SlideShare a Scribd company logo

Deploying Kubernetes on GCP with Kubespray

Altoros
Altoros

The document outlines a presentation on deploying Kubernetes using Kubespray, detailing the pros and cons of various tools such as kops, kubeadm, and kubo. It provides a step-by-step guide for deploying a Kubernetes cluster on Google Cloud Platform (GCP) using Terraform and includes commands for key tasks like generating SSH keys and running Ansible playbooks. Recommendations include using a release version of Kubespray and employing specific flags to enhance deployment reliability.

Technology
1 of 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
June 12, 2018 | 5:00 pm Silicon Valley, CA, USA Deploying Kubernetes with kubespraySergey Matykevich Cloud Foundry Engineer Altoros
Kubernetes automation ● kops ● kubeadm ● kubo ● kubespray
kops Pros: ● Automates both infrastructure creation and cluster startup ● Uses cloud providers native features ● Support updates and upgrades ● Is maintained by kubernetes team Cons: ● Limited infrastructure support (AWS, GCP) ● Still in alpha
kubeadm Pros: ● The most flexible tool ● Suitable for bare metal installations Cons: ● Don’t provision infrastructure. ● Require a lot of manual work
kubo Pros: ● Uses BOSH ● Support multiple cloud providers ● Monitors health of your cluster Cons: ● Uses BOSH ● Require BOSH specific knowledge ● Might be difficult to customize
Kubespray Pros: ● Supports multiple deployment ● Reasonable security by default ● Automatic HA ● Supports upgrades ● Under the hood uses kubeadm ● If you know ansible you know Kubespray ● Easy to customize for exposed items Cons: ● If you pull straight from master you might be in trouble fast ● Uses Ansible ● Can be slow ● Not everything is idempotent (cert changes) ● Still some lacking items, like l7 load balancers in gcp ● Can get complicated for customizations not exposed
Kubespray A couple of recommendations: Use a release version to base your work off of KubeSpray uses ansible so one thing I would recommend if you are experimenting or just deploying to different environments is use --flush-cache What am I showing today? ● Deploy to GCP ● Use terraform to follow infra as code ● Cookie cutter templates for multiple environments
Prerequisites GCP Service account
Step 1: Create ssh keys # Create new rsa keys if [ ! -f cust_id_rsa ] ; then ssh-keygen -t rsa -b 2048 -f cust_id_rsa -q -N "" fi # Load keys eval $(ssh-agent) ssh-add -D ssh-add cust_id_rsa
Step 2: Run terraform terraform init terraform plan -out cust.plan terraform apply cust.plan
Private version GCP network Nat gateway Load balancer Private subnet jumpbox Master instance group Worker instance group
Public version GCP network Load balancer Public subnet jumpbox Master instance group Worker instance group
Step 3: Get cluster ips bastion_ip=$(terraform output bastion_ip) lb_ip=$(terraform output lb_ip) master_ips=$(gcloud compute instances list --filter="${res_prefix}-masters" --format=json |jq -r '.[].networkInterfaces[].networkIP'|tr "n" " "| sed -e "s/ {1,}$//") node_ips=$(gcloud compute instances list --filter="${res_prefix}-workers" --format=json |jq -r '.[].networkInterfaces[].networkIP'|tr "n" " "| sed -e "s/ {1,}$//")
Step 4: Clone kubespay repo git clone https://github.com/kubernetes-incubator/kubespray.git cd kubespray && git checkout ${kubespray_version}
Step 5: Apply customizations # bring in modifications, in particular security changes rsync -avz $git_root/mods/roles/* roles/
Step 5: Generate inventory [all] master1 ansible_ssh_host=10.0.0.8 ip=10.0.0.8 ... [kube-master] master1 master2 master3 [etcd] master1 master2 master3 ...
Step 6: Run the playbook ansible-playbook -vvv -i inventory/hosts.ini cluster.yml --flush-cache
Step 7: Connect to the cluster #change the admin.conf file to the current lb_ip sed -i -e "s/lb-apiserver.kubernetes.local/$lb_ip/g" inventory/artifacts/admin.conf ## echo out set KUBECONFIG echo "Set your KUBECONFIG" echo "export KUBECONFIG=$(pwd)/inventory/artifacts/admin.conf"
Additional playbooks upgrade-cluster.yml scale.yml
Questions?

