Skip to content

Install Kubernetes#

Before you begin#

  • One or more machines running a deb/rpm-compatible Linux OS; for example: Ubuntu or CentOS.
  • 2 GiB or more of RAM per machine--any less leaves little room for your apps.
  • At least 2 CPUs on the machine that you use as a control-plane node.
  • Full network connectivity among all machines in the cluster. You can use either a public or a private network.

General Setup For Control Planes and Node Machines#

Set Static IPs#

  • using ifconfig to check the current IPv4. For example the current IPv4 is 192.168.1.22
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.22  netmask 255.255.255.0  broadcast 192.168.1.255
        inet6 2405:4802:a2ec:f390:ffff:ffff:ffff:fffa  prefixlen 128  scopeid 0x0<global>
        inet6 2405:4802:a2ec:f390:a00:27ff:fe7c:7d0  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::a00:27ff:fe7c:7d0  prefixlen 64  scopeid 0x20<link>
        ether 08:00:27:7c:07:d0  txqueuelen 1000  (Ethernet)
        RX packets 84129  bytes 52901171 (52.9 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 87368  bytes 64687379 (64.6 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 415761  bytes 148967335 (148.9 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 415761  bytes 148967335 (148.9 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  • Then now, using the command below to edit file 50-cloud-init.yaml
1
sudo cat /etc/netplan/50-cloud-init.yaml
  • Update the content of this file as below.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
# This file is generated from information provided by the datasource.  Changes
# to it will not persist across an instance reboot.  To disable cloud-init's
# network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        enp0s3:
            dhcp4: false
            addresses:
              - 192.168.1.22/24
            nameservers:
              addresses:
                - 8.8.8.8
                - 8.8.4.4
            routes:
              - to: default
                via: 192.168.1.1
    version: 2
Key/Item Description Value
network Top-level key defining the network configuration. (N/A)
ethernets Specifies Ethernet interfaces for network configuration. (N/A)
enp0s3 The name of the Ethernet interface being configured. enp0s3
dhcp4 Indicates whether DHCP is used for IPv4. false
addresses Static IPv4 addresses assigned to the interface. 192.168.1.22/24
nameservers DNS servers for domain name resolution. 8.8.8.8, 8.8.4.4
routes Defines custom routes for network traffic. (N/A)
to Specifies the destination for the route. default indicates all traffic. default
via The gateway IP address for the route. 192.168.1.1
version Specifies the version of the Netplan YAML syntax being used. 2
  • Then run the command below to try and apply the latest configuration.
1
2
sudo netplan try
sudo netplan apply

Turn Off Swap Permanently#

  • Run commands below to turn off swap and make it turn off permanently after reboot.
1
2
3
4
5
# turn off swap
sudo swapoff -a

# update /etc/fstab file to turn off it permanently
sudo sed -i.bak '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

Install Docker#

  • Run commands below to install Docker.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

1
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Setup Container Runtime#

  • Run the command below:
1
2
3
sudo su -
mkdir -p /etc/containerd
containerd config default>/etc/containerd/config.toml
  • Then restart the containerd service and check the status.
1
2
3
sudo systemctl restart containerd
sudo systemctl enable containerd
sudo systemctl status containerd

Setup cgroup driver#

  • Use the command below to open the config.toml.
1
sudo vi /etc/containerd/config.toml
  • Then find the option SystemCgroup following part and set the value of it to true.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
......

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes]

    [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
        base_runtime_spec = ""
        cni_conf_dir = ""
        cni_max_conf_num = 0
        container_annotations = []
        pod_annotations = []
        privileged_without_host_devices = false
        privileged_without_host_devices_all_devices_allowed = false
        runtime_engine = ""
        runtime_path = ""
        runtime_root = ""
        runtime_type = "io.containerd.runc.v2"
        sandbox_mode = "podsandbox"
        snapshotter = ""

        [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
        BinaryName = ""
        CriuImagePath = ""
        CriuPath = ""
        CriuWorkPath = ""
        IoGid = 0
        IoUid = 0
        NoNewKeyring = false
        NoPivotRoot = false
        Root = ""
        ShimCgroup = ""
        SystemdCgroup = true

......
  • Then restart the containerd service and check the status.
1
2
3
sudo systemctl restart containerd
sudo systemctl enable containerd
sudo systemctl status containerd

Installing kubeadm, kubelet and kubectl#

  • You will install these packages on all of your machines:

    • kubeadm: the command to bootstrap the cluster.
    • kubelet: the component that runs on all of the machines in your cluster and does things like starting pods and containers.
    • kubectl: the command line util to talk to your cluster.

  • These instructions are for Kubernetes v1.32.

  • Update the apt package index and install packages needed to use the Kubernetes apt repository:

1
2
3
sudo apt-get update
# apt-transport-https may be a dummy package; if so, you can skip that package
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
  • Download the public signing key for the Kubernetes package repositories. The same signing key is used for all repositories so you can disregard the version in the URL:
1
2
3
# If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
# sudo mkdir -p -m 755 /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
  • Add the appropriate Kubernetes apt repository. Please note that this repository have packages only for Kubernetes 1.32; for other Kubernetes minor versions, you need to change the Kubernetes minor version in the URL to match your desired minor version (you should also check that you are reading the documentation for the version of Kubernetes that you plan to install).
1
2
# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
  • Update the apt package index, install kubelet, kubeadm and kubectl, and pin their version:
1
2
3
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
  • Enable the kubelet service before running kubeadm:
1
sudo systemctl enable --now kubelet

Setup Control Plane#

Creating a cluster with kubeadm#

  • Run commands below to check the network and make sure kubelet is enabled and pulls all the necessary container images for setting up the Kubernetes control plane.
1
2
3
lsmod | grep br_netfilter
sudo systemctl enable kubelet
sudo kubeadm config images pull
Command Explanation
lsmod \| grep br_netfilter Lists all the loaded kernel modules and filters the output to show the br_netfilter module.
sudo systemctl enable kubelet Enables the kubelet service to start automatically on system boot.
sudo kubeadm config images pull Pulls the required container images for setting up the Kubernetes control plane.
  • Then run the command below to init the control plane.
1
2
3
4
sudo kubeadm init \
  --pod-network-cidr=192.168.0.0/16 \
  --cri-socket unix:///run/containerd/containerd.sock \
  --apiserver-advertise-address=192.168.1.22
Command/Option Explanation
kubeadm init Command to bootstrap a Kubernetes control plane node. This sets up all necessary components like the API server, controller manager, and scheduler.
--pod-network-cidr=192.168.0.0/16 Specifies the CIDR block for the pod network. This is required to configure the networking for pods in the cluster. The value 192.168.0.0/16 is a common range for a pod network. It must match the network settings of the CNI plugin (like Flannel or Calico) you will install.
--cri-socket unix:///run/containerd/containerd.sock Specifies the socket path to the container runtime interface (CRI). In this case, it points to the containerd socket. By default, Kubernetes may look for the docker socket, so this option ensures it uses containerd.
--apiserver-advertise-address=192.168.12.13 Sets the IP address that the Kubernetes API server will advertise for communication with other nodes in the cluster. This should be the IP address of the control plane node.