The Simplest, Reliable and Cheapest kubernetes cluster you can get right now
Background 📚¶
Need a kubernetes cluster ?
If you are reading this there is a chance you are interested in setting up a kubernetes cluster.
Maybe you have done this before many times,
Maybe you already know about Amazon, Google, Azure, Oracle, Digital Ocean, linode and others,
Or maybe this is the first time you will be experimenting with kubernetes.
In both cases, there are a few things which you probably want anyway:
- Simple Setup
- Fast launch
- Low cost
- Reliable (uptime should be close to 99.9%)
Civo¶
Civo - Just kubernetes please
If you don't need any big Cloud Provider native services available to you,
And you only want kubernetes cluster/s, then civo will probably fit you very well.
It offers the list above and in a very low pricing comparing to other providers.
Want to set up a cluster ?
Here is an example for how you can set up a very small k3s cluster easily:
register to civo, get your API KEY
, Download the cli tool, and simply run:
civo kubernetes create civo-k8s --size g3.k3s.xsmall --remove-applications=Traefik --nodes 3 --region LON1 --save --merge --yes --wait
In my test it took ~2min for 3 workers to be ready !
The speed is probably related to the fact that the stack is based on k3s, which is a very lightweight flavor of k8s created by Rancher.
Flux¶
GitOps Is your friend
You can easily install apps on the cluster from civo UI with a single click.
But wait, If you are already setting up a kubernetes cluster, here is something you should try first.
Why GitOps ?
Here is what you gain when you manage everything in the cluster using Flux:
1st you get a single source of truth, meaning that whatever is defined in the Git Repository is the desired state of your configuration/apps/CRDs... everything.
You commit and push a change and it is automatically applied. no CI/CD Pipeline required.
If you modify/break something by running a manual command, for example kubectl delete namespace minio
it will self heal, since flux will keep reconciling your definitions to match the desire state that is declared in your Git repository.
Most importantly, this means that even if you will delete your cluster, you can quickly (very quickly if you use civo) create a new cluster, bootstrap flux, and everything you have in your Git repository will be automatically created.
So you don't have to scratch you head, trying to remember how did you install this or that, it's all there.
Here is how you can install some very commonly used projects/tools using HelmRelease and other kustomizations with Flux.
Below you can see the structure of the project, but here are a few things I can install as soon as I create a new cluster with a single flux command, which you only need to run once: flux bootstrap
.
Write once use everywhere¶
some kubernetes tools and apps you would normally install
- argocd
- argo-workflows
- cert-manager-webhook-ns1
- flagger
- grafana
- ingress-nginx
- cert-manager
- kustomization
- kyverno
- minio
- monitoring
- openebs
- policy-reporter
- prometheus
- sealed-secrets
- snyk-charts ...
bootstrap flux
export GITLAB_USER="[email protected]"
export GITLAB_TOKEN="XXXXXXXXXXXXXX"
flux bootstrap gitlab --token-auth \
--owner="devops" --path="devops" \
--repository="flux" \
--branch="master" \
--path="./clusters/production/civo-1" \
--namespace="flux-system" \
--verbose
Everything is Created automatically
.