More Related Content

Similar to Deploying Kubernetes on GCP with Kubespray (20)

PDF
CI/CD Across Multiple Environments
Karl Isenberg
 
PDF
Effective Platform Building with Kubernetes. Is K8S new Linux?
Wojciech Barczyński
 
PDF
How dorma+kaba leverages and deploys on CloudFoundry - CloudFoundry Summit Eu...
Adriano Raiano
 
PPTX
Kubernetes Manchester - 6th December 2018
David Stockton
 
PDF
Running and Managing Kubernetes on OpenStack
Victor Palma
 
PDF
Deploying WSO2 API Manager in Production-Grade Kubernetes
WSO2
 
PDF
Terraforming your Infrastructure on GCP
Samuel Chow
 
PDF
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
PDF
5 - Hands-on Kubernetes Workshop:
Kangaroot
 
PDF
Pro2516 10 things about oracle and k8s.pptx-final
Michel Schildmeijer
 
PDF
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
CloudOps2005
 
PDF
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Anthony Dahanne
 
PDF
Deploying kubernetes at scale on OpenStack
Victor Palma
 
PPTX
A Million ways of Deploying a Kubernetes Cluster
Jimmy Lu
 
PDF
Best practices in Deploying SUSE CaaS Platform v3
Juan Herrera Utande
 
PPTX
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Oleg Shalygin
 
PDF
Kubernetes and Hybrid Deployments
Sandeep Parikh
 
PDF
CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue
ShapeBlue
 
PDF
Kubernetes as a Concrete Abstraction Layer
KarenBruner
 
PDF
Running Production-Grade Kubernetes on AWS
DoiT International
 
CI/CD Across Multiple Environments
Karl Isenberg
 
Effective Platform Building with Kubernetes. Is K8S new Linux?
Wojciech Barczyński
 
How dorma+kaba leverages and deploys on CloudFoundry - CloudFoundry Summit Eu...
Adriano Raiano
 
Kubernetes Manchester - 6th December 2018
David Stockton
 
Running and Managing Kubernetes on OpenStack
Victor Palma
 
Deploying WSO2 API Manager in Production-Grade Kubernetes
WSO2
 
Terraforming your Infrastructure on GCP
Samuel Chow
 
Zero-downtime deployment of Micro-services with Kubernetes
Wojciech Barczyński
 
5 - Hands-on Kubernetes Workshop:
Kangaroot
 
Pro2516 10 things about oracle and k8s.pptx-final
Michel Schildmeijer
 
To Russia with Love: Deploying Kubernetes in Exotic Locations On Prem
CloudOps2005
 
Kubernetes for java developers - Tutorial at Oracle Code One 2018
Anthony Dahanne
 
Deploying kubernetes at scale on OpenStack
Victor Palma
 
A Million ways of Deploying a Kubernetes Cluster
Jimmy Lu
 
Best practices in Deploying SUSE CaaS Platform v3
Juan Herrera Utande
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
Oleg Shalygin
 
Kubernetes and Hybrid Deployments
Sandeep Parikh
 
CloudStack Tooling Ecosystem – Kiran Chavala, ShapeBlue
ShapeBlue
 
Kubernetes as a Concrete Abstraction Layer
KarenBruner
 
Running Production-Grade Kubernetes on AWS
DoiT International
 

More from Altoros (20)

PDF
Maturing with Kubernetes
Altoros
 
PDF
Kubernetes Platform Readiness and Maturity Assessment
Altoros
 
PDF
Journey Through Four Stages of Kubernetes Deployment Maturity
Altoros
 
PPTX
SGX: Improving Privacy, Security, and Trust Across Blockchain Networks
Altoros
 
PPTX
Using the Cloud Foundry and Kubernetes Stack as a Part of a Blockchain CI/CD ...
Altoros
 
PPTX
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
Altoros
 
PPTX
Crap. Your Big Data Kitchen Is Broken.
Altoros
 
PDF
Containers and Kubernetes
Altoros
 
PPTX
Distributed Ledger Technology for Over-the-Counter Trading
Altoros
 
PPTX
5-Step Deployment of Hyperledger Fabric on Multiple Nodes
Altoros
 
PPTX
UAA for Kubernetes
Altoros
 
PPTX
Troubleshooting .NET Applications on Cloud Foundry
Altoros
 
PPTX
Continuous Integration and Deployment with Jenkins for PCF
Altoros
 
PPTX
How to Never Leave Your Deployment Unattended
Altoros
 
PPTX
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Altoros
 
PDF
Smart Baggage Tracking: End-to-End Sensor-Based Solution
Altoros
 
PPTX
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
Altoros
 
PPTX
AI as a Catalyst for IoT
Altoros
 
PPTX
Over-Engineering: Causes, Symptoms, and Treatment
Altoros
 
PPTX
What's New in the Cloud Foundry Ecosystem?
Altoros
 
Maturing with Kubernetes
Altoros
 
Kubernetes Platform Readiness and Maturity Assessment
Altoros
 
Journey Through Four Stages of Kubernetes Deployment Maturity
Altoros
 
SGX: Improving Privacy, Security, and Trust Across Blockchain Networks
Altoros
 
Using the Cloud Foundry and Kubernetes Stack as a Part of a Blockchain CI/CD ...
Altoros
 
A Zero-Knowledge Proof: Improving Privacy on a Blockchain
Altoros
 
Crap. Your Big Data Kitchen Is Broken.
Altoros
 
Containers and Kubernetes
Altoros
 
Distributed Ledger Technology for Over-the-Counter Trading
Altoros
 
5-Step Deployment of Hyperledger Fabric on Multiple Nodes
Altoros
 
UAA for Kubernetes
Altoros
 
Troubleshooting .NET Applications on Cloud Foundry
Altoros
 
Continuous Integration and Deployment with Jenkins for PCF
Altoros
 
How to Never Leave Your Deployment Unattended
Altoros
 
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Altoros
 
Smart Baggage Tracking: End-to-End Sensor-Based Solution
Altoros
 
Navigating the Ecosystem of Pivotal Cloud Foundry Tiles
Altoros
 
AI as a Catalyst for IoT
Altoros
 
Over-Engineering: Causes, Symptoms, and Treatment
Altoros
 
What's New in the Cloud Foundry Ecosystem?
Altoros
 
Ad

Recently uploaded (20)

PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
PDF
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 
PDF
Future-Proof or Fall Behind? 10 Tech Trends You Can’t Afford to Ignore in 2025
DIGITALCONFEX
 
PPTX
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
PDF
Kit-Works Team Study_20250627_한달만에만든사내서비스키링(양다윗).pdf
Wonjun Hwang
 
PDF
AI Agents in the Cloud: The Rise of Agentic Cloud Architecture
Lilly Gracia
 
PDF
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
PPTX
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
PDF
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
PDF
LOOPS in C Programming Language - Technology
RishabhDwivedi43
 
PPTX
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
PDF
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
PDF
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
PDF
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
PDF
“Computer Vision at Sea: Automated Fish Tracking for Sustainable Fishing,” a ...
Edge AI and Vision Alliance
 
PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
SIZING YOUR AIR CONDITIONER---A PRACTICAL GUIDE.pdf
Muhammad Rizwan Akram
 
DOCX
Cryptography Quiz: test your knowledge of this important security concept.
Rajni Bhardwaj Grover
 
PDF
What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSides
Mark Simos
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
Newgen 2022-Forrester Newgen TEI_13 05 2022-The-Total-Economic-Impact-Newgen-...
darshakparmar
 
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 
Future-Proof or Fall Behind? 10 Tech Trends You Can’t Afford to Ignore in 2025
DIGITALCONFEX
 
The Project Compass - GDG on Campus MSIT
dscmsitkol
 
Kit-Works Team Study_20250627_한달만에만든사내서비스키링(양다윗).pdf
Wonjun Hwang
 
AI Agents in the Cloud: The Rise of Agentic Cloud Architecture
Lilly Gracia
 
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
Bitcoin for Millennials podcast with Bram, Power Laws of Bitcoin
Stephen Perrenod
 
LOOPS in C Programming Language - Technology
RishabhDwivedi43
 
From Sci-Fi to Reality: Exploring AI Evolution
Svetlana Meissner
 
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
“Computer Vision at Sea: Automated Fish Tracking for Sustainable Fishing,” a ...
Edge AI and Vision Alliance
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
SIZING YOUR AIR CONDITIONER---A PRACTICAL GUIDE.pdf
Muhammad Rizwan Akram
 
