Auteur: Fabrice JAMMES (LinkedIn). Date: Jan 27, 2020 · 10 min read
The ‘size-of-master-and-master-components’ documentation define some guidelines on how to size your masters nodes depending on the total number of your Kubernetes nodes.
containerd is a lightweight
runtime for Linux containers. It is a reliable project, validated by the
Cloud-Native Computing Foundation, as you can see on the CNCF landscape web page. The installation of containerd is required on all of your machines. Indeed, this is the basic brick that will allow Kubernetes to run and manage the containers. Copy and paste the code below in a script and execute it on each machine.
#!/bin/bash set -euxo pipefail # Install containerd pre-requisites cat > /etc/modules-load.d/containerd.conf <<EOF overlay br_netfilter EOF modprobe overlay modprobe br_netfilter # Setup required sysctl params, these persist across reboots. cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 EOF sysctl --system # Install containerd ## Set up the repository ### Install packages to allow apt to use a repository over HTTPS apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common ### Add Docker’s official GPG key curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - ### Add Docker apt repository. add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable" ## Install containerd apt-get update && apt-get install -y containerd.io # Configure containerd mkdir -p /etc/containerd containerd config default > /etc/containerd/config.toml # Restart containerd systemctl restart containerd
For more information regarding the installation of containerd, please check the official documentation.
kubeadmis the official Kubernetes installer, it must be run as
rooton each nodes of your Kubernetes cluster.
kubeletis the daemon in charge of running and managing the containers on every nodes controlled by Kubernetes. It must be available on all the nodes of the cluster, including the master nodes because it also manages the containers in charge of the Kubernetes system components. It uses the CRI specification (Container Runtime Interface) to communicate with the local container execution engine, in our example
kubectl is the Kubernetes client, install it on the machine that will allow you to control your Kubernetes cluster.
As seen above, we recommend that you copy and paste the code below into a script and execute it on each machine.
#!/bin/bash set -euxo pipefail sudo apt-get update && sudo apt-get install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list deb https://apt.kubernetes.io/ kubernetes-xenial main EOF sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
Please note that the script prevents updates to
kubelet which could be caused by the installation of security updates with
On your master node, run the following command:
sudo kubeadm init
Here is what will appear on your console, in the last lines of standard output:
Your Kubernetes control-plane has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: /docs/concepts/cluster-administration/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>
There are three very important instructions here:
how to configure
kubectl, the Kubernetes client. In our example we will use the Kubernetes master node as a client, on which we will therefore issue the commands below:
# Connect with your regular user account, and not with `root` account mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
installing a network plugin, here we choose the simplest one to install:
weave. Just run the command below on your Kubernetes client, which we just configured. Note that in our example it is also the master Kubernetes:
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
the command to execute on all your other nodes so that they join the Kubernetes cluster:
sudo kubeadm join <control-plane-host>:<control-plane-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>
<control-plane-host>:<control-plane-port> contains the DNS name or IP and port of the Kubernetes master.
<token> is the token, whose lifetime is limited, which allows the current node to identify itself to the master. Finally,
<hash> allows the current node to ensure the authenticity of the master.
It is not recommended to run user workload on Kubernetes master node(s) for security reason. That’s why we recommend to use dedicated master node(s) for running Kubernetes system components.
The following command checks that your Kubernetes cluster is up and running:
kubectl cluster-info ✔ 10376 09:19:37 Kubernetes master is running at https://127.0.0.1:32903 KubeDNS is running at https://127.0.0.1:32903/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy To further debug and diagnose cluster problems, use 'kubectl cluster-info dump'.
The command below list all nodes:
kubectl get nodes
Finally, installing Kubernetes with
kubeadm is rather simple, isn’t it :-).
The official documentation describes all the operations required to delete your cluster. If you have created your machines in a Cloud, an equivalent and much simpler solution is of course to delete all of them, and then recreate them in their initial state.
Here is a sample script to automate this process: https://github.com/k8s-school/k8s-advanced/tree/master/0_kubeadm . To learn more, you can contact us and register to one of our training courses.