Kubernetes
Kubernetes (K8s) adalah platform orkestrasi container open-source untuk mengotomatisasi deployment, scaling, dan manajemen aplikasi berbasis container.
Arsitektur Kubernetes
Control Plane
- API Server
- Etcd
- Scheduler
- Controller Manager
Worker Node
- Kubelet
- Kube-proxy
- Container Runtime (Docker, containerd)
Requirements
Hardware Control Plane:
- 2–4 CPU
- 4–8GB RAM
- 40GB Storage
Worker Node:
- 2 CPU
- 4GB RAM
- 20GB Storage
Software
- OS: Ubuntu 20.04/22.04 atau setara
- Swap: Disabled
- Internet untuk pull image
Network
- Port control-plane: 6443, 2379–2380, 10250, 10251, 10252
- Port worker: 10250, 30000–32767
Instalasi Kubernetes (kubeadm)
Step 1 – Update Server
sudo apt update && sudo apt upgrade -y
Step 2 – Disable Swap
sudo swapoff -a
sed -i '/ swap / s/^/#/' /etc/fstab
Step 3 – Install containerd
sudo apt install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerd
Step 4 – Install kubeadm, kubelet, kubectl
sudo apt install -y apt-transport-https ca-certificates curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo systemctl enable kubelet
5 - Inisialisasi Master Node
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
Copy config:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Install CNI (Flannel)
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Join Worker Node
kubeadm join <IP-MASTER>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>
erifikasi Cluster*
kubectl get nodes
kubectl get pods -A
Best Practice
- Minimal 3 control-plane untuk HA
- Gunakan load balancer
- Gunakan monitoring: Prometheus + Grafana
- Gunakan private registry
Alternatif Kubernetes On-Prem
- RKE / RKE2
- K3s
- MicroK8s
- OpenShift
Diagram Arsitektur Kubernetes (Sederhana)
+-----------------------+
| Control Plane |
|------------------------|
| API Server |
| Scheduler |
| Controller Manager |
| Etcd (storage) |
+-----------+-----------+
|
--------------------------------------------
| | |
+--------+-------+ +--------+-------+ +--------+-------+
| Worker 1 | | Worker 2 | | Worker 3 |
|----------------| |----------------| |----------------|
| Kubelet | | Kubelet | | Kubelet |
| Kube-proxy | | Kube-proxy | | Kube-proxy |
| Containerd | | Containerd | | Containerd |
+----------------+ +----------------+ +----------------+
Contoh Topologi High Availability (HA)
+-------------------------------+
| External Load Balancer |
| IP: 10.10.10.100:6443 |
+-------------------------------+
| | |
---------|--------|--------|------
| | |
+-------+------+ +-------+------+ +-------+------+
| ControlPlane1 | | ControlPlane2 | | ControlPlane3 |
+--------------+ +--------------+ +--------------+
| | |
------------------------------------------------------
Cluster Network
------------------------------------------------------
| | |
+-------+------+ +-------+------+ +-------+------+
| WorkerNode1 | | WorkerNode2 | | WorkerNode3 |
+--------------+ +--------------+ +--------------+
Contoh Deployment YAML (Nginx)
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:latest
ports:
- containerPort: 80
Contoh Service YAML (LoadBalancer)
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
type: LoadBalancer
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
Contoh Ingress YAML
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
spec:
rules:
- host: nginx.local
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service
port:
number: 80
Menambah Node Baru ke Cluster
** 1. Buat token baru
kubeadm token create --print-join-command
** 2. Jalankan perintah di worker node
kubeadm join <IP-LB>:6443 --token <token> --discovery-token-ca-cert-hash <hash>
Monitoring Kubernetes (Contoh: Prometheus + Grafana)
** Deploy Prometheus + Grafana via Helm
helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
helm repo add grafana https://grafana.github.io/helm-charts
helm repo update
helm install prometheus prometheus-community/kube-prometheus-stack
helm install grafana grafana/grafana
Addons Rekomendasi
- Metrics Server: untuk HPA
- Ingress Controller (Nginx/Traefik)
- Longhorn / Ceph untuk storage
- Loki untuk logging
- Cert-Manager untuk TLS otomatis