[Let’s Build K8s] Hosting K8s on Your Local Machines (2)
Overview
Hi there!! In this series of articles (Let’s Build K8s), I will set up a k8s cluster on several physical machines with everyone! Instead of using online k8s services like GKE, we are going to build our k8s cluster and manage it by ourselves :)
Last article we have set up CRI on every node machine, and we will continue to install other essential k8s components in this article :)
Basic Concept
Kubeadm, Kubelet, and Kubectl are crucial for local cluster setup, and the following describe describes their main job.
kubeadm
: The command to bootstrap the cluster.kubelet
: The component that runs on all of the machines in your cluster and does things like starting pods and containers.kubectl
: The command line utility to talk to your cluster.
Moreover, kubeadm
will not install or manage kubelet
or kubectl
for you, so you will need to ensure they match the version of the Kubernetes control plane you want kubeadm
to install for you.
This is the detailed release information: Link to k8s official
Please install the version combination according to the above link, or there will be some unexpected bugs.
Installing Process
First, we will install some package for later installation process.
sudo apt-get updatesudo apt-get install -y apt-transport-https ca-certificates curl
Installing google cloud public signing key.
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
Configure gnupg secret transfer information and add it to apt package configuration file
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
Remember to refresh apt after setting up new configuration
sudo apt-get update
Finally, let’s install kubeadm
, kubelet
and kubectl
. After that we will fix the version to avoid accidentally upgrade :)
sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
After getting every command line tools ready, we need enable some networking plugin on each node.
The concept of following part will be a little bit difficult…
If you can not understand the networking concept, just run through the command line :)
Node Networking Plugin Activate
First, let’s introduce the command line tools we will use later in configuration process :
lsmod
: List all the module running condition.modprobe
: Create or delete linux module.
Verify that the br_netfilter
module is loaded by running following command:
lsmod | grep br_netfilter
Then, use the following commands to set up bridge networking, so that the ip_table
can see the traffic.
Setting the value net.bridge.bridge-nf-call-iptables
to 1 enable Linux node’s iptables
to correctly view bridged traffic !
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# Apply sysctl params without reboot
sudo sysctl --system
After everything is done, reload cri-o
configuration file and restart it with commands below:
systemctl daemon-reload
systemctl restart crio
Notice:
This part networking setup need to be done on each node machine.
Create Cluster
We have finally made it to the process of setting up the cluster !! In this part, we will create a control plane and join multiple worker nodes by kubeadm
.
First, initialize the control plane with special CIDR range (we will explain this part in the next ariticle — setting up CNI 🔥)
kubeadm init --pod-network-cidr=10.244.0.0/16
Wait for few second…
After successfully initialization, we will get several types of token, and keep those token in your note :)
In each of your worker node, you can use the following command and your token to join the cluster !
kubeadm join <control-plane-ip>:6443 --token <some token> --discovery-token-ca-cert-hash <some hash token>
Notice:
This command will print in the result of initializing control plane.
The token will expire in few minutes, but don’t worry !
We can generate a new join command using the below command:
kubeadm token create --print-join-command
Last but not least, we need to enable our terminal to use kubectl
!
If you are in root user mode : (sudo su -
)
export KUBECONFIG=/etc/kubernetes/admin.conf
If you are in normal user mode:
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
After everything has completed, use kubectl get node
to check the status of each node :)
Congratulation ✨✨!! We have finished installing all k8s component in this article :)
Thank you for your time reading. Any suggestions are welcomed and feel free to point me out if anything is unclear.
See u guys next time ! Have a nice working day ~😃