Install Kubernetes cluster on Azure CentOS 8 Virtual Machine
You may find different refences in web on this topic. Please find the steps worked in my lab. Hope, this will be useful for you too !!!
PREREQUISITIES
- I am planning one master and two workers in CentOS in this guide
- At least 4 GB RAM and 2 CPUs in each nodes
- Root access/sudo permissions
STEPS TO BE FOLLOWED IN ALL THE THREE NODES
- Update the servers
dnf -y upgrade
- Disable SELinux enforcement
setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
- Enable transparent masquerading and facilitate Virtual Extensible LAN (VxLAN) traffic for communication across the cluster
modprobe br_netfilter
- Enable IP masquerade at the firewall
firewall-cmd --add-masquerade --permanent
firewall-cmd --reload
- Set bridged packets to traverse iptables rules. Create the file /etc/sysctl.d/k8s.conf as bellow
cat <<EOF > /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
- Load the new rules we created just now
sysctl --system
- To increase the performance of the nodes, we need to disable all memory swaps
swapoff -a
INSTALL DOCKER ON ALL THE THREE NODES
- Add the repository
dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo
- Install container.io
dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.6-3.3.el7.x86_64.rpm
- Install Docker
dnf install docker-ce --nobest -y
- Add a docker config file ‘/etc/docker/daemon.json’ and added below to the file
{
"exec-opts": ["native.cgroupdriver=systemd"]
}
- Start the docker service
systemctl start docker
- Set the docker service to start automatically on server restart
systemctl enable docker
- Verify the Docker version and Images
docker version
docker images
INSTALL KUBERNETES ON ALL THE THREE NODES
- Add the Kubernetes repository to your package manager. Create the repo file as below:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
- Update the repo
dnf upgrade -y
- Install kubelet kubeadm kubectl for Kubernetes
dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
CONFIGURE K8S MSTER NODE
- Configure kubeadm for image pull
kubeadm config images pull
- Open the required ports for k8s – 6443,2379,2380,10250,10251,10252
firewall-cmd --zone=public --permanent --add-port={6443,2379,2380,10250,10251,10252}/tcp
- Allow docker access from worker nodes. Run ip addr in each worker nodes to find the internal IP address used by the ethernet adapter. You can see the IP address similar to the below image:
firewall-cmd --zone=public --permanent --add-rich-rule 'rule family=ipv4 source address=10.128.0.11/32 accept'
firewall-cmd --zone=public --permanent --add-rich-rule 'rule family=ipv4 source address=10.128.0.12/32 accept'
- Allow localhost access of the master node from docker container. Run ip addr in master node to find the ip address used by docker. You can see the IP address similar to the below image:
firewall-cmd --zone=public --permanent --add-rich-rule 'rule family=ipv4 source address=172.17.0.0/16 accept'
- Make the firewall changes permanent to the master node
firewall-cmd --reload
- Install CNI (container network interface) plugin for Kubernetes. We are adopting calico on this exercise. Use a different internal IP range from the existing range of IP in this command. The command will generate the token parameter for node addition
kubeadm init --pod-network-cidr 10.128.1.7/16
Make a note of the token generated in above step to use it for the worker nodes addition. The tokens can be seen as below while successfully completing the above command
- Make the following folder and config files. We need to set the file permissions also as indicated. Finally, need to apply the manifests from calico for the CNI also
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
- As a final step, we can enable pod to run on Master to makes sure that the setup worked well. The following command helps on that
kubectl taint nodes --all node-role.kubernetes.io/master-
With the following command, make sure that nodes are started running in master also
kubectl get nodes
CONFIGURE K8S WORKER NODE
- Start the docker service
systemctl start docker
- Open Ports in firewall and make the changes as permanent
firewall-cmd --zone=public --permanent --add-port={10250,30000-32767}/tcp
firewall-cmd --reload
- Now the nodes can join the cluster using the token we saved in one of the previous step. An example is shown as below. You should change the token with your own . Run the command in both workers so that the workers can join the cluster
kubeadm join 94.237.41.193:6443 --token 4xrp9o.v345aic7zc1bj8ba \
--discovery-token-ca-cert-hash sha256:b2e459930f030787654489ba7ccbc701c29b3b60e0aa4998706fe0052de8794c
WE ARE DONE !!!
To check the nodes added to the cluster, go to master and run the following command
kubectl get nodes
kubectl get nodes -o wide
You will be able to see the newly added nodes are joined to the cluster as below
Well Done !!! the primary objective of the guide is to enable you to setup a small lab system for K8S with one master node and 2 worker nodes. So, finally, were able to achieve that !!!
If you really would like to get help on testing the cluster by deploying a sample web application, please visit my next blog here: Deploy sample web application in kuberenetes cluster
Thank you all !!!
No responses yet