Kubernetes is the standard for container orchestration in the world of cloud-native applications. While many organizations embrace cloud platforms like AWS, Azure, or GCP for their Kubernetes deployments, there are valid reasons to consider running Kubernetes on-premises. In this blog post, we’ll take a look at the advantages of on-premises Kubernetes and guide you through the basics of installing upstream Vanilla Kubernetes using kubeadm.
Let’s first take a look at some advantages of using Kubernetes on-premises.
Data privacy and security
One of the primary reasons organizations opt for on-premises deployments is to maintain full control over their data and ensure data privacy and security. In industries with strict compliance requirements, such as healthcare or finance, on-premises Kubernetes provides a level of control and security that may not be achievable in the public cloud.
Business policy reasons
Business policy needs, such as having to run your workloads at specific geographical locations, may make it difficult to use public clouds. Additionally, some enterprises may not be able to utilize public cloud offerings from a specific cloud provider due to their business policies related to competition.
Being cloud agnostic to avoid lock-in
Many enterprises may not wish to be tied to a single cloud provider and hence may want to deploy their applications across multiple clouds, including an on-premises private cloud. This could potentially reduce business continuity risk due to issues with a specific cloud provider.
Public cloud providers offer convenience, but they can be costly, especially for resource-intensive workloads. By running Kubernetes on-premises, you have the ability to control hardware costs, optimize resource allocation, and avoid unexpected cloud service charges.
Legacy systems integration
Many organizations have existing on-premises infrastructure and legacy systems. Running Kubernetes on-premises allows for easier integration with these systems and a gradual transition to containerised workloads.
In certain scenarios, on-premises Kubernetes can provide better network performance and lower latency compared to cloud-based deployments, particularly if your data center is geographically close to your users or other infrastructure.
Some possible challenges deploying Kubernetes on-premises
There is a downside to running Kubernetes on-premises, however. Doing Kubernetes yourself is known for its steep learning curve and operational complexity. When using Kubernetes on, for example, AWS or Azure, your public cloud provider essentially abstracts the complexities from you. Running Kubernetes on-premises means you’re on your own.
Here are specific areas where this challenge could be most apparent:
- Load balancing
Load balancing may be needed both for your cluster master nodes and your application services running on Kubernetes. Depending on your existing networking setup, you may want to use a load balancer such as F5 or use a software load balancer such as metallb.
It’s critical to ensure that your Kubernetes infrastructure is highly available and can withstand data center and infrastructure downtimes. This would mean having multiple master nodes per cluster, and, when relevant, having multiple Kubernetes clusters across different availability zones.
- Persistent storage
The majority of your production workloads running on Kubernetes will require persistent storage (block or file storage). You will need to work with your storage vendor to identify the right plugin and install any needed components before you can integrate your existing storage solution with Kubernetes on-premises.
Managing a highly available etcd cluster is crucial, including taking frequent backups to minimise downtime.
You will need to invest in tooling to monitor the health of your Kubernetes clusters in your on-premise Kubernetes environment. Most monitoring and log management tools have specific capabilities around Kubernetes monitoring. If you are already using Datadog, Splunk, or similar tools, you’ll have the ability to monitor your Kubernetes on-premises implementation. Or you may consider investing in an open-source monitoring stack designed to help you monitor Kubernetes clusters, such as Prometheus and Grafana.
Auto-scaling based on workload needs can help save resources. This is difficult to achieve for bare metal Kubernetes clusters unless you are using a bare metal automation platform.
Networking is very specific to your data center configuration.
You will need to upgrade your clusters roughly every 3 months when a new upstream version of Kubernetes is released. A staged upgrading strategy, where your development/test clusters are upgraded first before upgrading your production clusters, is recommended.
Now that we’ve covered the “why,” let’s take a look at the “how.” In this particular case, we will walk you through the basic steps for installing upstream Vanilla Kubernetes using kubeadm. This will provide you with a practical understanding of what you can anticipate, for the entire process of deploying Kubernetes on-premises.
Before we get started, you’ll need the following:
- Networking: Set up networking for the nodes.
- Hardware: Servers or virtual machines to act as Kubernetes nodes. Ensure they meet Kubernetes requirements (CPU, RAM, and storage).
- Operating system: A compatible Linux distribution (e.g., Ubuntu, CentOS, or RHEL) installed on each node.
- Container runtime: Docker or containerd installed on each node. Note: Installing container runtimes and setting up the operating system also has steps specific to the k8s cluster. For more information refer to the following documentation https://kubernetes.io/docs/setup/production-environment/container-runtimes/
- Kubectl: The Kubernetes command-line tool installed on your local machine.
- Kubeadm, Kubelet, and Kubectl: These are Kubernetes components we’ll install on the nodes.
Step 1: Install Docker
You can install Docker using the package manager appropriate for your Linux distribution. For example, on Ubuntu, you can use the following commands: sudo apt update sudo apt install docker.io
Step 2: Install Kubernetes components
Run the following commands on each of your nodes:
sudo apt update && sudo apt install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt update sudo apt install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
Step 3: Initialize the control plane
Choose one of your nodes to be the control plane node, and run the following command:
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
Step 4: Set up the Kubernetes configuration for your user
Run these commands on your control plane node:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
Step 5: Deploy a pod network
For networking, you can use tools like Calico, Flannel, or Weave. Here, we’ll use Calico:
kubectl apply -f https://docs.projectcalico.org/v3.22/manifests/calico.yaml
Step 6: Join worker nodes
On each worker node, run the kubeadm join command provided in the output of the kubeadm init command from the control plane node.
Step 7: Verify the cluster
On the control plane node, you can run:
kubectl get nodes
This should display the status of all nodes in your cluster.
Kubernetes deployment completed
Congratulations! You now have installed upstream Vanilla Kubernetes using kubeadm. You can deploy your applications, scale them, and manage containers just as you would in any other Kubernetes environment.
Conclusion deploying Kubernetes on-premises
Running Kubernetes on-premises can be a strategic choice for organizations looking to retain control over their infrastructure, enhance security, and optimize costs. By following the steps outlined in this blog, you can set up your own Kubernetes cluster and leverage the power of container orchestration in your data center.
Remember that managing an on-premises cluster requires ongoing maintenance, monitoring, and scaling based on your workload needs. Keep your cluster up to date with security patches, and consider implementing a robust monitoring and alerting system to ensure smooth operations.
Let me know in the comments if you recognize these points.