Deploy a Kubernetes Cluster with Service Mesh on DigitalOcean Using K3s

This guide will help you set up a Kubernetes cluster, including a service mesh using k3s (at the time of writing at version 0.10.2) and Rio. We’ll deploy the cluster on DigitalOcean. Ubuntu 18.04 LTS will be OS during this tutorial.
If you sign up to DigitalOcean using this link you’ll receive $50 to spend on their services over 30 days.
If you wish to run your cluster on your own hardware, you could do so on Raspberry Pis (ARM64) or Intel NUCs (x86_64) for example.
This tutorial will result in a three node cluster with one Kubernetes master and two workers.
Prepare
This tutorial assumes you have a domain name. If you don’t have one, you can register one at Porkbun for example. In this tutorial we’ll use example.com
(replace it when you see it).
Next, create three Droplets on DigitalOcean running Ubuntu 18.04 LTS with “Private networking” enabled. Make sure they are all in the same datacenter.
Create DNS records pointing at the (public) IP addresses of your nodes. How you do this depends on your DNS provider or domain registrar. Please refer to their documentation. In this tutorial the nodes will have the FQDNs node-1.example.com
, node-2.example.com
and node-3.example.com
.
Make note of the private IP address of each node. If you’re using DigitalOcean, you can find the private IP address in the DigitalOcean web console or using the DigitalOcean command line tool.
Also, make sure that port 6443
is open for incoming connections for your nodes in your firewall.
Make sure you are logged in as root (sudo su -
) when executing the commands in this tutorial.
Configure the Nodes
Note: The following should be run on all nodes.
Start by upgrading the system:
# apt update && apt upgrade -y
If the kernel was upgraded when running apt pgarde -y
, reboot:
# reboot
Next, add the hostnames and private IP addresses to the /etc/hosts
file (replace example.com
with your domain):
# echo "11.11.11.11 node-1.example.com" >> /etc/hosts # 11.11.11.11 is the private IP of node 1 (master)
# echo "22.22.22.22 node-2.example.com" >> /etc/hosts # 22.22.22.22 is the private IP of node 2 (worker)
# echo "33.33.33.33 node-3.example.com" >> /etc/hosts # 33.33.33.33 is the private IP of node 3 (worker)
Deploy the Kubernetes Master
Note: The following should be run on the master node.
Log back in to the designated master node, in this tutorial it’s node-1.example.com
.
Run the following command to install k3s
as master, with the private IP address for internal cluster use and exposing the public IP address for external use (replace <private ip>
with your private IP address, and <public ip>
with your public IP address):
# curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--advertise-address <private ip> --node-external-ip <public ip>" sh -
Now grab the join
token, which we’ll need to join the workers to the cluster (copy the output of the command):
# cat /var/lib/rancher/k3s/server/node-token
Deploy the Kubernetes Workers
Note: The following should be run on the worker node(s).
Install k3s
on the worker nodes and join the worker to the cluster. Replace node-1.example.com
below with the hostname of your Kubernetes master, MY_K3S_TOKEN
with the join
token you grabbed in the previous part of the tutorial, and <public ip>
with the public IP of your worker node:
Run:
# curl -sfL https://get.k3s.io | K3S_URL=https://node-1.example.com:6443 INSTALL_K3S_EXEC="--node-external-ip <public ip>" K3S_TOKEN="MY_K3S_TOKEN" sh -
Deploy Rio Service Mesh
At the time of writing, there is a bug preventing Rio from installing on the latest version of
k3s
(0.10.2)!
Note: The following should be run on the master node.
On your master node, install rio
by running the following commands:
# curl -sfL https://get.rio.io | sh -
# rio install
To make sure the Rio service mesh pods are up and running, run:
# kubectl get po -n rio-system
Run the following to use your own domain name instead of example.onrio.io
:
rio domain register www.example.com default/route1
Troubleshooting
- Make sure the required ports are open in your firewall
- Check the k3s and Rio issue trackers to see if you’ve encountered a bug (at the time of writing, there is a bug in Rio that may prevent it from properly installing)
Last Words
That should do it! 😀 You should have a k3s
cluster running with a Rio supplied service mesh.
If you plan on use this cluster for anything serious, you should continue by configuring firewalls and taking other measures to make sure your cluster is secure.
To learn more about Kubernetes, check out the Kubernetes documentation, the k3s documentation, and maybe read a few books:
- Kubernetes: Up and Running: Dive into the Future of Infrastructure
- Cloud Native DevOps with Kubernetes: Building, Deploying, and Scaling Modern Applications in the Cloud
- The Kubernetes Book
Audible has a number of books on Kubernetes. If you sign up using this link you’ll get 30 days for free!
Hope you learned something reading through this tutorial! 😊 In future tutorials we’ll configure a k3s
cluster with High Availability (HA) features.