Install docker
Check which Docker version Kubernetes supports:
By the time of this writing, the latest supported docker version is 18.06.2.
Install dependencies:
Copy sudo apt-get -y install \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
Add the repo:
Copy curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo apt-key fingerprint 0EBFCD88
sudo add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
Install Docker:
Copy sudo apt-get update
sudo apt-get -y install docker-ce=18.06.2~ce~3-0~ubuntu
Setup firewall
Master
Nodes
References
Install kubelet, kubeadm and kubectl
Copy apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
Init cluster
Make sure you server's host name is configured (avoid changing the host name after the cluster is created).
Copy kubeadm init \
--pod-network-cidr=172.31.0.0/20 \
--apiserver-advertise-address=0.0.0.0 \
--apiserver-cert-extra-sans=13.211.85.85
Copy and save the kubeadm join
command.
Configure your user to run kubectl:
Copy mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Deploy Weave Net:
Copy kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
Confirm that all of the pods are running with the following command.
Copy watch kubectl get pods --all-namespaces
Wait until each pod has the STATUS of Running.
Confirm that master node is ready:
References
Dashboard
Deploy the dashboard:
Copy kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v1.10.1/src/deploy/recommended/kubernetes-dashboard.yaml
In your workstation...
Join node
Install kubelet, kubeadm and kubectl.
Setup Docker cgroupdriver systemd
Check docker systemd service config file:
Sample output:
Copy /lib/systemd/system/docker.service
Edit the file:
Copy nano /lib/systemd/system/docker.service
Add --exec-opt native.cgroupdriver=systemd
to the ExecStart
option:
Copy ExecStart=/usr/bin/dockerd -H fd:// --exec-opt native.cgroupdriver=systemd
Restart daemon:
Copy systemctl daemon-reload
systemctl restart docker
Add node to the cluster
The worker node must have exactly the same master versions of the following packages: kubelet, kubeadm, kubectl, kubernetes-cni.
Install packages, for example:
Copy apt-get install \
kubelet=1.13.4-00 \
kubeadm=1.13.4-00 \
kubectl=1.13.4-00 \
kubernetes-cni=0.6.0-00
Hold packages versions:
Copy apt-mark hold kubelet kubeadm kubectl kubernetes-cni
Make sure the master node firewall allows the new node to access it on port 6443.
Make sure you server's host name is configured (avoid changing the host name after).
Run the joint command:
Copy kubeadm join 172.31.7.247:6443 --token g651e8.p09een664u224v76 --discovery-token-ca-cert-hash sha256:b589d4690ac427c5b7046233963d058e2e2cb99f168f90d58ec15a351aa4243b
You should see this output:
Copy This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster.
Go to your master server and label the new node:
Copy kubectl label node PUT-YOURNODE-HOSTNAME-HERE node-role.kubernetes.io/worker=worker
Remove node
List your current nodes:
Output example:
Copy NAME STATUS ROLES AGE VERSION
ip-172-31-7-247 Ready master 46h v1.13.4
ip-172-31-9-145 Ready worker 45h v1.13.4
Let's suppose you want to remove the node ip-172-31-9-145
:
Copy kubectl drain ip-172-31-9-145 --delete-local-data --force --ignore-daemonsets
Check node status:
Output example:
Copy NAME STATUS ROLES AGE VERSION
ip-172-31-7-247 Ready master 46h v1.13.4
ip-172-31-9-145 Ready,SchedulingDisabled worker 45h v1.13.4
Then, on the node being removed , reset all kubeadm installed state::
The reset process does not reset or clean up iptables rules or IPVS tables. If you wish to reset iptables, you must do so manually:
Copy iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
If you want to reset the IPVS tables, you must run the following command:
Kubeadm over VPN
Copy kubeadm init \
--apiserver-advertise-address=10.187.216.232 \
--pod-network-cidr=10.32.0.0/12 \
--service-cidr=10.96.0.0/12