Installed a first Kubernetes cluster consisting of 1 master node and 1 worker node on CentOS 7. Kubernetes has version 1.6.2.<\/p>\n\n\n\n
Kubernetes is not working with CentOS 8 yet so I have used the latest CentOS 7. Everything is installed on Oracle VM VirtualBox on a Windows 10 host.<\/p>\n\n\n\n\n\n\n\n
Install 2 servers with a minimal installation of CentOS 7 with a regular user. User student in my case.
Make sure the servers have at least 2 vcpu. I configured a 8 GB of memory and a maximum of 40 GB disk space.<\/p>\n\n\n\n
# Become root\nsudo -i\n\n# Update to the latest versions \nyum update -y\n\n# Reboot the server\nreboot\n\n# Disable the firewall\nsystemctl disable firewalld \nsystemctl stop firewalld\n\n# Set SELinux in permissive mode\nsetenforce 0\nsed -i 's\/^SELINUX=enforcing$\/SELINUX=permissive\/' \/etc\/selinux\/config\n\n# Remove swap\ncat \/proc\/swaps\nswapoff -a\n\n# Remove the swap partition\nvi \/etc\/fstab\n\n# Install docker\nyum install docker -y\nsystemctl enable docker.service\nsystemctl start docker.service \n\n# Add the Kubernetes repo\ncat <<EOF > \/etc\/yum.repos.d\/kubernetes.repo\n[kubernetes]\nname=Kubernetes\nbaseurl=https:\/\/packages.cloud.google.com\/yum\/repos\/kubernetes-el7-x86_64\nenabled=1\ngpgcheck=1\nrepo_gpgcheck=1\ngpgkey=https:\/\/packages.cloud.google.com\/yum\/doc\/yum-key.gpg https:\/\/packages.cloud.google.com\/yum\/doc\/rpm-package-key.gpg\nEOF\n\n# Install te latest kubelet, kubeadm and kubectl\nyum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes \n\n# Enable kubelet\nsystemctl enable --now kubelet \n\n# Load br_netfilter\nmodprobe br_netfilter \n\n# Make sure traffic is routed correctly \ncat <<EOF > \/etc\/sysctl.d\/k8s.conf\nnet.bridge.bridge-nf-call-ip6tables = 1\nnet.bridge.bridge-nf-call-iptables = 1\nEOF\nsysctl --system\n\n# Add the 2 hosts ip-addresses to \/etc\/hosts\n# Add k8smaster ip-address\n10.0.2.7 k8smaster kube01.petersplanet.local\n10.0.2.8 node01.petersplanet.local\n<\/pre>\n\n\n\nLogin to the Kubernetes master node and create the cluster with the Calico network. Make sure there is no overlap with the Calico network which is 192.168.0.0\/16 by default.<\/p>\n\n\n\n
# Master node\n# Initialize the cluster\nkubeadm init --pod-network-cidr=192.168.0.0\/16 --control-plane endpoint=k8smaster:6443 \n\nYour Kubernetes control-plane has initialized successfully!\n\nTo start using your cluster, you need to run the following as a regular user:\n\n mkdir -p $HOME\/.kube\n sudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\n sudo chown $(id -u):$(id -g) $HOME\/.kube\/config\n\nYou should now deploy a pod network to the cluster.\nRun \"kubectl apply -f [podnetwork].yaml\" with one of the options listed at:\n https:\/\/kubernetes.io\/docs\/concepts\/cluster-administration\/addons\/\n\nYou can now join any number of control-plane nodes by copying certificate authorities\nand service account keys on each node and then running the following as root:\n\n kubeadm join k8smaster:6443 --token yv8otv.act8e9865fcgg2mt \\\n --discovery-token-ca-cert-hash sha256:3f945a0e0c88f76a2df172f2e133e7c8956c8e9859da530e82c1891be503cdd7 \\\n --control-plane\n\nThen you can join any number of worker nodes by running the following on each as root:\n\nkubeadm join k8smaster:6443 --token yv8otv.act8e9865fcgg2mt \\\n --discovery-token-ca-cert-hash sha256:3f945a0e0c88f76a2df172f2e133e7c8956c8e9859da530e82c1891be503cdd7\n[root@kube01 ~]#\n\n# Apply the network\nkubectl apply -f https:\/\/docs.projectcalico.org\/v3.8\/manifests\/calico.yaml \n\n\n# Become user student again\nexit\n\n# As user student\nmkdir -p $HOME\/.kube\nsudo cp -i \/etc\/kubernetes\/admin.conf $HOME\/.kube\/config\nsudo chown $(id -u):$(id -g) $HOME\/.kube\/config\n\n# Verify the result\nkubectl get pods --all-namespaces\nkubectl get nodes -o wide \n <\/pre>\n\n\n\nNow add the worker node to the cluster<\/p>\n\n\n\n
# Log into the worker node as user student\n# Use the info from the kubeadm init command\nsudo kubeadm join k8smaster:6443 --token yv8otv.act8e9865fcgg2mt --discovery-token-ca-cert-hash sha256:3f945a0e0c88f76a2df172f2e133e7c8956c8e9859da530e82c1891be503cdd7\n\n[preflight] Running pre-flight checks\n[preflight] Reading configuration from the cluster...\n[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'\n[kubelet-start] Downloading configuration for the kubelet from the \"kubelet-config-1.16\" ConfigMap in the kube-system namespace\n[kubelet-start] Writing kubelet configuration to file \"\/var\/lib\/kubelet\/config.yaml\"\n[kubelet-start] Writing kubelet environment file with flags to file \"\/var\/lib\/kubelet\/kubeadm-flags.env\"\n[kubelet-start] Activating the kubelet service\n[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...\n\nThis node has joined the cluster:\n* Certificate signing request was sent to apiserver and a response was received.\n* The Kubelet was informed of the new secure connection details.\n\nRun 'kubectl get nodes' on the control-plane to see this node join the cluster.<\/pre>\n\n\n\n# Verify the result on the master node\n\n[student@kube01 ~]$ kubectl get pods --all-namespaces\n NAMESPACE NAME READY STATUS RESTARTS AGE\n kube-system calico-kube-controllers-55754f75c-mt62c 1\/1 Running 1 13h\n kube-system calico-node-fdtqk 1\/1 Running 0 48m\n kube-system calico-node-mdbt9 1\/1 Running 1 13h\n kube-system coredns-5644d7b6d9-bqqk6 1\/1 Running 1 13h\n kube-system coredns-5644d7b6d9-jw5wv 1\/1 Running 1 13h\n kube-system etcd-kube01.petersplanet.local 1\/1 Running 1 13h\n kube-system kube-apiserver-kube01.petersplanet.local 1\/1 Running 1 13h\n kube-system kube-controller-manager-kube01.petersplanet.local 1\/1 Running 1 13h\n kube-system kube-proxy-d6bnc 1\/1 Running 1 13h\n kube-system kube-proxy-rlxs6 1\/1 Running 0 48m\n kube-system kube-scheduler-kube01.petersplanet.local 1\/1 Running 1 13h\n\n#\n[student@kube01 ~]$ kubectl get nodes\n NAME STATUS ROLES AGE VERSION\n kube01.petersplanet.local Ready master 14h v1.16.2\n node01.petersplanet.local Ready <none> 84m v1.16.2<\/pre>\n\n\n\nTroubeshooting<\/p>\n\n\n\n