Minikube - HackMD

# Minikube  It is most convenient to use a linux machine, in particular, the latest Ubuntu which at the time of writing is `Ubuntu 20.04` (codename `focal`), as Ubuntu has, arguably, the best community support (on par with Arch Linux). I used to like Arch Linux until things start breaking. Also, Arch Linux bloats easily if one install packages recklessly; Arch is a depency hell. ## Ubuntu 20.04 Installation (in an LXC container) Suppose you are `<user>` on the machine `<host>` running `Ubuntu server 20.04`. We take advantage of the fact that `Ubuntu server 20.04` comes with `LXD/LXC` preinstalled. ### Create an LXC container The fact that `LXD` is preinstalled implies that you don't have to deal with its dependencies. However, the preinstalled `LXD` is managed by `snap` to be on the lastest branch. This introduces unstability. I use to recieve suprising error messages like `error: websocket: close 1006 (abnormal closure): unexpected EOF` from time to time. Hence, I suggest staying on a stable branch. Here's one approach (requires elevated privilege): ``` snap remove lxd apt install lxd ``` The resulting `LXD` installation is still managed by `snap` despite that the installation is issued by `apt`, yet the result is `LXD` on a fixed branch (fixed version instead of the generic `latest`); you can see this with `snap list`. First, make sure that `<user>@<host>` belongs to the `lxd` group. Issue the command `groups` and check that you see `lxd`. If not, run with superuser privilege: ``` usermod -aG lxd <user> ``` Log in again as `<user>@<host>` and issue the command `groups`; you ought to see `lxd` this time. Initialize LXD with `lxd init` (simply press enter for each prompt afterwards) for the first time if this was never done before. Now, you are ready to create an `LXC` vm. ``` lxc init images:ubuntu/focal/cloud <vm> --vm ``` P.S. `focal` is the code name for `ubuntu 20.04`. `cloud` denotes a `cloud-init` image, which must be used; otherwise the next step is unlikely to work. Resize the root partition size of the vm and set cpu/memory limits: ``` lxc config device override <vm> root size=<a>GB lxc config set <vm> limits.memory <b>GB lxc config set <vm> limits.cpu <c> ``` The minimum requirement is $(a,b,c) = (20,2,2)$. If your machine is more capable, I recommend $(a,b,c) = (256,8,4)$. Launch the vm with: ``` lxc start <vm> ``` Check whether the vm is assigned an ip address, i.e., whether the IPv4 field is occupied: ``` lxc list <vm> ``` If the ip address is not found, the solution can be found in the next subsection. Then, drop into the container as `root`: ``` lxc exec <vm> bash ``` You will be working in the `LXC` container from now on. If the vm is not assigned an ip address (this shouldn't be the case for a `cloud-init` vm image), pick a network interface `<nic>` besides `loopback` (`lo`), e.g., `enp5s0`, `eth1`, etc. Turn on the network interface and attach the `dhcp client` to it: ``` ip link set <nic> up dhclient <nic> ``` Do `ping google.com` to test the internet connection. Start by updating the system and upgrading packages: ``` apt update apt upgrade ```  ### Install minikube and related tools  Since we are working in a vm, we can run `minikube` with option `--driver=none`. In fact, I have tried using `minikube` in the vm with the `kvm2` and `docker` drivers, but they both proved my efforts unfruitful. Some packages must be installed first: ``` apt install curl iptables docker.io conntrack ``` Install [`kubectl`](https://kubernetes.io/docs/tasks/tools/install-kubectl/). ``` curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl install kubectl /usr/local/bin ``` Install [`minikube`](https://kubernetes.io/docs/tasks/tools/install-minikube/). ``` curl -Lo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 install minikube /usr/local/bin ``` ### Quick Start  Start `minikube` with: ``` minikube start --driver=none ``` If this commands is successfully executed, minikube is setup correctly. Minikube deploys a single `kubernetes` cluster with actual `kubernetes` tools that it installed for you. To stop a minikube or to delete the minikube instance do: ``` minikube stop minikube delete ``` Besides these operations, minikube is of no use. One will be controlling the kubernetes cluster with kubectl solely. To check that kubectl is functioning, run: ``` kubectl config view kubectl cluster-info kubectl get all ``` [Docuemntation for kubectl.](https://kubernetes.io/docs/reference/kubectl/overview/) Confirm that the ip stored in `apiserver` agrees with the kubernetes master ip: ``` APISERVER=$(kubectl config view | grep https | cut -f 2- -d ":" | tr -d " ") kubectl cluster-info | grep $APISERVER ``` Get the bearer token and access the apiserver with it. ``` TOKEN=$(kubectl describe secret -n kube-system $(kubectl get secrets -n kube-system | grep default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d '\t' | tr -d " ") curl $APISERVER --header "Authorization: Bearer $TOKEN" --insecure ``` ### Dashboard Suppose you have the two identities, `<user1>@<host1>` and `<user2>@<host2>`, and `<user2>@<host2>` has SSH access to `<user1>@<host1>`. E.g., `<user1>@<host1>` is your linux workstation account with minikube and kubectl installed, and `<user2>@<host2>` your Windows 10 account at home. You ran minikube as `<user1>@<host1>`, and you want to access said minikube dashboard (yet to be deployed) as `<user2>@<host2>`. A hassle free solution is to use SSH port forwarding. Obtain the identity `<user2>@<host2>`. E.g., open PowerShell on your Win10 desktop. Do: ``` ssh -L <port2>:127.0.0.1:8001 <user1>@<host1> ``` This allows `<user2>@<host2>` to access `<host1>:8001` via `<host2>:<port2>`. Executing the line above will land you in a shell with identity `<user1>@<host1>`. Now, deploy and start the dashboard as `<user1>@<host1>`, i.e., in the SSH shell: ``` kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0/aio/deploy/recommended.yaml kubectl proxy& ``` Don't logout the SSH just yet. If you do, SSH portforwarding will stop. In the browser of `<user2>@<host2>` go to this link: ``` http://localhost:<port2>/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/ ``` By now, you should see the sign in page to your kubernetes dashboard. It asks for either `token` or `kubeconfig`. Choose token, go back to the SSH shell, and run: ``` kubectl describe secret -n kube-system $(kubectl get secrets -n kube-system | grep default | cut -f1 -d ' ') | grep -E '^token' | cut -f2 -d':' | tr -d '\t' | tr -d " " ``` Paste the printed string into the login form. You should be able to log in to the dashboard. Still, keep the SSH shell active. Otherwise, you will lose connection to the dashboard; also, you will need it for future tokens, as tokens expire periodically. ## Minikube Addons Several common tools used alongside `kubernetes` are available as `minikube` addons. To list them: ``` minikube addons list ``` It is recommended to enable the following addons: ``` minikube addons enable dashboard minikube addons enable helm-tiller ``` `kubectl` doesn't have to installed separately. On can simply incur the `kubectl` that comes with minikube with: ``` minikube kubectl -- <options> ``` If this error message occurs: ``` Error: Failed to create storage pool 'default': Failed to run: zpool create -f -m none -O compression=on default /dev/sda1: invalid vdev specification the following errors must be manually repaired: /dev/sda1 is part of active pool 'default' ``` do ``` sudo zpool destroy default ``` ## Microk8s ``` snap install microk9s --classic ```