|-- CHANGELOG.md
|-- README.md
|-- apps
| |-- argo-rollouts
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- crossplane
| | |-- aws-creds.yaml
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- providerconfig.yaml
| | `-- release.yaml
| |-- kustomization.yaml
| |-- kyverno-policies
| | |-- kustomization.yaml
| | `-- require-labels.yaml
| |-- loki
| | |-- ingress.yaml
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- minio
| | |-- kustomization.yaml
| | |-- minio-sealed-secret.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- namespace
| | `-- production
| | |-- kustomization.yaml
| | `-- namespace.yaml
| |-- ns1-cert-manager
| | |-- cert-manager-webhook-ns1.yaml
| | |-- issuer.yaml
| | |-- kustomization.yaml
| | `-- stg-issuers.yaml
| |-- sealed-registry-secret.yaml
| `-- snyk-monitor
| |-- kustomization.yaml
| |-- namespace.yaml
| |-- release.yaml
| `-- sealed-secret.yaml
|-- clusters
| `-- production
| |-- civo-1
| | `-- flux-system
| | |-- apps.yaml
| | |-- gotk-components.yaml
| | |-- gotk-sync.yaml
| | |-- infrastructure.yaml
| | |-- kustomization.yaml
| | |-- monitoring-kustomization.yaml
| | `-- civo-1-apps.yaml
| `-- civo-2
| `-- flux-system
| |-- apps.yaml
| |-- gotk-components.yaml
| |-- gotk-sync.yaml
| |-- infrastructure.yaml
| |-- kustomization.yaml
| |-- monitoring-kustomization.yaml
| `-- civo-2-apps.yaml
|-- infrastructure
| |-- cert-manager
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- ns1-credentials.yaml
| | |-- release.yaml
| | `-- secret-reader.yaml
| |-- codefresh-sa
| | |-- kustomization.yaml
| | `-- service-account.yaml
| |-- flagger
| | |-- kustomization.yaml
| | `-- release.yaml
| |-- ingress
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- jenkins-plugin
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- service-account.yaml
| |-- kustomization.yaml
| |-- kyverno
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- notifications
| | |-- alert.yaml
| | |-- kustomization.yaml
| | |-- msteams.secret.yaml
| | `-- msteams.yaml
| |-- openebs
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- policy-reporter
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| |-- sealed-registry-secret.yaml
| |-- sealed-secrets
| | |-- kustomization.yaml
| | `-- release.yaml
| `-- sources
| |-- argocd.yaml
| |-- bitnami-rabbitmq.yaml
| |-- cert-manager-webhook-ns1.yaml
| |-- crossplane.yaml
| |-- flagger.yaml
| |-- grafana.yaml
| |-- ingress-nginx.yaml
| |-- jetstack.yaml
| |-- kustomization.yaml
| |-- kyverno.yaml
| |-- linkerd.yaml
| |-- minio-legacy.yaml
| |-- minio.yaml
| |-- monitoring.yaml
| |-- openebs.yaml
| |-- policy-reporter.yml
| |-- prometheus.yaml
| |-- sealed-secrets.yaml
| `-- snyk-charts.yaml
|-- civo-1-apps
| |-- argo-workflows
| | |-- argo-artifacts-minio-secret.yaml
| | |-- argo-workflow-ingress.yaml
| | |-- argo-workflow-rabbitmq-secret.yaml
| | |-- aws-secret.yaml
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- release.yaml
| | |-- roleBinding.yaml
| | `-- sealed-registry-secret.yaml
| |-- argocd
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- release.yaml
| | |-- sealed-secret-gitlab.yaml
| | `-- sealed-secret-helm.yaml
| |-- argocd-ingress.yaml
| |-- kustomization.yaml
| |-- prometheus
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- prometheus-ingress.yaml
| | `-- release.yaml
| `-- rabbitmq
| |-- kustomization.yaml
| |-- namespace.yaml
| |-- release.yaml
| `-- sealed-secret.yaml
|-- civo-2-apps
| |-- argocd
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | |-- release.yaml
| | |-- sealed-secret-gitlab.yaml
| | `-- sealed-secret-helm.yaml
| |-- argocd-ingress.yaml
| |-- kustomization.yaml
| |-- prometheus
| | |-- kustomization.yaml
| | |-- namespace.yaml
| | `-- release.yaml
| `-- rabbitmq
| |-- kustomization.yaml
| |-- namespace.yaml
| |-- release.yaml
| `-- sealed-secret.yaml
`-- validate.sh
ArgoCD¶
Install ArgoCD with Flux
Yes, you can do that, in fact this is exactly what I have done in my production cluster.
Flux will install ArgoCD from HelmChart, and will configure it with Ingress + TLS using Cert Manager and NS1 plugin.
On top of that it will automatically configure:
- ArgoCD Project and permissions
- ArgoCD Repositories with Secured Access to GitLab Projects
- App of Apps - an app which automatically create all apps from the repositories above.
Everything is fully automated and you don't need to do anything, in fact even if you will go to the ArgoCD UI, and delete repositories and apps, Flux will recreate them.
Want to change something ? commit and push your changes and flux will update the state according to the git declaration.
Summary¶
Civo + Flux
With civo & Flux you can easily create,maintain,destroy and recreate clusters,
Knowing you will always have everything you need ready in just a few minutes.
So if "just kubernetes" is what you need, civo is definitely worth checking out
Also, at the time of writing this, you get 250$ credit for 2 months.