System preparation
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=24.04
DISTRIB_CODENAME=noble
DISTRIB_DESCRIPTION="Ubuntu 24.04.2 LTS"
(Optional) Remove previous kubernetes installation
sudo apt purge kubeadm kubelet kubectl kubernetes-cni
sudo apt autoremove
sudo rm /etc/apt/sources.list.d/kubernetes.list*
Updrage
sudo apt update
sudo apt upgrade
do-release-upgrade
(Optional) Mount data disk
mkfs.xfs /dev/vdb
lsof /var
mv /var/ /var0
mkdir /mnt/newvar/
mount /dev/vdb /mnt/newvar/
rsync -aqxP /var0/* /mnt/newvar/
umount /mnt/newvar
mkdir /var
mount /dev/vdb /var
vim /etc/fstab
# /dev/vdb /var xfs defaults 0 0
System configuration
Enable ipv4 forward:[1]
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward = 1
EOF
# Apply sysctl params without reboot
sudo sysctl --system
Verify:
$ sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1
Disable swap
# check if swap is disabled
swapon -s
Install Kubernetes
Containerd runtime
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
# Use mirror instead:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
sudo usermod -aG docker $USER
sudo systemctl enable docker.service
sudo systemctl enable containerd.service
Generate containerd config using systemd:
sudo containerd config default | sudo tee /etc/containerd/config.toml
And modify it:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
...
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
sandbox_image = "registry.aliyuncs.com/google_containers/pause:3.6"
Restart the service:
sudo systemctl restart containerd
The above steps is required, otherwise might get error:
validate CRI v1 runtime API for endpoint "unix:///var/run/containerd/containerd.sock": rpc error: code = Unimplemented desc = unknown service runtime.v1.RuntimeService[preflight
Install Kubeadm
Install kubeadm:[4]
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Create cluster on Master node
Create cluster via kubeadm: [5]
sudo systemctl start kubelet
sudo systemctl enable kubelet
MASTER_IP="83.229.126.124"
NODENAME=$(hostname -s)
POD_CIDR="192.168.0.0/16"
sudo kubeadm init \
--pod-network-cidr=$POD_CIDR \
--apiserver-advertise-address=$MASTER_IP \
--control-plane-endpoint=$MASTER_IP \
--node-name $NODENAME
(Optional) It takes long time to pull images, so we can pull images first:
kubeadm config images list
kubeadm config images pull
to view images in local host:[6]
ctr -n k8s.io images list
Generate config
# non-root user
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# root
export KUBECONFIG=/etc/kubernetes/admin.conf
Now you should be able to view the cluster nodes:
$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
riguz Ready control-plane 2m8s v1.32.3
Post installation =
Install CNI plugin
Calico quick start:[7]
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/tigera-operator.yaml
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.29.3/manifests/custom-resources.yaml
watch kubectl get pods -n calico-system
NAME READY STATUS RESTARTS AGE
calico-kube-controllers-7bc6b5bb8-5dnsf 1/1 Running 0 26m
calico-node-jdw2v 1/1 Running 0 26m
calico-typha-5c754949c6-qhfwz 1/1 Running 0 26m
csi-node-driver-9wmmd 2/2 Running 0 26m
By default, your cluster will not schedule Pods on the control plane nodes for security reasons. If you want to be able to schedule Pods on the control plane nodes:
kubectl taint nodes --all node-role.kubernetes.io/master-
$ kubectl get nodes -o wide
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
riguz Ready control-plane 13m v1.32.3 83.229.126.124 <none> Ubuntu 24.04.2 LTS 6.8.0-58-generic containerd://1.7.27
(Optional) Join nodes
kubeadm join 10.19.30.61:6443 --token xxx \
--node-name node02 \
--discovery-token-ca-cert-hash xxx
Install HELM
wget https://get.helm.sh/helm-v3.14.4-linux-amd64.tar.gz
tar -zxvf helm-v3.14.4-linux-amd64.tar.gz
install linux-amd64/helm /usr/local/bin/helm
- ↑ https://kubernetes.io/docs/setup/production-environment/container-runtimes/#forwarding-ipv4-and-letting-iptables-see-bridged-traffic
- ↑ https://docs.docker.com/engine/install/ubuntu/
- ↑ https://mirrors.tuna.tsinghua.edu.cn/help/docker-ce/
- ↑ https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
- ↑ https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/
- ↑ https://serverfault.com/questions/1079369/kubeadm-with-containerd-cannot-use-locally-loaded-images
- ↑ https://docs.tigera.io/calico/latest/getting-started/kubernetes/quickstart