# Register MicroK8s

Microk8s cluster can be registered in gopaddle either using its public IP address or a fully qualified domain name (FQDN) or securely via a Bastion Host or a Jump server.

### 1. Prepare Kubernetes Environment

{% tabs %}
{% tab title="Public Access (Public IP / FQDN)" %}

### Port Configuration

{% hint style="info" %}
Make sure port the cluster API server port **(default 16443)** is open to public. 
{% endhint %}

### Configure Subject Alternative Names (SAN)

Add Subject Alternative Names (SAN) on the microk8s server TLS cert.

a) Login to the microk8s master node.

b) Edit or create the file **/var/snap/microk8s/current/certs/csr.conf.template** file with the below configuration :

<pre><code>[ alt_names ]
DNS.1 = kubernetes
DNS.2 = kubernetes.default
DNS.3 = kubernetes.default.svc
DNS.4 = kubernetes.default.svc.cluster
DNS.5 = kubernetes.default.svc.cluster.local
DNS.6 = &#x3C;cluster-fqdn> # FQDN in case of domain name access
IP.1 = 127.0.0.1
IP.2 = 10.152.183.1
<a data-footnote-ref href="#user-content-fn-1">IP.3 = &#x3C;public-ip_address></a>
#MOREIPS
  
</code></pre>

c) Restart the microk8s service

```
sudo microk8s stop
sudo microk8s start
```

d) Check the status of the microk8s service and make sure it is in **running** state.

```
sudo microk8s status --wait-ready
```

{% endtab %}

{% tab title="Bastion Host" %}

### Port Configuration

{% hint style="info" %}
Make sure the cluster API server port (**default 16443**) is open to the Bastion host and the Bastion host / Jump server SSH port (**default 22**) is open to public.
{% endhint %}
{% endtab %}
{% endtabs %}

### 2. Copy Kubernetes Config file

Get kube config and save in your local desktop as **kube.config**

```
sudo microk8s config view
```

### 3. Validate Connection from Local Desktop Environment

{% tabs %}
{% tab title="Public Access (Public IP / FQDN)" %}

1. Edit the server section in **kube.config** to point to the Cluster API server public IP address or its FQDN.

```yaml
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <cert_auth_data>
    server: https://<public-ip_or_fqdn>::<cluster_port> # typically 16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: <cluster_token>
```

2. Verify if kube configuration works.

```
export KUBECONFIG=$(pwd)/kube.config
kubectl get ns
```

3. Use this **kube.config** file to register the cluster in gopaddle.
   {% endtab %}

{% tab title="Bastion Host" %}

1. Set up SSH Tunnel locally to validate bastion host configuration

```
ssh -v -L <local_port>:<cluster_private_ip>:<cluster_port> <bastion_user>@<bastion_public_ip> -i <bastion-ssh-pem-file> -N
```

Eg:

```
ssh -v -L 16443:x.x.x.x:16443 ubuntu@y.y.y.y -i bastion.pem -N
```

2. Edit the **kube.config** file and make the server endpoint to point to the 127.0.0.1:\<local\_port>

{% hint style="info" %}
Do not replace 127.0.0.1 with localhost as the default Subject Alternative Names (SAN) in microk8s is configured only for IP address - 127.0.0.1 and not for DNS name - localhost.
{% endhint %}

```yaml
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: <cert_auth_data>
    server: https://127.0.0.1:<local_port> # eg. 16443
  name: microk8s-cluster
contexts:
- context:
    cluster: microk8s-cluster
    user: admin
  name: microk8s
current-context: microk8s
kind: Config
preferences: {}
users:
- name: admin
  user:
    token: <cluster_token>
```

3. Verify if tunnel configuration works.

```
export KUBECONFIG=$(pwd)/kube.config
kubectl get ns
```

4. **IMPORTANT**: Use the **kube.config** file obtained under section "Copy Kubernetes Config file" to register the cluster in gopaddle.
   {% endtab %}
   {% endtabs %}

### 4. Register the Cluster in gopaddle

1. In the gopaddle UI, navigate to the **Clusters** section
2. Click on **Add a Cluster** and select **Register an existing Cluster**
3. In the Cluster registration wizard, select the **Cluster Access Method** as **Kube Config**&#x20;
4. Choose the **Cluster Provider** type as **Other**
5. In the **Authentication** Step, upload the Kubernetes config file obtained under section "Validate Connection from Local Desktop Environment"

<figure><img src="https://234395929-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F5QxXxCob5M5VXQJTryRc%2Fuploads%2ForsUeftiQosV8yii9FrM%2Fregister-cluster-authentication.png?alt=media&#x26;token=fe7ee227-c530-4855-8862-540d53f8b6bc" alt=""><figcaption><p>Upload the Kubeconfig file</p></figcaption></figure>

6. If you have configured a bastion host, provide the Bastion Host IP, SSH Pem file, SSH port

{% hint style="info" %}
If you are using a Bastion Host setup, make sure the Bastion Host IP and Port are accessible publicly. If you are looking for a private only setup, get in touch with us to  explore gopaddle Enterprises.
{% endhint %}

<figure><img src="https://234395929-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F5QxXxCob5M5VXQJTryRc%2Fuploads%2FdaVEz4heTemMf08hbHlx%2Fregister-cluster-bastion.png?alt=media&#x26;token=b4bb4be2-375b-43c8-8ce7-d77fff28f23a" alt=""><figcaption><p>Provide the Bastion Host Connection Details</p></figcaption></figure>

7. Click on **Finish** to register the On-premises Cluster.
8. If you see the error - <mark style="color:red;">**Network Error !**</mark> <mark style="color:red;"></mark><mark style="color:red;">ServerError: Response not successful: Received status code 503</mark>, while view the cluster resources, then check this [troubleshooting](https://help.gopaddle.io/troubleshooting/cluster-resource-view-issues/network-error-servererror-response-not-successful-received-status-code-503) section for more information.

[^1]: Enter public IP address of the Cluster API server