I have 3 VPS based on Ubuntu 18.04 server and would like to build a kubernetes cluster.
I going to use Kubespray to install the Kubernetes cluster and my questions are:
- How to prepare servers, that they can talk to each other
For prepare your Ubuntu instances to install Kubernetes you could check this guide. Use the kubespray documentation to create your cluster.
- How to setup the firewall, that the communication between VPS do not block
- Is it possible to configure the firewall, to open particular port for a particular IP address. For example, only a VPS with 1.11.111.110 is allowed to access the port 10255 on VPS 1.11.111.111.
You could use iptables to make specific rule from you nodes, but I think it will be a challenge to manage theses rules for your service by hand... you could try but it will be really hard to manage and maintain.
What else do I have to consider?
I recommend this setup for understand how to Kubernetes works and for tests purposes, but it is not production-ready, the security of your node could be compromised since you are exposed the Kubernetes ports over the internet.
You can consider also use kubernetes as a single node, take a look is this link.
If you are using Kubespray, I strongly recommend just following their guidelines and documentation. They are very comprehensive and detailed.
In its current version, Kubespray is a comprehensive wrapper for kubeadm, adding a number of features missing from kubeadm itself.
In short, preparing hosts is a matter of allowing remote SSH from the control machine (which is usually your own desktop), prepare the inventory carefully reviewing all of its *.yaml
files. Once you configure the inventory and install a few python dependencies on the VPS hosts, just fire Kubespray from the terminal and wait.
Keep in mind that it's not a perfect tool, and there are flaws during the cluster lifecycle. But it will at least give you a headstart bootstrapping a full production ready cluster.