Update and upgrade#
sudo apt update && sudo apt upgrade -y
sudo apt install -y curl gnupg apt-transport-https ca-certificates lsb-release
Hostname#
sudo hostnamectl set-hostname k8s-cp-01
sudo hostnamectl set-hostname k8s-node-01
sudo nano /etc/network/interfaces
auto eth0
iface eth0 inet static
address 172.31.71.121
netmask 255.255.240.0
gateway 172.31.64.1
dns-nameservers 1.1.1.1 8.8.8.8
hosts#
172.31.71.121 k8s-cp-01
172.31.71.131 k8s-node-01
Disable SWAP#
sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab
Install Docker / Containerd#
sudo apt install -y containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
sudo nano /etc/containerd/config.toml
# Find and change
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
# Restart containerd
sudo systemctl restart containerd
sudo systemctl enable containerd
Install Kubernetes (kubeadm, kubelet, kubectl)#
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Initialization of the Control Plane#
k8s-cp-01#
sudo kubeadm init --apiserver-advertise-address=172.31.71.121 --pod-network-cidr=10.244.0.0/16
If not working#
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sudo sysctl --system
#* Applying /etc/sysctl.d/k8s.conf ...
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
# check both return 1
cat /proc/sys/net/bridge/bridge-nf-call-iptables
cat /proc/sys/net/ipv4/ip_forward
sudo kubeadm init --apiserver-advertise-address=172.31.71.121 --pod-network-cidr=10.244.0.0/16
Setup kubectl#
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl get nodes
Instalace síťového pluginu (CNI) – Calico#
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/calico.yaml
# after 1-2min
kubectl get pods -A
kubectl get nodes
# status Ready
k8s-node-01#
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sudo sysctl --system
kubeadm join 172.31.71.121:6443 --token htnqgq.ymybrkv9fw7dt2jk \
--discovery-token-ca-cert-hash sha256:0483fbcc6b68518a0935aa092eade2b24763b8aad73544df66132f749307d146
kubectl get nodes
Notes#
# on CP
# get token
sudo kubeadm token create --print-join-command
# result run on node server
# on Node
# reset node server
sudo kubeadm reset -f
rm -rf /etc/kubernetes
sudo kubeadm join 172.31.71.121:6443 --token ...
# on CP
kubectl get nodes
hosts#