Hi all,
Here’s a short guide for setting up a local Kube cluster using kubeadm in Ubuntu 16.04. Please refer the references for detailed guides from Google Kubernetes Project.
I will be using 2 local machines.
NOTE: This will be a quick local setup and hence I had to strip off most of the security measures. THIS IS NOT A PRODUCTION SETUP!
Installation
1. Install Docker CE 17.03 (Ver 17.03 is important. Currently Kubenetes does not support Docker 18.x). Use ‘sudo su’. For more check here.
apt-get update apt-get install -y apt-transport-https ca-certificates curl software-properties-common curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - add-apt-repository "deb https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") $(lsb_release -cs) stable" apt-get update && apt-get install -y docker-ce=$(apt-cache madison docker-ce | grep 17.03 | head -1 | awk '{print $3}')
2. Install kubeadm and dependencies. Use ‘sudo su’. For more check here.
apt-get update && apt-get install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb http://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl
3. Check if the kubelet service is running
sudo service kubelet status
if it is not, running, then there is some issue in the installation.
Initializing the Kube Master
1. Check which pod network add-on you are going to use from here. I chose Calico and hence I need to pass –pod-network-cidr=192.168.0.0/16 to kubeadm init
2. Turn off swap
sudo swapoff -a
3. Initialize Kube Master
sudo kubeadm init --pod-network-cidr=192.168.0.0/16
If all goes well, you would get the following output. It would be useful to save this output as we would need it in joining the members later.
Your Kubernetes master has initialized successfully! To start using your cluster, you need to run the following as a regular user: mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config You should now deploy a pod network to the cluster. Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at: https://kubernetes.io/docs/concepts/cluster-administration/addons/ You can now join any number of machines by running the following on each node as root: kubeadm join <master_IP>:<master_port> --token <master_token> --discovery-token-ca-cert-hash sha256:<sha_value>
4. As the output suggests, lets copy the admin.conf to $HOME/.kube/config. This would be the default location from which kubectl gets the configurations.
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
5. And then let’s add the pod cluster network. I chose Calico.
kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml
6. Isolate Master. For more check here.
kubectl taint nodes --all node-role.kubernetes.io/master-
By default, cluster will not schedule pods on the master for security reasons. But for this deployment, we can ‘untaint’ master.
7. Check if the administration pods are running, especially kube-dns pod.
kubectl get pods --all-namespaces
Install Kube Dashboard
Best docs for kube dashboard are found here.
1. Install kube dashboard pod
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml
2. Create a service account. Say kube-system
cat << EOT >$HOME/.kube/kube-system.yaml apiVersion: v1 kind: ServiceAccount metadata: name: admin-user namespace: kube-system EOT kubectl apply -f $HOME/.kube/kube-system.yaml
3. Create a ClusterRoleBinding for kube-system
cat << EOT >$HOME/.kube/role.yaml apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: name: admin-user roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: cluster-admin subjects: - kind: ServiceAccount name: admin-user namespace: kube-system EOT kubectl apply -f $HOME/.kube/role.yaml
4. Get the bearer token to access the dashboard
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
5. Start kube proxy
nohup kubectl proxy > kubectl_proxy.log &
6. Log in to the dashboard using the token obtained from #4
http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/
Joining member nodes to the cluster
Once the master is initiated, you can more members to the cluster using the kubeadm join command output generated by the master.
sudo kubeadm join <master_IP>:<master_port> --token <master_token> --discovery-token-ca-cert-hash sha256:<sha_value>
NOTE: Member nodes also have to have the dependencies installed.
For more information check here.