Integrating DigitalOcean Cloud Controller with k0s in Your Kubernetes Cluster: A Guide
Running your own Kubernetes cluster offers several advantages like more control over your environment, enhanced privacy and security, and the adaptability to tweak the cluster according to your requirements. On top of that it is also cheaper than a managed cluster.
k0s is a great tool to quickly setup Kubernetes clusters. If you combine it with a Cloud Controller Manager (CCM) it really makes life easier since Load Balancer and storage are automatically set up just like with a managed cluster. A Load Balancer is needed e.g. if you would like to use an Ingress Controller. An Ingress Controller is able to manage and direct external traffic to services within a Kubernetes cluster, which can then route the traffic to the appropriate pods.
Initially I wanted to use k3s and even found an outdated k3s tutorial but k3s kept producing weird errors e.g. when I tried to access the pod logs. With k0s I did not have any problems at all. That is why I created this guide and when faced with the challenge of choosing between k0s vs k3s, I will chose k0s.
This guide will walk you through the steps to establish a self-governed, single-node Kubernetes cluster on a DigitalOcean droplet with k0s, augmented with the capabilities of the DigitalOcean Cloud Controller Manager and Traefik Ingress Controller.
Prerequisites:
- A DigitalOcean account and API token. If you use my referral link and spend more than 25$ on DigitalOcean, I will receive 25$.
- A droplet configured on DigitalOcean. I recommend Ubuntu.
- Access to the droplet via DigitalOcean console or SSH.
- Swap file with 4GB and swappiness of 60
Step-by-Step Guide:
1. Connect to Your Droplet
Option 1: SSH
Use SSH to access your DigitalOcean droplet:
ssh -i /path/to/your/private/key root@<droplet-ip-address>
Replace /path/to/your/private/key with your private key file path and <droplet-ip-address> with your droplet's IP.
Option 2: DigitalOcean Console
Alternatively, utilize the built-in console by DigitalOcean. Head to the “Droplets” section in your DigitalOcean dashboard, select the droplet you wish to access, and click on “Console”.
2. Download k0s
Begin by downloading k0s, a compact, single-binary Kubernetes distribution:
curl -sSLf https://get.k0s.sh | sudo sh
3. Retrieve Your Droplet ID
To set the Droplet ID for the Kubernetes node, fetch the Droplet ID using DigitalOcean’s metadata service. The following command will store the ID in a variable called DROPLET_ID:
DROPLET_ID=$(curl http://169.254.169.254/metadata/v1/id)
4. Install and Start the k0s Controller
Install the k0s controller on the node by executing the next command. We do not need to make any changes to it since we stored the the Droplet ID in the variable DROPLET_ID:
k0s install controller --single --enable-cloud-provider=true --kubelet-extra-args="--provider-id=digitalocean://$DROPLET_ID"
k0s start
Ensure the correctness of your setup by running k0s status, which should display the status of your Kubernetes cluster.
5. Create a Kubernetes Secret for the DigitalOcean API Token
Create a secret in the kube-system namespace to store the DigitalOcean API token. Please replace digitalocean-api-token with your API token:
k0s kubectl -n kube-system create secret generic digitalocean --from-literal=access-token=digitalocean-api-token
6. Install the DigitalOcean Cloud Controller Manager
The DigitalOcean Cloud Controller Manager (CCM) facilitates nodes in discovering their droplet details and also supports services of type LoadBalancer:
k0s kubectl apply -f https://raw.githubusercontent.com/digitalocean/digitalocean-cloud-controller-manager/master/releases/v0.1.43.yml
7. Install the Helm Package Manager
Initially I had used the NGINX Ingress Controller but I turned out to be unreliable regarding websockets. Sometimes it forwarded websockets, sometimes it did not. I decided to use the Traefik Ingress Controller which turned out to be very reliable. To do so, one needs to install Helm first. Helm is a package manager for Kubernetes.
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
8. Install kubectl
Install kubectl by following this guide. I would recommend to do it via apt.
Add the export line to ~/.bashrc via the following command:
echo 'export KUBECONFIG=/var/lib/k0s/pki/admin.conf' >> ~/.bashrc
Run the following command to apply the changes in the current terminal:
source ~/.bashrc
9. Install the Traefik Ingress Controller
Conclude by installing the Traefik Ingress Controller to oversee inbound traffic routing:
helm repo add traefik https://helm.traefik.io/traefik
helm repo update
helm install traefik traefik/traefik
Check if Traefik is part of the list when executing the command k0s kubectl get pods.
If that is the case, check your DigitalOcean dashboard to verify that the Traefik Ingress Controller has successfully instantiated a Load Balancer.
10. Firewall Setup
Last but not least, we need to click on the Load Balancer Edit settings button in the DigitalOcean Dashboard to check to which ports on our droplet the Load Balancer forwards traffic (first click on the three dots to the right of the Load Balancer). You will see forwarding rules which may look similar to these:
TCP on port 80 TCP on port 30642
TCP on port 443 TCP on port 32608
Open the ports on the right (differ in every setup) in the Firewall settings which can be accessed via the Networking button.
Wrapping Up:
Kudos! You’ve adeptly set up a self-governed, single-node Kubernetes cluster on a DigitalOcean droplet with k0s, complemented by the DigitalOcean Cloud Controller Manager and the Traefik Ingress Controller.
This environment offers the perks of a self-managed Kubernetes cluster, such as heightened control, privacy, security, and customization, all while integrating effortlessly with DigitalOcean’s Load Balancers. This lets you effortlessly expose your software to the web.
Whether you’re in the phases of testing, development, or deployment, this setup ensures a sturdy and adaptable backdrop for your projects. Wishing you fruitful deployments!