Skip to main content

Create a Kubernetes cluster using kind (Kubernetes in Docker) in less than 2 minutes



Why

Sometimes I just need to quickly test a K8s resource or compare a cluster with a near vanilla version. This is where kind comes in handy, as it can create a clean and fresh Kubernetes cluster in under 2 minutes.

Requirements

You have a working docker environment.

Step 1

Download the kind binary (less than 4 MB).

curl -Lso ./kind https://kind.sigs.k8s.io/dl/v0.11.0/kind-linux-amd64 && chmod 755 kind

Step 2

Create the actual cluster.

$ time ./kind create cluster

Creating cluster "kind" ...
 ✓ Ensuring node image (kindest/node:v1.21.1)
 ✓ Preparing nodes
 ✓ Writing configuration
 ✓ Starting control-plane
 ✓ Installing CNI
 ✓ Installing StorageClass

Set kubectl context to "kind-kind"
You can now use your cluster with:
kubectl cluster-info --context kind-kind

Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community

real    1m55.934s
user    0m1.014s
sys     0m0.970s

Step 3

That's it really - just use kubectl  (ideally use the same version as the K8s cluster  - so 1.21.1 in this example) as described above.

$ kubectl get nodes
NAME                 STATUS   ROLES                  AGE   VERSION
kind-control-plane   Ready    control-plane,master   42m   v1.21.1

When finished, either stop / remove the Docker container or run kind delete cluster.

Without pulling the image

Starting kind a second time is even faster:



Links

https://kind.sigs.k8s.io/docs/user/quick-start/

Labels:

Comments

Post a Comment

Popular posts from this blog

Manual Kubernetes TLS certificate renewal procedure

Intro Kubernetes utilizes TLS certificates to secure different levels of internal and external cluster communication.  This includes internal services like the apiserver, kubelet, scheduler and controller-manager etc. These TLS certificates are created during the initial cluster installation and are usually valid for 12 months. The cluster internal certificate authority (CA) certificate is valid for ten years. There are options available to automate certificate renewals, but they are not always utilised and these certs can become out of date. Updating certain certificates may require restarts of K8s components, which may not be fully automated either. If any of these certificates is outdated or expired, it will stop parts or all of your cluster from functioning correctly. Obviously this scenario should be avoided - especially in production environments. This blog entry focuses on manual renewals / re-creation of Kubernetes certificates. For example, the api-server certificate below...
Post a Comment
Read more

Enhancing Kubernetes Security: Enabling API Server Audit Logging

      In the ever-evolving landscape of container orchestration and management, Kubernetes remains at the forefront, empowering organizations to deploy, manage, and scale their containerized applications efficiently. However, as Kubernetes environments grow in complexity, ensuring robust security measures becomes paramount. One crucial aspect of Kubernetes security is audit logging, particularly concerning the Kubernetes API server, which serves as the primary point of interaction with the cluster. The Importance of Audit Logging Audit logging provides visibility into the activities and interactions within a Kubernetes cluster. By recording requests and responses made to the API server, audit logs offer valuable insights into user actions, system modifications, and potential security breaches. This transparency is essential for compliance with regulatory requirements such as HIPAA, GDPR, and PCI DSS, as well as for detecting and investigating security incidents. Understan...
Post a Comment
Read more

Analysing and replaying MySQL database queries using tcpdump

Why There are situations where you want to quickly enable query logging on a MySQL Database or trouble shoot queries hitting the Database server in real-time. Yes, you can enable the DB query log and there are other options available, however the script below has helped me in many cases as it is non intrusive and does not require changing the DB server, state or configuration in any way. Limitations The following only works if the DB traffic is not encrypted (no SSL/TLS transport enabled). Also this needs to be run directly on the DB server host (as root / admin). Please also be aware that this should be done on servers and data you own only. Script This script has been amended to suit my individual requirements. #!/bin/sh tcpdump -i any -s 0 -l -w - dst port 3306 | strings | perl -e ' while(<>) { chomp; next if /^[^ ]+[ ]*$/;   if(/^(ALTER|COMMIT|CREATE|DELETE|DROP|INSERT|SELECT|SET|UPDATE|ROLLBACK)/i) {     if (defined $q) { print "$q\n"; }     $q=$_; ...
Post a Comment
Read more