Install Kubernetes Cluster on Ubuntu Server 18.04 LTS - CentLinux

Latest

Monday, 17 February 2020

Install Kubernetes Cluster on Ubuntu Server 18.04 LTS

Install Kubernetes Cluster on Ubuntu Server 18.04 LTS

Kubernetes (commonly stylized as k8s) is an open-source container-orchestration system for automating application deployment, scaling, and management. It was originally designed by Google, and is now maintained by the Cloud Native Computing Foundation. It aims to provide a "platform for automating deployment, scaling, and operations of application containers across clusters of hosts".  (Courtesy: Wikipedia)

It works with a range of container tools, including Docker. Many cloud services offer a Kubernetes-based platform or infrastructure as a service (PaaS or IaaS) on which Kubernetes can be deployed as a platform-providing service. Many vendors also provide their own branded Kubernetes distributions.

In this article, you will learn how to install Kubernetes cluster on Ubuntu Server 18.04 LTS. We are configuring two Ubuntu Server 18.04 LTS nodes (a master node and a worker node), however the same steps can be used if you are planning to configure more nodes.

This tutorial will guide you about how to install a two node Kubernetes cluster on Ubuntu Server 18.04 LTS. And won’t address the theory and practical usage of Kubernetes. Therefore, if you intend to learn more about Kubenetes, then we highly recommend you to read Kubernetes: Up and Running: Dive into the Future of Infrastructure by O'Reilly Media.

 

This Article Provides:

     

    Environment Specification:

    We are using two KVM virtual machines with following specification.

    Master Node:

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 2 GB
    • Storage - 20 GB
    • Operating System - Ubuntu Server 18.04 LTS
    • Hostname – kubernetes-01.recipes.com
    • IP Address - 192.168.116.218 /24

    Worker Node:

    • CPU - 3.4 Ghz (2 cores)
    • Memory - 2 GB
    • Storage - 20 GB
    • Operating System - Ubuntu Server 18.04 LTS
    • Hostname – kubernetes-02.recipes.com
    • IP Address - 192.168.116.219 /24

    We have already installed Docker on both nodes. You can do the same by following our previous post Install Docker on Ubuntu Server 18 LTS.

     

    Kubernetes Pre-installation configurations:

    We need to configure name resolution between Ubuntu nodes. For this purpose, we can either use an Authoritive DNS server or by using the Local DNS Resolver.

    Connect with kubernetes-01.recipes.com (master node) by using a ssh tool.

    We are configuring the Local DNS Resolver for this purpose.

    ahmer@kubernetes-01:~$ sudo vi /etc/hosts

    Add following lines in this file.

    192.168.116.218 kubernetes-01 kubernetes-01.recipes.com 192.168.116.219 kubernetes-02 kubernetes-02.recipes.com

    Repeat the above step on kubernetes-02.recipes.com (worker node).

    Check installed version of Docker.

    ahmer@kubernetes-01:~$ docker --version Docker version 18.09.7, build 2d0083d

    Verify that the Docker service is running on both nodes.

    ahmer@kubernetes-01:~$ systemctl status docker â docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: e Active: active (running) since Sun 2020-02-16 11:17:17 UTC; 28min ago Docs: https://docs.docker.com Main PID: 1314 (dockerd) Tasks: 10 CGroup: /system.slice/docker.service ââ1314 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/contain Feb 16 11:17:15 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:15.8 Feb 16 11:17:15 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:15.8 Feb 16 11:17:15 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:15.8 Feb 16 11:17:16 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:16.9 Feb 16 11:17:17 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:17.0 Feb 16 11:17:17 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:17.2 Feb 16 11:17:17 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:17.5 Feb 16 11:17:17 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:17.5 Feb 16 11:17:17 docker-01.recipes.com dockerd[1314]: time="2020-02-16T11:17:17.6 Feb 16 11:17:17 docker-01.recipes.com systemd[1]: Started Docker Application Con

    Turn off Swap on both Kubernetes nodes.

    ahmer@kubernetes-01:~$ sudo sed -e '/swap/s/^/#/g' -i /etc/fstab ahmer@kubernetes-01:~$ sudo swapoff -a

    Add public key of Kubernetes Xenial repository in apt on both nodes.

    ahmer@kubernetes-01:~$ curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add OK

    Add Kubernetes Xenial repository on both nodes.

    ahmer@kubernetes-01:~$ sudo apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main" Hit:2 http://pk.archive.ubuntu.com/ubuntu bionic InRelease Get:3 http://pk.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB] Get:4 http://pk.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB] Get:5 http://pk.archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB] Get:1 https://packages.cloud.google.com/apt kubernetes-xenial InRelease [8,993 B] Get:6 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 Packages [33.9 kB] Fetched 286 kB in 2s (118 kB/s) Reading package lists... Done

    We have added the Kubernetes Xenial repository on Ubuntu Server. We can now install Kubenetes packages using apt command.

