Table of Contents
Joli Kluster is a way to deploy a fully operational local production kubernetes cluster based on Kind.
Joli Kluster's goal is to deploy locally a production-ready kubernetes cluster. By ready for production I mean by the implementation of basic technical stack in order to manage:
- Monitoring - Prometheus Stack
- Logging - Loki
- Metrics - Metric Server
- GitOps - ArgoCD
- Ingress / Edge Router - Traefik
- BareMetal Load Balancer - MetalLB
- Secrets Management - Bitnami Sealed Secret
- Virtual Cluster - Vcluster
- Cloud Native Control Planes - Crossplane
- IAM Solution - Keycloak
- Policy Engine - Kyverno
- Cost Management - Kubecost
- SSL Management - LetsEncrypt ACME Client Implementations for Traefik
- DNS Provider - Gandi
Demo applications will also be deployed on the cluster. Thanks to Alexwhen.
This section should list any major frameworks/libraries used to bootstrap your project. Leave any add-ons/plugins for the acknowledgements section. Here are a few examples.
This stack is for Developers, DevOps engineers, Kubernetes Developers and Administrators. There is a lot of prerequisites packages you need to install locally before deploying the full stack. Actually, the stack is only MacOS compatible.
Brew - A Package Manager for macOS
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
Docker - An open platform for developing, shipping, and running containerized applications
brew install docker
Docker Mac Net Connect - To connect directly to Docker-for-Mac containers via IP address.
# Install via Homebrew
brew install chipmk/tap/docker-mac-net-connect
# Run the service and register it to launch at boot
sudo brew services start chipmk/tap/docker-mac-net-connect
Terraform - An open-source, infrastructure as code software tool.
brew tap hashicorp/tap
brew install hashicorp/tap/terraform
Kubectl - The Kubernetes command-line tool to run commands against Kubernetes clusters.
brew install kubectl
Helm - The Kubernetes package manager.
brew install helm
Gum - A tool for glamorous shell scripts.
brew install gum
Kubeseal - The client-side utility for Bitnami Sealed Secrets.
brew install kubeseal
Kind - A tool for running local Kubernetes clusters using Docker container “nodes".
brew install kind
Gandi - A DNS Provider. The Traefik stack is based on this DNS Provider for SSL implementation and ACME Challenge.
- Create a temp kind cluster to retreive the docker network IPAM information
# create temp cluster
kind create cluster --name temp
# retreive IPAM information for kind network
docker network inspect --format "{{(index .IPAM.Config 0).Subnet}}" kind
# note the CIDR Range for your kind cluster (example: 172.18.0.0/16) and delete the temp cluster
kind delete cluster --name temp
-
From your kind network IP range, you must pick some IPs addresses for MetalLB. It will allow us to deploy Kubernetes Load Balancer Service type for all our applications reachable outside the cluster (example;: from my master range 172.18.0.0/16, I pick these IPs 172.18.0.150-172.18.0.200. So my first LB will pick the 172.18.0.150 IP address).
-
Create a A record on your GANDI Provider for your futur Wildcard SAN Certificate. IP addresse should be the first one pick previously (example: 172.18.0.150). This IPs will be used by Ingress Controller Traefik.
Example for mydomain.com
Name : *.sub
Type : A
TTL : 300
Value : 172.18.0.150
- Clone the repo
git clone [email protected]:beninanutshell/wam-tf-kind.git
- Change your Load Balancer IPs addresses for MetalLB inside the Helm's values.yaml line 29
configInline: address-pools: - name: default protocol: layer2 addresses: - 172.18.0.150-172.18.0.200 # change it with your IPs. Here you can see that I reserved 50 IPS for my LB. That"s huge ;)
- Go inside the bootstrap folder, make all the shell files executable, play that song and follow the guide.
cd bootstrap/ chmod +x *.sh ./0-init.sh
- For cleaning your local Environnement, go inside the bootstrap folder and play that song.
cd bootstrap/ ./6-clean.sh
Use this space to show useful examples of how a project can be used. Additional screenshots, code examples and demos work well in this space. You may also link to more resources.
For more examples, please refer to the Documentation
- Make a clean README.md file
- Clean all orphan source files
- Add Cert Manager for Self Signed Issuer Certificates and remove GANDI lockin
- Multi-platforme implementation
- Add license.txt
- Improve shell scripts and terraform files
- Comments
- Outputs for Terraform
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature
) - Commit your Changes (
git commit -m 'Add some AmazingFeature'
) - Push to the Branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
Distributed under the MIT License. See LICENSE.txt
for more information.
- Deploying keycloak on kubernetes cluster
- Securing Grafana with Keycloak SSO
- Kind, Keycloak and ArgoCD with SSO
- Google Kubernetes Engine, CircleCI and Traefik for a full-fledged GitOps platform in the cloud
- Kyverno Installation
- Crossplane & Vcluster
- Docker Connect directly to Docker-for-Mac containers via IP address
- Readme Best README template
- Mario JS
Benjamin Coutellier - [email protected]
Project Link: https://github.com/beninanutshell/wam-tf-kind