A / Setup the LXC Minikube VM (server A)

Requirements :

- VM : 4 vcpu, 16 Go RAM

- SSD Disk 1 : OS Ubuntu 18.04 (30 Go)

- SSD Disk 2 : lxc containers (250 Go)

/dev/scd ext4 formated an mounted on /containers

A.1 / Initialize LXC

Lxc is already installed on recent ubuntu, use lxd to initialize it.

Use default values if not described below

lxd init lxd clustering : no

new storage pool : yes

storage backend : dir (zfs and btrfs will NOT work)

storage name : containers

MAAS server : no

network bridge : yes

bridge name : lxdbr0

ipV4 : auto

ipV6 : none

Notice : You are free to setup the storage pool, I create the following link considering my staging :

/var/lib/lxd/storage-pools/containers -> /containers

A.2 / Create a “bionic-minikube” lxc image

We need to create an lxc image from a bionic ubuntu with docker 18.09 and minikube pre-installed.

a) Launch a bionic lxc container and bash inside

lxc launch ubuntu:18.04 bionic -c security.nesting=true -c security.privileged=true

lxc exec bionic /bin/bash

b) Install docker-ce 18.09 (other versions will NOT work)

Docs : https://docs.docker.com/install/linux/docker-ce/ubuntu/

apt-get update

apt-get install -y apt-transport-https ca-certificates curl gnupg-agent software-properties-common

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add -

add-apt-repository “deb [arch=amd64] https://download.docker.com/linux/ubuntu \

$(lsb_release -cs) \

stable”

apt-get install -y docker-ce=5:18.09.9~3–0~ubuntu-bionic

c) Install minikube v1.3.1

Docs : https://kubernetes.io/fr/docs/tasks/tools/install-minikube/#linux

curl -Lo minikube https://storage.googleapis.com/minikube/releases/v1.3.1/minikube-linux-amd64

chmod +x minikube

mv minikube /usr/local/bin/

d) Install kubectl

curl -LO https://storage.googleapis.com/kubernetes-release/release/`curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt`/bin/linux/amd64/kubectl

chmod +x ./kubectl

mv ./kubectl /usr/local/bin/kubectl

e) Install helm

apt-get install socat

curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh

chmod 700 get_helm.sh

./get_helm.sh

helm init

f) Publish the image as bionic-minikube

lxc stop bionic

lxc publish bionic --alias bionic-minikube

A.3 / Create a minikube lxc profile

We need to create a specific profile to run a minikube cluster inside an lxc container due to kernel modules / security confinement.

lxc create profile minikube

lxc edit profile minikube

Grab file content here : https://github.com/cdelaitre/lxc-minikube/blob/master/lxc-profile-minikube

Notice : adapt /boot/config-XXX path to your configuration

A.4 / Start an lxc minikube container and check