     

    Installing Kubeadm on Ubuntu Server 18.04 LTS:

    Install Kubeadm using apt command on both nodes.

    ahmer@kubernetes-01:~$ sudo apt install kubeadm -y Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: libdumbnet1 Use 'sudo apt autoremove' to remove it. The following additional packages will be installed: conntrack cri-tools kubectl kubelet kubernetes-cni socat The following NEW packages will be installed: conntrack cri-tools kubeadm kubectl kubelet kubernetes-cni socat 0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded. Need to get 34.8 MB/51.6 MB of archives. After this operation, 272 MB of additional disk space will be used. Get:2 http://pk.archive.ubuntu.com/ubuntu bionic/main amd64 conntrack amd64 1:1.4.4+snapshot20161117-6ubuntu2 [30.6 kB] Get:4 http://pk.archive.ubuntu.com/ubuntu bionic/main amd64 socat amd64 1.7.3.2-2ubuntu2 [342 kB] Get:1 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 cri-tools amd64 1.13.0-00 [8,776 kB] Get:3 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubernetes-cni amd64 0.7.5-00 [6,473 kB] Get:5 https://packages.cloud.google.com/apt kubernetes-xenial/main amd64 kubelet amd64 1.17.3-00 [19.2 MB] Fetched 34.8 MB in 31s (1,110 kB/s) Selecting previously unselected package conntrack. (Reading database ... 67285 files and directories currently installed.) Preparing to unpack .../0-conntrack_1%3a1.4.4+snapshot20161117-6ubuntu2_amd64.deb ... Unpacking conntrack (1:1.4.4+snapshot20161117-6ubuntu2) ... Selecting previously unselected package cri-tools. Preparing to unpack .../1-cri-tools_1.13.0-00_amd64.deb ... Unpacking cri-tools (1.13.0-00) ... Selecting previously unselected package kubernetes-cni. Preparing to unpack .../2-kubernetes-cni_0.7.5-00_amd64.deb ... Unpacking kubernetes-cni (0.7.5-00) ... Selecting previously unselected package socat. Preparing to unpack .../3-socat_1.7.3.2-2ubuntu2_amd64.deb ... Unpacking socat (1.7.3.2-2ubuntu2) ... Selecting previously unselected package kubelet. Preparing to unpack .../4-kubelet_1.17.3-00_amd64.deb ... Unpacking kubelet (1.17.3-00) ... Selecting previously unselected package kubectl. Preparing to unpack .../5-kubectl_1.17.3-00_amd64.deb ... Unpacking kubectl (1.17.3-00) ... Selecting previously unselected package kubeadm. Preparing to unpack .../6-kubeadm_1.17.3-00_amd64.deb ... Unpacking kubeadm (1.17.3-00) ... Setting up conntrack (1:1.4.4+snapshot20161117-6ubuntu2) ... Setting up kubernetes-cni (0.7.5-00) ... Setting up cri-tools (1.13.0-00) ... Setting up socat (1.7.3.2-2ubuntu2) ... Setting up kubelet (1.17.3-00) ... Created symlink /etc/systemd/system/multi-user.target.wants/kubelet.service â /lib/systemd/system/kubelet.service. Setting up kubectl (1.17.3-00) ... Setting up kubeadm (1.17.3-00) ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

    Check kubeadm version to verify if it is installed correctly.

    ahmer@kubernetes-01:~$ kubeadm version kubeadm version: &version.Info{Major:"1", Minor:"17", GitVersion:"v1.17.3", GitCommit:"06ad960bfd03b39c8310aaf92d1e7c12ce618213", GitTreeState:"clean", BuildDate:"2020-02-11T18:12:12Z", GoVersion:"go1.13.6", Compiler:"gc", Platform:"linux/amd64"}

