Register MicroK8s

Steps to register Microk8s Cluster in gopaddle

Microk8s cluster can be registered in gopaddle either using its public IP address or a fully qualified domain name (FQDN) or securely via a Bastion Host or a Jump server.

1. Prepare Kubernetes Environment

Port Configuration

Make sure port the cluster API server port (default 16443) is open to public.

Configure Subject Alternative Names (SAN)

Add Subject Alternative Names (SAN) on the microk8s server TLS cert.

a) Login to the microk8s master node.

b) Edit or create the file /var/snap/microk8s/current/certs/csr.conf.template file with the below configuration :

[ alt_names ]
DNS.1 = kubernetes
DNS.2 = kubernetes.default
DNS.3 = kubernetes.default.svc
DNS.4 = kubernetes.default.svc.cluster
DNS.5 = kubernetes.default.svc.cluster.local
DNS.6 = <cluster-fqdn> # FQDN in case of domain name access
IP.1 = 127.0.0.1
IP.2 = 10.152.183.1

#MOREIPS

c) Restart the microk8s service

sudo microk8s stop
sudo microk8s start

d) Check the status of the microk8s service and make sure it is in running state.

sudo microk8s status --wait-ready

2. Copy Kubernetes Config file

Get kube config and save in your local desktop as kube.config

sudo microk8s config view

3. Validate Connection from Local Desktop Environment

Edit the server section in kube.config to point to the Cluster API server public IP address or its FQDN.

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <cert_auth_data>
    server: https://<public-ip_or_fqdn>::<cluster_port> # typically 16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: <cluster_token>

Verify if kube configuration works.

export KUBECONFIG=$(pwd)/kube.config
kubectl get ns

Use this kube.config file to register the cluster in gopaddle.

Set up SSH Tunnel locally to validate bastion host configuration

ssh -v -L <local_port>:<cluster_private_ip>:<cluster_port> <bastion_user>@<bastion_public_ip> -i <bastion-ssh-pem-file> -N

Eg:

ssh -v -L 16443:x.x.x.x:16443 [email protected] -i bastion.pem -N

Edit the kube.config file and make the server endpoint to point to the 127.0.0.1:<local_port>

Do not replace 127.0.0.1 with localhost as the default Subject Alternative Names (SAN) in microk8s is configured only for IP address - 127.0.0.1 and not for DNS name - localhost.

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <cert_auth_data>
    server: https://127.0.0.1:<local_port> # eg. 16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: <cluster_token>

Verify if tunnel configuration works.

export KUBECONFIG=$(pwd)/kube.config
kubectl get ns

IMPORTANT: Use the kube.config file obtained under section "Copy Kubernetes Config file" to register the cluster in gopaddle.

4. Register the Cluster in gopaddle

In the gopaddle UI, navigate to the Clusters section
Click on Add a Cluster and select Register an existing Cluster
In the Cluster registration wizard, select the Cluster Access Method as Kube Config
Choose the Cluster Provider type as Other
In the Authentication Step, upload the Kubernetes config file obtained under section "Validate Connection from Local Desktop Environment"

If you have configured a bastion host, provide the Bastion Host IP, SSH Pem file, SSH port

If you are using a Bastion Host setup, make sure the Bastion Host IP and Port are accessible publicly. If you are looking for a private only setup, get in touch with us to explore gopaddle Enterprises.

Click on Finish to register the On-premises Cluster.
If you see the error - Network Error ! ServerError: Response not successful: Received status code 503, while view the cluster resources, then check this troubleshooting section for more information.

PreviousRegister K3S NextRegister Kind

Last updated 1 year ago