I always wanted to run a small Kubernetes cluster at home.
Why not in cloud? Kubernetes in cloud is still expensive if it’s just for fun. And I have a couple mini computers at home, as well as desire to look how Kubernetes works on the network layer.
I was never satisfied with “fat” Linux distributions for running containers, and didn’t want to configure OS auto upgrades. Trying out CoreOS Container Linux sounded like a natural fit for my little pets.
Upd 2020-04-23: I have migrated to Flatcar Container Linux, which is more or less a drop-in replacement for CoreOS Container Linux
Anyway, I’ve decided to start with this:
I have two x64 mini computers, which are good candidates for Kubernetes nodes. They are not equal, but powerful enough. And they are unique to me, not only because they’re so different
That’s why I still treat them as pets, not cattle.
Image from StackExchange
One of them is called Nuc, and it’s breed is Intel NUC5PPYH.
Image from Amazon
Another one responds to Udoo, and it’s breed is Udoo x86 (first version from Kickstarter).
Image from Kickstarter
My edition is called UDOO X86 Advanced, and it has 4-core Celeron N3160, as well as 4Gb of RAM, but rather small 8Gb eMMC.
Both processors are quite similar in their performance, but Nuc has twice the memory and larger (but slower) HDD.
Both pets have Ethernet port, and I prefer stable wired connection with DHCP address reservation configured to their MAC addresses. But here’s the thing, it’s either Ethernet or monitor in my apartment . I had to choose either to plug the physical screen or the network. This somewhat drove the approach I’ve used for OS installation.
I’ve used two USB drives:
- One with the latest stable CoreOS ISO flashed by Balena Etcher. This ISO would be used to boot the CoreOS and run
- Another with couple of goodies:
coreos_production_image.bin.bz2(not to be confused with the ISO). That would be actually an image that is installed on the machine.
ignition.json, a CoreOS config file consumable by
- Latest stable
Here’s the process I’ve followed to install the OS:
- Generate a hash from the password:
mkpasswd --method=SHA-512 --rounds=4096should be used, as shown in an example
- I’m using the password for authentication as an alternative to SSH pubkey to log into the machine interactively, while it’s still connected to the screen, not network.
ignition.yaml, a human-readable version of CoreOS config file that contains:
- Password hash
- SSH pubkeys
- CoreOS autoupdate strategy
- I store my
ignition.yamlin the repo (without password hash and pubkey) as a reference, but CoreOS installer uses another config format, which is a less-readable
json. Latest Config Transpiler should be downloaded to create the JSON config:
ct < ignition.yaml > ignition.json. There’s even a validation service to check that config is well-formed.
- Resulting config is written to a USB drive (different from the one where bootable ISO is flashed), alongside with the
- After computer is booted from the CoreOS ISO run the installation command:
coreos-install -d /dev/target-disk -i /path/to/ignition.json -f /path/to/image.bin.bz2, where:
target-diskis the disk where CoreOS should be installed (disk, not a partition). CoreOS will erase the entire disk and create a new partition table.
/path/tois path to the second USB drive (previously needs to be
mount’ed), containing both the image & ignition config.
# Replace <PWD_HASH> with the password hash (or remove line if it's not necessary) # Replace <SSH_PUBKEY> with the SSH public key. Add as many as you wish # Download Config Transpiler: https://github.com/coreos/container-linux-config-transpiler/releases/latest # Run ct < ignition.yaml > ignition.json to generate the resulting config passwd: users: - name: core # https://coreos.com/os/docs/latest/clc-examples.html#generating-a-password-hash # mkpasswd --method=SHA-512 --rounds=4096 password_hash: "<PWD_HASH>" ssh_authorized_keys: - <SSH_PUBKEY> update: group: stable locksmith: reboot_strategy: reboot
If you’re lucky, then CoreOS would be installed on your machine. You can login either with the password, or an SSH key. It doesn’t have much services installed, and there isn’t any package manager to install more. The idea is to spin up containers to do the work.
And the next step would be Kubernetes installation to run containers at scale.