Hello from a newbie


#1

Hi everybody. Forgive me for my bad english. I’m new in kubernetes world and i’ve found this web site. I can sse there are some expert persons and newbie ones :slight_smile:

I’m discovering this fabulous technology and I have a lot of questions. firstly I would like to describe to you my infra: I have 5 servers (vm):

  • 3 masters
  • 2 nodes

I’ve just finish my installation using kubespray (the best method I found to deploy an infra on premise). I spent some time to try to understand all yaml config files, but there are things that I did not understand.

The network plugin used by default is calico. I’ve kept this one rather than use cilium because actually there are much more people using calico.

When kubespray finish the installation, i can use APIs using the 6443 port on a master server. Ok it works. BUT, i’m trying to find where this acess is setup and i can’t find theme anywhere (services ? ingress ?). The API server is running on each master (k8s_kube-apiserver and k8s_POD_kube-apiserver). I can see the command used to launch the daemon:

–secure-port=6443
–insecure-port=8080

But i can’t find any services or ingress. Any idea ??


#2

kubespray is just a provisioning tool… it does not “install” any objects for you.

You’ll want to create your own manfiests and use something like kubectl apply -f deployment.yaml.

If you need some example spec’s check out https://k8specs.com


#3

Hi. thanks for this answer. I have already test somme “hello world” deployments.

I’d like to know how kubernetes expose these APIs that running by default on port 6443.
It seems that it is a container that running on masters servers, but there is no ingress or nodeport configured. How it works ??!


#4

The control plane services generally used host-networking and are managed ‘out of band’ on the individual control plane hosts themselves instead of in Kubernetes itself.

The kubespray HA documentation does a pretty good job of covering how it externalizes etcd and the kube-apiserver. :slight_smile:


#5

ohhh. ok i understand. Thanks forr the link :grin: