KUBERNETES CLUSTER

# KUBERNETES CLUSTER ---- ## Setting UP the Cluster --- 1. Update and Upgrade all packages ```bash sudo apt-get update && sudo apt-get upgrade ``` 2. Disable swap for the kubelet to work properly ```bash swapoff -a # To verify sudo cat /etc/fstab # To permanently swapoff sudo sed -i '/ swap / s/^$.*$$/#\1/g' /etc/fstab ``` 3. Configuring Container Runtime To run containers in Pods, Kubernetes uses a container runtime.We will use containerd, so we need to install it on each cluster node. ```bash # Write overlay and br_netfilter cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF ``` ```bash # Load the modul sudo modprobe overlay sudo modprobe br_netfilter # Manage network in kubernetes cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF ``` ```bash # Apply sysctl without reboot sudo sysctl --system ``` 4. Install container runtime with Dokcer ```bash # Install packages sudo apt-get update sudo apt-get install \ apt-transport-https \ ca-certificates \ curl \ gnupg \ lsb-release # Add Docker’s official GPG key sudo mkdir -p /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg # Set up the repository echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null # Update again and install `containerd.io` sudo apt-get update sudo apt-get install containerd.io # Download CNI Plugins mkdir -p /opt/cni/bin wget https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-amd64-v1.1.1.tgz # Archive or combining files tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.1.1.tgz ``` ```bash # Configuring the systemd cgroup driver sudo nano /etc/containerd/config.toml # Enable the cni plugin by commenting out the line below # with `#` we can activate the CRI #Find line disabled_plugins = ["cri"] and commenting with `#` # And then we want to use systemd as a cgroup driver [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = true # Make it True ``` ```bash # restart containerd service sudo systemctl restart containerd sudo systemctl enable containerd ``` 5. Install kubeadm, kubelet, and kubectl Using `kubeadm` to set up cluster that conforms the best practices. ```bash # Download the Google Cloud public signing key curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg # Add the Kubernetes apt repository echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list ``` ```bash # Update apt package index, install kubelet, kubeadm and kubectl sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl # Pull images that needed by `kubeadm` sudo kubeadm config images pull ``` 5. Initiate cluster ```bash # change the `192.168.22.132` with ur IP VM sudo kubeadm init \ --apiserver-advertise-address 192.168.111.132 \ --control-plane-endpoint 192.168.111.132 \ --pod-network-cidr 10.244.0.0/16 ``` 6. We use calico for the plugin (Or u can use another plugin, has to match the plugin with ur network server) ```bash kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.28.1/manifests/calico.yaml ``` ## How the worker can join to the cluster 1. Set up like the master node, but u dont need to initialize the cluster 2. After set up u can join with this command : ```bash sudo kubeadm join <IP master>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash> ``` 3. Command to print out the token of master node ```bash kubeadm token create --print-join-command ``` ```bash kubeadm join 192.168.1.161:6443 --token eb64r4.cb5jz3vr7my06jum --discovery-token-ca-cert-hash sha256:b22ebf3b6544a154475a36b2a09c45616da3756d5de4a0670bc54e756de4206d ``` ref : https://github.com/sandyxd18/Kubernetes-script/blob/main/kube-install.sh