Kubernetes & Scaleway

Introduction

Hi everyone ! Today I'll start a step by step guide to create your own low-cost Kubernetes cluster at Scaleway with Terraform mostly.
The implementation I'll show you is the one I currently use for my (soon-to-be) production. 

We will use:

• Scaleway Private Network

• Scaleway Object Storage

• Scaleway Compute Instance

• Scaleway Managed Dabatase

We will avoid to use:

• Scaleway Public Gateways

• Scaleway Load Balancers

• Scaleway Kapsule

The minimum cost for this cluster is around 35€/month (2 instances & 1 managed postgresql), but you could lower it by stopping instances when not used ;)

Source code is available here : https://github.com/pewty-fr/infrastructure/, don't hesitate to comment or open issues.

For this first part, we will prepare a dedicated Ubuntu image with Packer.

Prerequisite

• Packer basic knowledge

• Scaleway account (with a generated API Token)

Prepare

1. Clone the repository:

$ git clone https://github.com/pewty-fr/infrastructure.git

$ cd infrastructure/packer/k3s

2. Install Packer: You can follow the instructions on the official website to install Packer: https://www.packer.io/intro/getting-started/install.html

3. Export Scaleway secrets

$ export SCW_ACCESS_KEY=<YOUR_ACCESS_KEY>

$ export SCW_SECRET_KEY=<YOUR_SECRET_KEY>

4. Update Scaleway Project ID variable with your own: https://www.scaleway.com/en/docs/console/my-project/how-to/create-a-project/

variable "project_id" {

  type = string

  default = "<PROJECT_ID>"

}

5. (Optionnal) Create an SSH key:

$ ssh-keygen -t rsa -f k3s.pem

And update key reference:

ssh_private_key_file = "~/.ssh/k3s.pem"

Build

1. Build the image:

$ packer build config.pkr.hcl

What's inside our image

https://github.com/pewty-fr/infrastructure/blob/main/packer/k3s/bootstrap.sh

VPC autoconfig

As we aim to use Private Network without Scaleway Public Gateways, we need to ensure that we have full control over our instance network interface. 

Unattended upgrades

The purpose of Unattended Upgrades is to keep the computer current with the latest security (and other) updates automatically.

Wireguard

It will be use to be able to create a distributed cluster (in case you have some Raspberry Pi at home 😉) 

k3s

Our lightweight Kubernetes solution.

Minio Client

To easily get and set S3 objects with command line. It will allow us to use scripts deployed by Terraform into our instance automatically.   

HAProxy

One of the best Load Balacing solution, to avoid using Scaleway Load Balancers.

Systemd Service Pewty

The service that will be the root of our strategy to get and apply script stored in S3.

To continue

Thank you for reading ! I hope to be able to release quickly the next part of this tutorial: we will start to setup Terraform and deploy a few resources.