Piotr Rusin

Software Engineer | Deliberate Practitioner | Husband

Learning Project: Kubernetes Application Developer


UPDATE 19th Aug 2023: this project was abandoned


I want to build an automation stack for my personal DevOps projects and other future endeavors. There is also some organizational pressure on K8s. This is a great chance to get familiar with it.

I want to pass the CKAD certificate to measure the effectiveness of my studies.

Starting Point

No prior knowledge about k8s.

Goals

Passing Certified Kubernetes Application Developer (CKAD)

Constraints

One month, starting now (June 30, 2023) and ending on July 30, 2023.

Learning Materials & Approach

A Cloud Guru course. Practice tests. Practice projects.

3-5 hours of studying per day.

Roadmap & Planning

Week I (Jun 30 - Jul 6)

We had a grill party during the weekend, so two days are out of this week.

Week II (Jul 7 - Jul 13)

ACG course, getting familiar with K8s docs, planning cluster activities.

Week III (Jul 14 - Jul 20)

We are going on vacation July 14 - July 18, so 5 days are out this week.

Jun 19 - travel to Krakow.

Little time to study.

Week IV (Jul 20 - Jul 27)

Practice exams at ACG.

Practice exams at killer.sh

Week V (Jul 28 - Jul 30)

Taking the exam.

Progress

Week I

001 - June 30th, 2023 (2h)

Setting up this post with constraints, goals, and learning materials.

I started watching the ACG course. I'm going to use EC2 for practice.


002 - Jul 1st, 2023 (2h)

Installation

Reference: ACG GitHub

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF
sudo sysctl --system
sudo apt-get update && sudo apt-get install -y ca-certificates curl gnupg lsb-release apt-transport-https
sudo mkdir -m 0755 -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
VERSION_STRING=5:23.0.1-1~ubuntu.20.04~focal
sudo apt-get install -y docker-ce=$VERSION_STRING docker-ce-cli=$VERSION_STRING containerd.io docker-buildx-plugin docker-compose-plugin
sudo usermod -aG docker $USER
sudo sed -i 's/disabled_plugins/#disabled_plugins/' /etc/containerd/config.toml
sudo systemctl restart containerd
sudo swapoff -a
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/google.gpg
cat << EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
sudo apt-get update && sudo apt-get install -y kubelet=1.24.0-00 kubeadm=1.24.0-00 kubectl=1.24.0-00
sudo apt-mark hold kubelet kubeadm kubectl

on k8s-control only:

sudo kubeadm init --pod-network-cidr 192.168.0.0/16 --kubernetes-version 1.24.0

result:

Your Kubernetes control-plane has initialized successfully!

further configuration:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

then

kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml

and kubeadm join.

result:

NAME          STATUS   ROLES           AGE     VERSION
k8s-control   Ready    control-plane   7m2s    v1.24.0
k8s-worker1   Ready    <none>          4m58s   v1.24.0
k8s-worker2   Ready    <none>          4m18s   v1.24.0

003 - Jul 2nd, 2023 (2h)

sidecar containers, ambassador containers, adapter containers


004 - 007 - Jul 3rd - Jul 6th 2023 (0m)

4-days break.

Week II

008 - Jul 7th, 2023 (0m)

We had to go to the hospital with Monika's father (everything is OK). I had no time to study today.


009 - Jul 8th, 2023 (9h)

I spent this day mostly on ansible stuff related to setting up k8s control plane on my OVH server.

I want to utilize my dusted Raspberry Pi as a worker node in that cluster. So far, I managed to set it up with networking and port forwarding.

There are still some issues with setting up k8s control plane reliably, but it's 9:30 pm already. I'm leaving solving it for tomorrow.


010 - Jul 9th, 2023 (10h)

After some struggles, I managed to set RPI as a Ready node in my K8s cluster. But not for long. Shortly after, the control plane started to giggle. Setting up Kubernetes from scratch is kind of complicated. I wasted a lot of time on Kube API server shutting down randomly until I discovered that docker can't be run along containerd on a control plane node.

While being on the lookout for solutions, I found a few interesting things:

  • It is possible to set up a private k8s cluster using raspberry PI stack
  • You can power PIs using ethernet cable only by PoE (Power over Ethernet)
  • You can expose a public load balancer that points to that private cluster using inlets-operator

This means you can host a cheap bare metal stack from your home.

I want to set up a stack of PIs in my home network, set up a private cluster, and expose it to a public LB.

This less-than-perfect infrastructure is exactly what I need to dive deep into k8s and CI/CD without spending a fortune on a cloud.

There is one catch, though. PIs are severely out of stock across the globe because of chip shortages. Luckily, as their CEO says, this shortage should be resolved within the next couple of months.

Let's hope so.

I'm moving forward with minikube and local K8s setup.


011 - Jul 10th, 2023 (0m)

Family time.


012 - Jul 11th, 2023 (2h)

The Linux Foundation had a 40% discount offer , so I purchased access to the CKAD exam. It's valid for one year from now on, but I want to approach within the next 20 days (as the project deadline says).

I updated a roadmap and planning section, and I might not be able to prepare well enough until the end of July because of many in-between activities like vacation. I'm not rescheduling the deadline yet, but it seems too optimistic.


013 - 021 - Jul 12th - Jul 20th 2023 (0m)

Creepy Teepee festival and vacation in Kutna Hora.


022 - 027 - Jul 21th - Jul 26th 2023 (0m)

No time spent on a project


028 - Jul 27th (30m)

I've been overly focused on things like playing Return of the Obra Dinn and watching Jujutsu Kaisen; I ended up postponing working on this project for a while.

Due to a lack of planning, I'm slacking off, and now is a good time to think about what I can do about it.

Reorganization - Roadmap, Schedule, Consistency

Simple Newsletter Sign Up Form (SNSUF)

Discussion