Kubernetes Cluster Setup
Bootstrap a Kubernetes cluster using kubeadm.
Prerequisites
# All nodes: Disable swap
sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab
# Enable kernel modules
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# Sysctl params
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --systemStep 1: Install Container Runtime
# Install containerd (all nodes)
sudo apt update
sudo apt install containerd -y
# Configure containerd
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
# Enable SystemdCgroup
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl enable containerdStep 2: Install kubeadm, kubelet, kubectl
# All nodes
sudo apt update
sudo apt install -y apt-transport-https ca-certificates curl
# Add Kubernetes repo
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | \
sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | \
sudo tee /etc/apt/sources.list.d/kubernetes.list
# Install
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectlStep 3: Initialize Control Plane
# On control plane node only
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
# Set up kubectl
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# Save the join command!
# kubeadm join <ip>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>Step 4: Install CNI (Flannel)
# On control plane
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml
# Verify
kubectl get pods -n kube-flannelStep 5: Join Worker Nodes
# On each worker node
sudo kubeadm join <control-plane-ip>:6443 \
--token <token> \
--discovery-token-ca-cert-hash sha256:<hash>
# If token expired, create new one on control plane:
kubeadm token create --print-join-commandStep 6: Verify Cluster
# Check nodes
kubectl get nodes
# Check system pods
kubectl get pods -n kube-system
# Cluster info
kubectl cluster-infoStep 7: Install Metrics Server
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
# For local clusters, add to deployment:
# args: --kubelet-insecure-tls
# Verify
kubectl top nodes
kubectl top pods -ADeploy Test Application
# Create deployment
kubectl create deployment nginx --image=nginx
# Expose service
kubectl expose deployment nginx --port=80 --type=NodePort
# Get NodePort
kubectl get svc nginx
# Test
curl http://<node-ip>:<nodeport>Essential Commands
| Task | Command |
|---|---|
| Get nodes | kubectl get nodes |
| Get pods | kubectl get pods -A |
| Describe pod | kubectl describe pod <name> |
| Pod logs | kubectl logs <pod> |
| Exec into pod | kubectl exec -it <pod> -- /bin/sh |
| Apply manifest | kubectl apply -f file.yaml |
| Delete resource | kubectl delete -f file.yaml |
- kubernetes
- k8s
- cluster
- kubeadm
- container orchestration