116.xxx.xxx.xxx ra-vm1
116.xxx.xxx.xxx ra-vm2
116.xxx.xxx.xxx ra-vm3
// For easy usage with browsers.
116.xxx.xxx.xxx ravm1.com
116.xxx.xxx.xxx ravm2.com
116.xxx.xxx.xxx ravm3.com
- Example;
- For all 3 VMs on each of your VMs.
- Remember to use private network IPs of VMs.
- And use
127.0.0.1
for own host records. - Example;
10.0.0.2 vm1 data-services
10.0.0.3 vm2 master-node
10.0.0.4 vm3 slave-node1
- For all 3 VMs on your local machine.
- Login into all 3 VMs SSH.
- After first login terminal will prompt you to change password of
root
user. After changing the password logout and relogin to verify the changed password. - If password changing didn't prompt; refer to Changing User Password Recipe to change
root
password. - If you get
cannot change locale
error on login; refer to troubleshooting CentOS Cannot Change Locale.
- After first login terminal will prompt you to change password of
- In all VMs make some adjustments for SSH;
- Setup SSH Session Idle Timeout Time.
Optional:
colorize the terminal.- Create a new user with sudo privileges.
- For that user; setup SSH login with RSA key pairs.
- Limit SSH users to newly created user.
- Disable Root User SSH Login
- Make preparations for kubernetes installation.
- Check
hostname
of each VM, and change them to be unique if they are same.
- Check
- Kubernetes Up & Going
- Install Kubernetes with all of its dependencies onto your
master
andslave
VM. Optional:
Take a snapshot of all of your VMs and name itinitial
.- Initialize kubernetes cluster.
- Add worker nodes to the cluster.
Optional:
Take another snapshot ofvm2
andvm3
VMs and name itclustered
.Optional:
Test kubernetes PODs and Services.- Setup the Ingress.
- Install Kubernetes with all of its dependencies onto your
- Following precautions may be taken for security but we're not gonna do those because we're going to secure our servers behind the VPN;
- Cheatsheets
- Recipes
- Creating a RSA Key Pair
- Adding Host Records to Local Machine
- Logging into Servers SSH
- Changing User Password
- Setup SSH Session Idle Timeout Time
- Colorizing the Terminal
- Creating User with Sudo Privileges
- Setup SSH Login with RSA Key Pairs
- Disabling SSH Login with Password
- Changing Port of SSH
- Limiting SSH Users
- Disable Root User SSH Login
- Changing Hostnames
- Copy File From and To Server
- Troubleshooting
- Kubernetes