1. Resonate RFID Reader Management 2.1 Installation Guide
  2. Manually Setting Up a Resonate Kubernetes Cluster
  3. Configuring Kubernetes
  • Resonate RFID Reader Management 2.1 Software Installation Guide
Configuring Kubernetes

Configuring Kubernetes

After installing Kubernetes, configure firewalld (if using it) and enable core services. Perform these steps for each system intended for the cluster.
  1. Configure firewalld
  2. If using Red Hat or any distribution with firewalld, ensure that the MicroK8s cluster subnet is allowed through the firewall:
    # Get the cluster subnet and set up firewalld
SUBNET=$(grep CALICO_IPV4POOL_CIDR -a1 /var/snap/microk8s/current/args/cni-network/cni.yaml | tail -n1 | grep -oP '[\d\./]+')

sudo firewall-cmd --permanent --new-zone=microk8s-cluster
sudo firewall-cmd --permanent --zone=microk8s-cluster --set-target=ACCEPT
sudo firewall-cmd --permanent --zone=microk8s-cluster --add-source="$SUBNET"
sudo firewall-cmd --reload
  3. Enable Core Services
  4. Wait for the Calico network to be ready:
    sudo microk8s.kubectl wait pods -n kube-system -l k8s-app=calico-node --for condition=Ready --timeout=180s
    This makes the installation more stable by ensuring the network is ready before enabling other services.
  5. Enable DNS with system DNS servers:
    # Get DNS servers
DNS_SERVERS=$(grep '^nameserver' /etc/resolv.conf | awk '{print $2}' | tr '\n' ',' | sed 's/,$//')
sudo microk8s enable core/dns:"$DNS_SERVERS"
    You must enable core/dns, but providing additional DNS servers is optional. If none are provided, the default system DNS servers are used.
  6. Wait for DNS to be ready:
    sudo microk8s.kubectl wait deployment -n kube-system coredns --for condition=Available=True --timeout=180s
    This is important to ensure the cluster is stable before proceeding.
  7. Enable Role-Based Access Control (RBAC):
    sudo microk8s enable rbac
    RBAC is needed to ensure the cluster is appropriately secure.
  8. Enable the metrics server:
    sudo microk8s enable metrics-server
    The metrics server is useful for debugging, ensuring the stability of the cluster.
  9. Enable the ingress controller:
    sudo microk8s enable ingress
    The ingress controller is required for routing external traffic to services within the cluster.
    Resonate
     expects an nginx-based ingress controller.
  10. Configure the ingress headers after the ingress is ready:
    sudo microk8s.kubectl patch -n ingress configmap nginx-load-balancer-microk8s-conf -p '{"data": { "global-allowed-response-headers": "Cache-Control,Pragma,Expires,X-Frame-Options,X-XSS-Protection,X-Content-Type-Options,Strict-Transport-Security,Content-Security-Policy" } }'
    This is required because the
    Resonate
     cluster's ingresses need to set these headers for security reasons.