Self-managed Kubernetes in DigitalOcean (DO)

Big picture

This tutorial creates a self-managed Kubernetes cluster (1 Master, 2 Worker nodes) using Calico networking in DigitalOcean.

Value

Managing your own Kubernetes cluster (as opposed to using a managed-Kubernetes service like EKS), gives you the most flexibility in configuring Calico and Kubernetes. Calico combines flexible networking capabilities with “run-anywhere” security enforcement to provide a solution with native Linux kernel performance and true cloud-native scalability.

Concepts

Kubernetes Operations (kops) is a cluster management tool that handles provisioning cluster VMs and installing Kubernetes. It has built-in support for using Calico as the Kubernetes networking provider.

Self-managed Kubernetes in DigitalOcean (DO) - 图1note

Kops support for DigitalOcean is currently in the early stages of development and subject to change. More information can be viewed at this link.

Before you begin…

How to

There are many ways to install and manage Kubernetes in DO. Using Kubernetes Operations (kops) is a good default choice for most people, as it gives you access to all of Calico’s flexible and powerful networking features. However, there are other options that may work better for your environment.

The geeky details of what you get:

PolicyIPAMCNIOverlayRoutingDatastore

Generate your DigitalOcean API token

An API token is needed by kops for the CRUD (Create, Read, Update and Delete) operations necessary for resources in your DigitalOcean account. Use this link to generate your API token and then export it as an environment variable.

  1. export DIGITALOCEAN_ACCESS_TOKEN=<API_ACCESS_TOKEN>

Create an object storage

DigitalOcean provides an S3 compatible storage API that Kops uses object storage to save your cluster status. You should create a Space using this link and export it.

  1. export KOPS_STATE_STORE=do://<your-space-name>
  2. export S3_ENDPOINT=<ENDPOINT>

Self-managed Kubernetes in DigitalOcean (DO) - 图2note

Using FQDN for S3_ENDPOINT causes an error. If your Space FQDN is my-test-space.nyc3.digitaloceanspaces.com just export my-test-space as <your-space-name> .

Generate an API key for object storage

Access to object storage requires an API key. Follow this tutorial and generate your keys then export them as environment variables.

  1. export S3_ACCESS_KEY_ID=<ACCESS_KEY_ID>
  2. export S3_SECRET_ACCESS_KEY=<SECRET_ACCESS_KEY>

Enable kops alpha feature

Enable alpha feature support using KOPS_FEATURE_FLAGS environment variable.

  1. export KOPS_FEATURE_FLAGS="AlphaAllowDO"

Create your cluster

Kops supports various options that enables you to customize your cluster the way you like.

  1. Add Calico to your cluster using --networking=calico.
  2. Kops requires an external DNS server in order to create a cluster, by adding .k8s.local suffix to --name= option you generate a gossip DNS to bypass this requirement.

Self-managed Kubernetes in DigitalOcean (DO) - 图3note

You can view a complete list of options supported by kops in this link.

  1. kops create cluster --cloud=digitalocean --name=calico-demo.k8s.local \
  2. --networking=calico --master-zones=nyc1 --zones=nyc1 \
  3. --master-count=1 --api-loadbalancer-type=public \
  4. --node-size=s-1vcpu-2gb --image=ubuntu-20-04-x64 --yes

You can further customize the Calico install with options listed in the kops documentation.

Cleanup

If you wish to remove resources created by this tutorial

  1. kops delete cluster calico-demo.k8s.local --yes

Use the DigitalOcean web UI to remove the API tokens and Space you created.

Next steps

Required

Recommended