Install Kubernetes with Kubeadm
Installing Kubernetes can be tricky but this is made simpler with kubeadm tool. Whenever we install Kubernetes we need to take care of the parts involved in installation.
INSTALL KUBERNETES USING KUBEADM
Pre-Requisites (Official Documentation)
- Compatible Linux host(s).
- First identify how many Leader nodes and How many Follower nodes are to be deployed.
- Ensure you are having
rootuser access for these nodes. - Ensure you are having internet access from these nodes.
- 2 GB or more of RAM per machine and 2 CPUs or more. Resources of leader will be more than that of follower (any less will leave little room for your apps).
- Unique hostname, MAC address, and product_uuid for every node.
- Certain ports are open on your machines.
- Swap disabled. You MUST disable swap in order for the kubelet to work properly.
Ports Need to be available by default across cluster nodes.
Leader Nodes:
| Protocol | Direction | Port Range | Purpose | Used By |
|---|---|---|---|---|
| TCP | Inbound | 6443 | Kubernetes API server | All |
| TCP | Inbound | 2379-2380 | etcd server client API | kube-apiserver, etcd |
| TCP | Inbound | 10250 | Kubelet API | Self, Control plane |
| TCP | Inbound | 10259 | kube-scheduler | Self |
| TCP | Inbound | 10257 | kube-controller-manager | Self |
Follower Nodes:
| Protocol | Direction | Port Range | Purpose | Used By |
|---|---|---|---|---|
| TCP | Inbound | 10250 | Kubelet API | Self, Leader |
| TCP | Inbound | 30000-32767 | NodePort Services | All |
Prepare the Nodes
- Set hostnames for the nodes.
hostnamectl set-hostname kube-leader (on leader server)
hostnamectl set-hostname kube-follower (on follower server)- Get the IP Adress of all nodes by using
ifconfig -aorhostname -iand run on all nodes.
echo "172.31.15.56 kube-leader" >> /etc/hosts
echo "172.31.26.16 kube-follower" >> /etc/hosts- Check the
pingutility.
ping kube-leader
ping kube-follower- Turn off
swapand disable firewall
swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
systemctl stop firewalld
systemctl disable firewalldInstall Container Runtime (containerd) [ CentOS / RHEL ]
This step needs to be followed on all nodes [Leader and Follower]
- Steps to install containerd in [CentOS/RHEL]
dnf install -y yum-utils device-mapper-persistent-data lvm2
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
dnf update -y && dnf install -y containerd.io
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml# Restart containerd
systemctl restart containerd
systemctl enable containerd
systemctl status containerd- Download
crictlexecutable for checking the successfull status of containerd | Official Documentation
VERSION="v1.26.0"
wget https://github.com/kubernetes-sigs/cri-tools/releases/download/$VERSION/crictl-$VERSION-linux-amd64.tar.gz
sudo tar zxvf crictl-$VERSION-linux-amd64.tar.gz -C /usr/local/bin
rm -f crictl-$VERSION-linux-amd64.tar.gz- Add the below lines in the file:
/etc/crictl.yaml
runtime-endpoint: unix:///var/run/containerd/containerd.sock
image-endpoint: unix:///var/run/containerd/containerd.sock
timeout: 2- Run
crictl imagesandcrictl ps -ato ensure containerd is successfully runing.
Install Kubeadm ,Kubectl ,Kubelet
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOFSet SELinux in permissive mode (effectively disabling it)
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config- Run the Below Command in Leader Node
sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet- Run the Below Command in Follower Node
sudo yum install -y kubelet kubeadm --disableexcludes=kubernetes
sudo systemctl enable --now kubeletInitialize cluster using kubeadm
- Get The Leader Node IP Address using the command
ifconfig -aorhostname -i - Use the IP Address in
--apiserver-advertise-addressflag - The below command is used only in Leader Nodes
kubeadm init --apiserver-advertise-address=10.184.42.29 --pod-network-cidr=192.168.0.0/16 --service-cidr=192.168.0.0/17- The above command will output a command like
kubeadm join ......Collect the same command and run it inFollowerNodes.
Install CNI (Container Network Interface) for the cluser
- We are going to install Calico as a CNI in the cluster Run the Below Command in Leader Node
kubectl apply -f https://docs.projectcalico.org/v3.8/manifests/calico.yamlVerify the Kubernetes Cluster Installation
- Run the below command only in leader nodes.
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config- Verify the cluster is working fine by using the below command.
kubectl get nodeskubectl get pods --all-namespaces