Setup a k8s cluster on linux
This article will elaborate on all the manual steps you need to perform when creating a Kubernetes cluster on a Virtual machine. I want to make these deployment steps more generic rather than specifying to cloud service providers. Because now there are several cloud service providers which enable a lot of services and applications that can plug and replace some of the features in the Kubernetes. However, writing this to set up the Kubernetes cluster on a Linux server. once you complete reading this, you would be able to get the core idea of deployment, then you will be able to adopt the concept to other platforms and cloud service providers.
For this, I’m using Ubuntu 18 OS, RAM 4 GB, 2 Core CPUs virtual machine which is provisioned from amazon web services.
So as a first step we need to install docker.
Letting iptables see bridged traffic
Make sure that the br_netfilter
module is loaded. This can be done by running lsmod | grep br_netfilter
. To load it explicitly call sudo modprobe br_netfilter
.
As a requirement for your Linux Node’s iptables to correctly see bridged traffic, you should ensure net.bridge.bridge-nf-call-iptables
is set to 1 in your sysctl
config, e.g.
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
EOFcat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sudo sysctl --system
Now we have completed the initial requirements on the VM & OS level. Let’s move to the next step.
Installing kubeadm, kubelet and kubectl
The kubeadm is a helper tool that will help you to install and set up a kubernets cluster. This tool is a part of Kubernetes distribution and it helps to set up a minimum viable cluster on our VMs. However, there are a few more tools which are come up with different features such as kubespray, kops. Those tools are developed focusing on specific features that are connected with cloud service providers.
The kubelet is the primary “node agent” that runs on each node. It can register the node with the apiserver using one of the hostname; a flag to override the hostname; or specific logic for a cloud provider.
The kubelet works in terms of a PodSpec. A PodSpec is a YAML or JSON object that describes a pod. The kubelet takes a set of PodSpecs that are provided through various mechanisms (primarily through the apiserver) and ensures that the containers described in those PodSpecs are running and healthy. The kubelet doesn’t manage containers that were not created by Kubernetes.
The kubectl command-line tool lets you control Kubernetes clusters. There are specific commands to perform the action in the Kubernetes cluster.Once we configure this kubectl tool , we will get the configuration file which will help to access Kubernetes cluster APIs using remote machines and other tools ( lens )
So Let’s start
- Update the
apt
package index and install packages needed to use the Kubernetesapt
repository:
sudo apt-get update sudo apt-get install -y apt-transport-https ca-certificates curl
2. Download the Google Cloud public signing key:
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
3. Add the Kubernetes apt
repository:
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
4. Update apt
package index, install kubelet, kubeadm and kubectl, and pin their version:
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
sudo systemctl enable kubelet
sudo systemctl start kubelet
The kubelet is now restarting every few seconds, as it waits in a crashloop for kubeadm to tell it what to do.
To disable SELinux & SAWP execute belwo commands
sudo setenforce 0
sudo sed -i ‘s/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
sudo sed -i ‘/swap/d’ /etc/fstab
sudo swapoff -a
Creating a cluster with kubeadm
When you execute kubeadm init , it will setup kubernetes control plane.
* — apiserver-advertise-address string : The IP address the API Server will advertise it’s listening on. If not set the default network interface will be used.
* — pod-network-cidr string : Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node.
* — apiserver-cert-extra-sans : Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names.
kubeadm init --apiserver-advertise-address=0.0.0.0 --pod-network-cidr=10.244.0.0/16 --apiserver-cert-extra-sans=<privet_ip>,<public_ip>
Once you execute above command it will take some time and setup kubenetes control plane. Onece it is complete it will return few restuls including kubernetes configurations file and kubeadm join command.
However now we should setup configurations to manage cluster. to control cluster from the VM iteself you can perform below commands.
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Or else you can setup thirdpart tool like lens using the cofig file.
Now we need to set up pod network , it will allow nodes withing the cluster communication. In this example i’m using flannel. But there are other options you can select on your desire.
sudo kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
Now we had completed kubernetes cluster setup and initial tools and utility installtions. to ensure , run below commands
sudo kubectl get nodes
sudo kubectl get pods — all-namespaces
Then you can install your services and applications. Here i added sample image of my lens tool integrations.
Cheers guys, now you have completed kubernetes cluster setup. Also please keep in touch with my profile, this blow series will cover, microserice deployement, security implemetations, ingress controller and few more upcoming topics.
Reference:
- Kubernetes : https://kubernetes.io/
- kubeadm : https://kubernetes.io/docs/reference/setup-tools/kubeadm/
- kubelet : https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
- kubectl : https://kubernetes.io/docs/reference/kubectl/kubectl/
- lens : https://k8slens.dev/
- kubespray : https://kubernetes.io/docs/setup/production-environment/tools/kubespray/
- kops : https://kubernetes.io/docs/setup/production-environment/tools/kops/