Kubernetes

tutorial

The basic requirements to run the Mender Server on Kubernetes are:

In this section, we guide you by installing a Kubernetes cluster using k3s for evaluation purposes. Please don't consider installing the Kubernetes cluster described here as a complete, production-grade setup. The installation of the cluster and the related infrastructure is the responsibility of the user.

Installation of Kubernetes

If you don't have a ready-to-use Kubernetes cluster you can install K3S, a lightweight certified Kubernetes distribution.

For example, on a machine with Ubuntu 20.04 (e.g. an instance from AWS EC2 or DigitalOcean), you can install Kubernetes running:

curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

Read and confirm shell script content before piping from curl to the shell.
Never run scripts from the internet before knowing what they do.

After a few seconds, your Kubernetes cluster will be ready:

kubectl get nodes
NAME     STATUS   ROLES                  AGE   VERSION
host     Ready    control-plane,master   2m    v...

Installation of Helm

Helm is the package manager for Kubernetes. Please refer to the Helm official documentation to install the Helm CLI on your system.

To install the latest version of the Helm package manager, run:

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Read and confirm shell script content before piping from curl to the shell.
Never run scripts from the internet before knowing what they do.

To verify helm is correctly installed, you can list the installed applications running:

helm version

To list the applications installed, run:

helm list
NAME  NAMESPACE   REVISION    UPDATED STATUS  CHART   APP VERSION

Installation of cert-manager (optional)

cert-manager automates certificate management in cloud native environments. It builds on top of Kubernetes to provide X.509 certificate management, including integration with Let's Encrypt.

To install cert-manager on the Kubernetes cluster using the Helm chart, run:

helm repo add jetstack https://charts.jetstack.io
helm repo update
helm install cert-manager jetstack/cert-manager \
  --version v1.4.0 \
  --set installCRDs=true

Create the Let's Encrypt issuer:

export LETSENCRYPT_SERVER_URL="https://acme-v02.api.letsencrypt.org/directory"
export LETSENCRYPT_EMAIL="your-email@example.com"

cat >issuer-letsencrypt.yml <<EOF
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  name: letsencrypt
spec:
  acme:
    server: ${LETSENCRYPT_SERVER_URL}
    email: ${LETSENCRYPT_EMAIL}
    privateKeySecretRef:
      name: letsencrypt
    solvers:
    - http01:
        ingress: {}
EOF

kubectl apply -f issuer-letsencrypt.yml

Found errors? Think you can improve this documentation? Simply click the Edit link at the top of the page, and then the icon on Github to submit changes.