Kubernetes Series Part 1 - Installation

One
Diarpi
May, 2018

Kubernetes installation guide

Part one of the Kubernetes Series - Installation guide.

This guide is meant to be used on a Ubuntu 16.04 virtual machine or bare-metal server.

Following this guide will install a Kubernetes cluster node, version 1.10.2 . It will also install the following dependencies:

  • latest Docker CE
  • latest Kubernetes cni (container networking interface)
  • Flannel network plugin (version 0.10.0)

An Ansible script, which performs everything covered in this guide is also available here:
https://github.com/diarpi/kubernetes-installation

Docker installation

First remove any existing docker installation:

sudo apt-get remove docker docker-engine docker.io

Now, install the prerequisites:

sudo apt-get -y install ca-certificates curl software-properties-common

And define the docker repository:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Finally, install the latest Docker - Community Edition version:

sudo apt-get update && sudo apt-get -y install docker-ce

Kubernetes installation

First install the prerequisites:

sudo apt-get update && sudo apt-get install -y apt-transport-https

Then define the Kubernetes repository:

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list

Next, install the Kubernetes & other related packages.
Installation includes kubeadm, kubectl and container networking interface (CNI):

sudo apt-get update && sudo apt-get install -y kubelet kubeadm kubectl kubernetes-cni

Kubernetes configuration

Kubernetes cluster configuration using kubeadm

We are going to use the previously installed "kubeadm" tool to configure this Kubernetes node.

  • "apiserver-advertise-address" should be updated with correct IP address of your machine
  • "pod-network-cidr" should be left unchanged

Configure the Kubernetes node:

sudo kubeadm init --apiserver-advertise-address=192.168.0.10 --pod-network-cidr=10.244.0.0/16

You should copy the output somewhere safe, especially the token and discovery token CA cert hash.
They are required in case you wish to connect another Kubernetes node to this cluster.

You can reset your node configuration, in case you wish to re-do this step.

Run this command to reset Kubernetes configuration:

sudo kubeadm reset

By resetting the cluster, all configuration is deleted, including the generated certificates.

Configure "kubectl"

Kubectl is used to deploy application through YAML files among other things.
Let's allow non-root users to deploy to this Kubernetes node.

Define KUBECONFIG environment variable for current, non-root user (required for "kubectl" command):

sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Configure Flannel network

First we need to tweak some kernel parameters.
Configure Kernel parameters:

sudo sysctl net.bridge.bridge-nf-call-iptables=1
sudo sysctl -p

Next, we need a CNI (Container Networking Interface) plugin - or simply put a network plugin, which will handle internal routing to the target pod. In this guide, we will use Flannel.
Install Flannel network plugin:

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml

Configure node specifics

The node is configured as "master", which does not allow deployment of pods by default.
Since this is a standalone node, bypass this configuration.

Allow pod deployment on master node:

kubectl taint nodes --all node-role.kubernetes.io/master-

Finally, let's add an admin role.
Add cluster-admin role:

kubectl create clusterrolebinding add-on-cluster-admin --clusterrole=cluster-admin --serviceaccount=kube-system:default

Last but not least

Let's verify that system pods are running:

List all running pods:

kubectl get pods --all-namespaces
NAMESPACE     NAME                        READY     STATUS    RESTARTS   AGE
kube-system   etcd-kube-kube              1/1       Running   0          14s
kube-system   kube-dns-86f4d74b45-qwbg9   3/3       Running   0          51s
kube-system   kube-flannel-ds-fghdb       1/1       Running   0          52s
kube-system   kube-proxy-rpnnr            1/1       Running   0          52s

The "STATUS" of all system pods is Running, meaning the Kubernetes node is now ready to deploy applications!