Cloud Native A series of notes, how-tos, and more related to Cloud Native technologies. Kubernetes Deploy a Cluster with kubeadm Note : These instructions are based on the Computer Science Club of the University of Waterloo's OpenStack instance. Build image The first step is to build an image using packer. This image will contain all of the tools required to run a Kubernetes node. TODO: Push packer build to a git repository . # 0. Locate ourserlves cd $PACKER_DIR/kubernetes # 1. Load openstack-rc source ../openstack-rc # 2. Update image # 2.1. Update the image name (Kubernetes version and build date) vim packer.json # 2.2. Ansible deployment (update kubectl, kubelet and kubeadm version) vim ansible/provision.yaml # 3. Run build # note: token generated with `openstack token issue` export OS_TOKEN="TOKEN_FROM_OPENSTACK" packer build packer.json Deploy infrastructure TODO: Document deploying infrastructure using Terraform Initialize control plane TODO: Document initializing infrastructure Proxmox Kubernetes Virtual Machine Setup Download the debian-12-generic-amd64.raw file from https://cloud.debian.org/images/cloud/bookworm/latest/ . Create the virtaul machine Add a cloud-init drive on the VM Import the cloud image: qm importdisk $VMID /mnt/pve/assets/template/iso/debian-12-generic-amd64.raw local-lvm --format qcow2 Setup cloud-init: qm set $VMID --cicustom "user=cloud-init:snippets/user.yaml,network=cloud-init:snippets/network.yaml" Example config files: user.yaml #cloud-config hostname: zsottvXX manage_etc_hosts: true fqdn: zsottvXX.zsnet.ca user: zsadmin ssh_authorized_keys: - ssh-rsa KEY COMMENT chpasswd: expire: False users: - default # Setup ntp ntp: enabled: true ntp_client: chrony servers: [] pools: - time.zsnet.ca # Add gnupg bootcmd: - DEBIAN_FRONTEND=noninteractive apt-get -yq update - DEBIAN_FRONTEND=noninteractive apt-get -yq install gnupg # Configure apt repositories apt: primary: - arches: [default] uri: http://mirror.csclub.uwaterloo.ca/debian/ security: - arches: [default] uri: http://mirror.csclub.uwaterloo.ca/debian-security/ sources_list: | deb $PRIMARY $RELEASE main contrib deb $PRIMARY $RELEASE-updates main contrib deb $SECURITY $RELEASE-security main contrib package_update: true package_upgrade: true package_reboot_if_required: true # Install packages packages: - qemu-guest-agent network.yaml version: 1 config: - type: physical name: eth0 mac_address: 'xx:yy:zz:aa:bb:cc' subnets: - type: dhcp4 - type: ipv6_slaac - type: nameserver address: - '2602:815:9000::53' - '2602:815:9000:1::53' search: - 'zsnet.ca' Services Apache Guacamole Process Install Dependencies sudo apt install build-essential maven default-jdk default-jre libcairo2-dev libjpeg62-turbo-dev libpng-dev libtool-bin uuid-dev libvncserver-dev freerdp2-dev libssh2-1-dev libavcodec-dev libavformat-dev libavutil-dev libswscale-dev libpango1.0-dev libpulse-dev libvorbis-dev libwebp-dev Download and setup Tomcat 9 manually until 10 or newer are supported. Download https://guacamole.apache.org/releases/ curl -LO "https://apache.org/dyn/closer.lua/guacamole/1.6.0/source/guacamole-server-1.6.0.tar.gz?action=download" curl -LO "https://apache.org/dyn/closer.lua/guacamole/1.6.0/source/guacamole-client-1.6.0.tar.gz?action=download" tar xf guacamole-server-1.6.0.tar.gz tar xf guacamole-client-1.6.0.tar.gz Server ./configure --with-systemd-dir=/usr/lib/systemd/system make -j2 sudo make install sudo ldconfig sudo systemctl daemon-reload sudo systemctl restart guacd Client JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 mvn package sudo rm /etc/guacamole/extensions/* sudo cp guacamole/target/guacamole-1.6.0.war /opt/tomcat/webapps/ROOT.war sudo cp extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-postgresql/target/guacamole-auth-jdbc-postgresql-1.6.0.jar /etc/guacamole/extensions/ sudo cp extensions/guacamole-auth-quickconnect/target/guacamole-auth-quickconnect-1.6.0.jar /etc/guacamole/extensions sudo cp extensions/guacamole-auth-sso/modules/guacamole-auth-sso-openid/target/guacamole-auth-sso-openid-1.6.0.jar /etc/guacamole/extensions # If weird issues are encountered, clear the maven cache rm -rf ~/.m2