    Pull required images for configuring Kubernetes on both nodes.

    ahmer@kubernetes-01:~$ sudo kubeadm config images pull W0216 12:49:45.337272 6150 validation.go:28] Cannot validate kube-proxy config - no validator is available W0216 12:49:45.337364 6150 validation.go:28] Cannot validate kubelet config - no validator is available [config/images] Pulled k8s.gcr.io/kube-apiserver:v1.17.3 [config/images] Pulled k8s.gcr.io/kube-controller-manager:v1.17.3 [config/images] Pulled k8s.gcr.io/kube-scheduler:v1.17.3 [config/images] Pulled k8s.gcr.io/kube-proxy:v1.17.3 [config/images] Pulled k8s.gcr.io/pause:3.1 [config/images] Pulled k8s.gcr.io/etcd:3.4.3-0 [config/images] Pulled k8s.gcr.io/coredns:1.6.5

    Initialize Kubernetes on kubernetes-01.recipes.com (master node) only.

    ahmer@kubernetes-01:~$ sudo kubeadm init --apiserver-advertise-address=192.168.116.218 W0216 12:56:11.961533 7491 validation.go:28] Cannot validate kube-proxy config - no validator is available W0216 12:56:11.961618 7491 validation.go:28] Cannot validate kubelet config - no validator is available [init] Using Kubernetes version: v1.17.3 [preflight] Running pre-flight checks [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [preflight] Pulling images required for setting up a Kubernetes cluster [preflight] This might take a minute or two, depending on the speed of your internet connection [preflight] You can also perform this action in beforehand using 'kubeadm config images pull' [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Starting the kubelet [certs] Using certificateDir folder "/etc/kubernetes/pki" [certs] Generating "ca" certificate and key [certs] Generating "apiserver" certificate and key [certs] apiserver serving cert is signed for DNS names [kubernetes-01.recipes.com kubernetes kubernetes.default kubernetes.default.svc kubernetes.default.svc.cluster.local] and IPs [10.96.0.1 192.168.116.218] [certs] Generating "apiserver-kubelet-client" certificate and key [certs] Generating "front-proxy-ca" certificate and key [certs] Generating "front-proxy-client" certificate and key [certs] Generating "etcd/ca" certificate and key [certs] Generating "etcd/server" certificate and key [certs] etcd/server serving cert is signed for DNS names [kubernetes-01.recipes.com localhost] and IPs [192.168.116.218 127.0.0.1 ::1] [certs] Generating "etcd/peer" certificate and key [certs] etcd/peer serving cert is signed for DNS names [kubernetes-01.recipes.com localhost] and IPs [192.168.116.218 127.0.0.1 ::1] [certs] Generating "etcd/healthcheck-client" certificate and key [certs] Generating "apiserver-etcd-client" certificate and key [certs] Generating "sa" key and public key [kubeconfig] Using kubeconfig folder "/etc/kubernetes" [kubeconfig] Writing "admin.conf" kubeconfig file [kubeconfig] Writing "kubelet.conf" kubeconfig file [kubeconfig] Writing "controller-manager.conf" kubeconfig file [kubeconfig] Writing "scheduler.conf" kubeconfig file [control-plane] Using manifest folder "/etc/kubernetes/manifests" [control-plane] Creating static Pod manifest for "kube-apiserver" [control-plane] Creating static Pod manifest for "kube-controller-manager" W0216 12:56:21.794517 7491 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC" [control-plane] Creating static Pod manifest for "kube-scheduler" W0216 12:56:21.796144 7491 manifests.go:214] the default kube-apiserver authorization-mode is "Node,RBAC"; using "Node,RBAC" [etcd] Creating static Pod manifest for local etcd in "/etc/kubernetes/manifests" [wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s [kubelet-check] Initial timeout of 40s passed. [apiclient] All control plane components are healthy after 69.728193 seconds [upload-config] Storing the configuration used in ConfigMap "kubeadm-config" in the "kube-system" Namespace [kubelet] Creating a ConfigMap "kubelet-config-1.17" in namespace kube-system with the configuration for the kubelets in the cluster [upload-certs] Skipping phase. Please see --upload-certs [mark-control-plane] Marking the node kubernetes-01.recipes.com as control-plane by adding the label "node-role.kubernetes.io/master=''" [mark-control-plane] Marking the node kubernetes-01.recipes.com as control-plane by adding the taints [node-role.kubernetes.io/master:NoSchedule] [bootstrap-token] Using token: uivhq9.ecs1vzjiz5tal24j [bootstrap-token] Configuring bootstrap tokens, cluster-info ConfigMap, RBAC Roles [bootstrap-token] configured RBAC rules to allow Node Bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials [bootstrap-token] configured RBAC rules to allow the csrapprover controller automatically approve CSRs from a Node Bootstrap Token [bootstrap-token] configured RBAC rules to allow certificate rotation for all node client certificates in the cluster [bootstrap-token] Creating the "cluster-info" ConfigMap in the "kube-public" namespace [kubelet-finalize] Updating "/etc/kubernetes/kubelet.conf" to point to a rotatable kubelet client certificate and key [addons] Applied essential addon: CoreDNS [addons] Applied essential addon: kube-proxy Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ Then you can join any number of worker nodes by running the following on each as root: kubeadm join 192.168.116.218:6443 --token uivhq9.ecs1vzjiz5tal24j \ --discovery-token-ca-cert-hash sha256:95ec6de9f2b260c807b021a1166abf45c55257b182ac94855f0ce60406c392d5

