There are three nodes in the cluster:

  • kserver1 (etcd, controlplane)
  • kserver2 (etcd, controlplane, worker)
  • kserver3 (etcd, worker)




Docker Installation

We are going to install Docker by official documentation:

  • Uninstall old versions

sudo apt remove docker docker-engine containerd runc

  • Install packages to allow apt to use a repository over HTTPS:

sudo apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common

  • Add Docker’s official GPG key:

curl -fsSL | sudo apt-key add -

  • Set up the repository
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository "deb [arch=amd64] \
$(lsb_release -cs) \
  • Install Docker Engine
sudo apt update
sudo apt install docker-ce docker-ce-cli


Nodes configuration


Enable iptables Filtering on Bridge Devices net.bridge.bridge-nf-call-iptables on all three nodes.

sudo cat << EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1

sudo sysctl -p


Turn off swap on all servers.

sudo swapoff -a
sudo vi /etc/fstab


Kubectl installation

  • Set up the repository
curl -s | sudo apt-key add -
cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb kubernetes-xenial main
  • Install kubectl
sudo apt update
apt install -y kubectl=1.15.7-00

Thank you for reading!


Rancher Deployment

Deploy Rancher.

docker run -d --name rancher --privileged --restart=unless-stopped -p 80:80 -p 443:443 rancher/rancher:stable


Set a new passwordSetup Rancher URLCreate clusterCreate clusterSpecify Cluster nameChoose cluster roleCopy kubeconfig fileCopy kubeconfig file


Check nodes status.

kubectl get node


Generate and apply SSL certificates.

openssl req -x509 -nodes -days 1095 -newkey rsa:2048 -keyout thalamus.key -out thalamus.crt
kubectl create secret tls thalamus-tls --cert=thalamus.cert --key=thalamus.key


Clone Kubernetes manifests and apply kubernetes-manifests-ingress.yaml

git clone [email protected]:Thalamus-am/microservices-demo.git
cd microservices-demo/release/
kubectl apply -f kubernetes-manifests-ingress.yaml



There are no comments yet.
Authentication required

You must log in to post a comment.

Log in