Cryptography Quiz: test your knowledge of this important security concept.
Rajni Bhardwaj Grover
 
What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSides
Mark Simos
 
Ad

Deploying Kubernetes on GCP with Kubespray

  • 1. June 12, 2018 | 5:00 pm Silicon Valley, CA, USA Deploying Kubernetes with kubespraySergey Matykevich Cloud Foundry Engineer Altoros
  • 2. Kubernetes automation ● kops ● kubeadm ● kubo ● kubespray
  • 3. kops Pros: ● Automates both infrastructure creation and cluster startup ● Uses cloud providers native features ● Support updates and upgrades ● Is maintained by kubernetes team Cons: ● Limited infrastructure support (AWS, GCP) ● Still in alpha
  • 4. kubeadm Pros: ● The most flexible tool ● Suitable for bare metal installations Cons: ● Don’t provision infrastructure. ● Require a lot of manual work
  • 5. kubo Pros: ● Uses BOSH ● Support multiple cloud providers ● Monitors health of your cluster Cons: ● Uses BOSH ● Require BOSH specific knowledge ● Might be difficult to customize
  • 6. Kubespray Pros: ● Supports multiple deployment ● Reasonable security by default ● Automatic HA ● Supports upgrades ● Under the hood uses kubeadm ● If you know ansible you know Kubespray ● Easy to customize for exposed items Cons: ● If you pull straight from master you might be in trouble fast ● Uses Ansible ● Can be slow ● Not everything is idempotent (cert changes) ● Still some lacking items, like l7 load balancers in gcp ● Can get complicated for customizations not exposed
  • 7. Kubespray A couple of recommendations: Use a release version to base your work off of KubeSpray uses ansible so one thing I would recommend if you are experimenting or just deploying to different environments is use --flush-cache What am I showing today? ● Deploy to GCP ● Use terraform to follow infra as code ● Cookie cutter templates for multiple environments
  • 9. Step 1: Create ssh keys # Create new rsa keys if [ ! -f cust_id_rsa ] ; then ssh-keygen -t rsa -b 2048 -f cust_id_rsa -q -N "" fi # Load keys eval $(ssh-agent) ssh-add -D ssh-add cust_id_rsa
  • 10. Step 2: Run terraform terraform init terraform plan -out cust.plan terraform apply cust.plan
  • 11. Private version GCP network Nat gateway Load balancer Private subnet jumpbox Master instance group Worker instance group
  • 12. Public version GCP network Load balancer Public subnet jumpbox Master instance group Worker instance group
  • 13. Step 3: Get cluster ips bastion_ip=$(terraform output bastion_ip) lb_ip=$(terraform output lb_ip) master_ips=$(gcloud compute instances list --filter="${res_prefix}-masters" --format=json |jq -r '.[].networkInterfaces[].networkIP'|tr "n" " "| sed -e "s/ {1,}$//") node_ips=$(gcloud compute instances list --filter="${res_prefix}-workers" --format=json |jq -r '.[].networkInterfaces[].networkIP'|tr "n" " "| sed -e "s/ {1,}$//")
  • 14. Step 4: Clone kubespay repo git clone https://github.com/kubernetes-incubator/kubespray.git cd kubespray && git checkout ${kubespray_version}
  • 15. Step 5: Apply customizations # bring in modifications, in particular security changes rsync -avz $git_root/mods/roles/* roles/
  • 16. Step 5: Generate inventory [all] master1 ansible_ssh_host=10.0.0.8 ip=10.0.0.8 ... [kube-master] master1 master2 master3 [etcd] master1 master2 master3 ...
  • 17. Step 6: Run the playbook ansible-playbook -vvv -i inventory/hosts.ini cluster.yml --flush-cache
  • 18. Step 7: Connect to the cluster #change the admin.conf file to the current lb_ip sed -i -e "s/lb-apiserver.kubernetes.local/$lb_ip/g" inventory/artifacts/admin.conf ## echo out set KUBECONFIG echo "Set your KUBECONFIG" echo "export KUBECONFIG=$(pwd)/inventory/artifacts/admin.conf"

Editor's Notes