    As required by the above output, we need to configure user environment before using Kubernetes. Therefore, execute following commands on kubernetes-01.recipes.com (master node) only.

    ahmer@kubernetes-01:~$ mkdir -p $HOME/.kube ahmer@kubernetes-01:~$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config ahmer@kubernetes-01:~$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

     

    Join a Worker Node in Kubernetes Cluster:

    Connect with kubernetes-02.recipes.com (worker node) by using ssh command.

    Use the following command to join kubernetes-02.recipes.com our Kubernetes cluster as worker node.

    ahmer@kubernetes-02:~$ sudo kubeadm join 192.168.116.218:6443 --token uivhq9.ecs1vzjiz5tal24j --discovery-token-ca-cert-hash sha256:95ec6de9f2b260c807b021a1166abf45c55257b182ac94855f0ce60406c392d5 W0216 13:42:44.750776 4598 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set. [preflight] Running pre-flight checks [WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/ [preflight] Reading configuration from the cluster... [preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml' [kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.17" ConfigMap in the kube-system namespace [kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml" [kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env" [kubelet-start] Starting the kubelet [kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap... This node has joined the cluster: * Certificate signing request was sent to apiserver and a response was received. * The Kubelet was informed of the new secure connection details. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

    Connect with kubernetes-01.recipes.com (master node) and get list of nodes to confirm that kubernetes-02.recipes.com (worker node) has join the Kubernetes cluster.

    ahmer@kubernetes-01:~$ sudo kubectl get nodes NAME STATUS ROLES AGE VERSION kubernetes-01.recipes.com NotReady master 54m v1.17.3 kubernetes-02.recipes.com NotReady <none> 8m27s v1.17.3

    We need to install a pod network, so our nodes can communicate with each others.

    For this purpose, we are installing Flannel pod network on our Kubernetes cluster.

    ahmer@kubernetes-01:~$ kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml podsecuritypolicy.policy/psp.flannel.unprivileged created clusterrole.rbac.authorization.k8s.io/flannel created clusterrolebinding.rbac.authorization.k8s.io/flannel created serviceaccount/flannel created configmap/kube-flannel-cfg created daemonset.apps/kube-flannel-ds-amd64 created daemonset.apps/kube-flannel-ds-arm64 created daemonset.apps/kube-flannel-ds-arm created daemonset.apps/kube-flannel-ds-ppc64le created daemonset.apps/kube-flannel-ds-s390x created

    Check the status of nodes again.

    ahmer@kubernetes-01:~$ sudo kubectl get nodes NAME STATUS ROLES AGE VERSION kubernetes-01.recipes.com Ready master 58m v1.17.3 kubernetes-02.recipes.com Ready <none> 12m27s v1.17.3

    We have successfully installed and configured a two node Kubernetes cluster on Ubuntu Server 18.04 LTS. If you want to setup the same on CentOS 7, then you should follow our previous article install Kubernetes Cluster with Docker CE on CentOS 7.

    3 comments: