gce-centos-k8s/docs/0_Environment_Setup.md

Setting up Kubernetes on CentOS on GCE

Google Cloud provides US$300 of free credit for one year when first signing up for Google Cloud. This credit can be used to demonstrate Kubernetes running on CentOS and provide a great learning playground at no cost. I have written a series of scripts (heavily inspired/copied from Kubernetes: The Hard Way by Kelsey Hightower) to automate this deployment using CentOS on GCE.

This first script is used to collect details that will be used to set up the Kubernetes environment on the GCE Cloud. A series of questions will be asked and the responses saved to a config file for later use.

You must have logged into the Google Cloud via the SDK for this whole process to work correctly.

The information you're asked for is as follows:

• Google Compute Region to use. This can be any Google Compute Region - obviously if it is geographically closer to you, the response should be faster (or of lower latency). Nothing that is performed in this set of scripts/exercises requires the region to be nearby though, and the US regions tend to be the lowest cost options on the Google Cloud. As such, the default region to use is US-West-1 (us-west-1)

• Google Compute Zone to use. This will depend upon the region chosen previously. No error checking is performed, so you will need to be certain that you choose a valid zone for the previously selected region. If the zone does not exist in the region, then the later scripts will simply fail. Again, a default is chosen based on the lowest cost option, and is set to US West1 C (us-west1-c)

• Google Compute Project to use. The scripts will not create a new project, so you should have a project already created on the Google Cloud Console. You will need to provide the unique name of the project here.

• Kubernetes version to use (tested with 1.10.2, 1.10.3, 1.10.5, and 1.10.6 - 1.10.6 is the default. 1.11.x have not been tested and might work)

• The scripts will create a new network (VPC) to operate on. This needs to be given a name. The default is set to kubernetes (avoid using underscores in Google Cloud object names).

• Within this network a subnet for the Kubernetes nodes and masters must be created, and also given a name. The default is set to kubernetes-subnet.

• A public IP address will be created for the Kubernetes cluster, and will also have a name. The default is set to kube-public-ip.

• The Kubernetes subnet should have a CIDR network address associated to it. This is the address range that the masters and nodes will share and communicate over. By default (and in most Kubernetes examples) this is set to 10.240.0.0/24. You can change this if you want - however there should be no compelling reason to.

• The script will then attempt to calculate the network part of the CIDR address entered previously. If using the default values, this should be 10.240.0 - if you are using your own network address values, you need to ensure that this is set correctly.

• The CIDR network address used by the Kubernetes pods is set next. This is the network range used by the containers running in the pods. This should be a separate network address space to that used by the nodes and masters. By default, this is set to 10.200.0.0/16. The overall address space is set to use a Class B pool, with each Kubernetes node using a Class C sub-division of this space. e.g. 10.200.0.0/16 is the overall network, and node1 will use 10.200.1.0/24 for the pods hosted on node1.

• Again, the script attempts to calculate the network part of the address specified, and should default to 10.200 - if using your own values, ensure this is set correctly.

• The script will also attempt to calculate the address space prefix (netmask) to be used for the nodes. Given the defaults above, the prefix would be set to 24.

• A firewall rule will be created to allow traffic to flow between nodes internally. This firewall rule requires a name. The default is set to kubernetes-allow-internal.

• A second firewall rule to allow traffic from the external (Internet) network must be created to allow traffic such as SSH, Kubernetes, and HTTP. This rule name is set by default to kubernetes-allow-external

• The script will then ask how many master nodes in the Kubernetes the user wants to create. The default is set to 2 (to demonstrate a multi-master configuration). The more nodes created, the more expensive the cluster will be.

• Finally, the number of worker nodes is required. As per the master nodes, the default is set to 2, but this can be increased. More nodes will be more expensive.

The environment script saves these variables in a file named .gce_kubernetes.config for use in subsequent scripts.

The script is set up to use Google Compute Engine g1-small instances which have few resources. The resulting Kubernetes cluster will not be able to host many containers, but should be able to demonstrate small deployments. The instance size can be increased or the number of nodes can be increased (both at increased cost). It would be possible to prompt for this setting as well in a future version.

Subsequent scripts are then used to create the Kubernetes controller and worker nodes useing the information previously supplied. Sticking to the default values should just work. The final script should perform a series of tests to validate that the kubernetes cluster is functional and accessible.

There is a final script present that should tear down the existing configuration and delete all GCE resources which should mean billing caused by the kubernetes environment is stopped.