--- title: Dokumentasi tags: description: . --- # Setup Kubernetes Cluster Using Kubeadm --- ## Prerequisites - Minimum two Ubuntu VM (i'm using 22.04 LTS) nodes [One master and one worker node]. - The master node should have a minimum of 2 vCPU and 2GB RAM. For the worker nodes, a minimum of 1vCPU and 2 GB RAM is recommended. - 192.x.x.x/X network range with static IPs for master and worker nodes. i will be using the 10.x.x.x series as the pod network range that will be used by the Calico network plugin. Make sure the Node IP range and pod IP range don’t overlap. If your IP in 10.x.x.x range, use 192.168.0.0/16 as the POD CIDR. --- ## Setting Static IP (skip for openstack) ```sudo nano /etc/netplan/01-network-manager-all.yaml``` ``` network: version: 2 renderer: NetworkManager ethernets: enp0s3: dhcp4: no addresses: [Your IP/24] routes: - to: default via: 192.168.1.1 nameservers: addresses: [8.8.8.8, 1.1.1.1] ``` ```sudo netplan apply ``` ## Following are the steps involved in setting up a kubeadm-based Kubernetes cluster 1. Install container runtime on all nodes- i will be using cri-o. 2. Install Kubeadm, Kubelet, and kubectl on all the nodes. 3. Initiate Kubeadm control plane configuration on the master node. 4. Save the node join command with the token. 5. Install the Calico network plugin (operator). 6. Join the worker node to the master node (control plane) using the join command. --- # Do this in all nodes **Login as root** ``` sudo -i ``` **Allowing IPtables to see bridged traffic.** ``` cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF sudo modprobe overlay sudo modprobe br_netfilter # sysctl params required by setup, params persist across reboots cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # Apply sysctl params without reboot sudo sysctl --system ``` **Disable swap** ``` swapoff -a (crontab -l 2>/dev/null; echo "@reboot /sbin/swapoff -a") | crontab - || true ``` **Disable firewall** ``` ufw disable ``` ### Install CRI-O (Docker engine deprecated) **Enable cri-o repositories for version 1.28** ``` OS="xUbuntu_22.04" VERSION="1.28" cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ / EOF cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.list deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$VERSION/$OS/ / EOF ``` </br> **Add the GPG keys for CRI-O to the system’s list of trusted keys.** ``` curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/$OS/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers.gpg add - curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers.gpg add - apt-get update apt-get install cri-o cri-o-runc cri-tools -y ``` - CNI plugin configuration (refer to https://github.com/cri-o/cri-o/blob/main/contrib/cni/README.md) ``` #CNI plugin installation git clone https://github.com/containernetworking/plugins cd plugins git checkout v1.1.1 ./build_linux.sh #Install the CNI Plugin sudo mkdir -p /opt/cni/bin sudo cp bin/* /opt/cni/bin/ #Reload the updated config systemctl daemon-reload systemctl enable crio --now sudo systemctl status cri-o ``` ### Install Kubeadm & Kubelet & Kubectl **Install dependencies** ``` sudo apt-get update sudo apt-get install -y apt-transport-https ca-certificates curl ``` </br> **Download the GPG key for the Kubernetes APT repository.** ``` sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://dl.k8s.io/apt/doc/apt-key.gpg ``` </br>**Add the Kubernetes APT repository to your system.** ``` echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt-get update -y ``` </br>**Install kubelet, kubectl and kubeadm (erase the "=1.xx.xx" to install latest version)** ```sudo apt-get install -y kubelet=1.28.2-00 kubectl=1.28.2-00 kubeadm=1.28.2-00``` </br>**(Optional) Prevent upgrade** ```sudo apt-mark hold kubelet kubeadm kubectl``` --- # Do the following in Master node **Initialize kubeadm** ``` kubeadm init --apiserver-advertise-address=<ip_VM> --pod-network-cidr=10.85.0.0/16 --ignore-preflight-errors=all --kubernetes-version=vx.xx.x --v=5 ``` **Exit from root and do this command so kubectl works outside root user** ```mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config ``` **Deploy Calico network plugin** ``` kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml -O kubectl create -f custom-resources.yaml ``` **Print Join Command** ```kubeadm token create --print-join-command``` --- # Do the following in Worker node - Paste the output from "kubeadm token create --print-join-command" done in master node! - Do this command in master node ```kubectl get nodes``` ![image](https://hackmd.io/_uploads/ryomsSUY6.png) ### Written by #INU