Building a Kubernetes Cluster on Ubuntu Server 18.04

Introduction

As the number of containers increases, the network between containers becomes complicated, and the production environment and development environment become crowded, Docker becomes very difficult to manage.

This time, we will build a Kubernetes cluster on Ubuntu 18.04 LTS, which is the de facto standard for container orchestration tools .

This environment

• Virtual machine on Proxmox (Ubuntu Serer 18.04)
• Master & etcd 1 VM+ Workers 3 VM’s
• Built with Kubeadm
• Docker latest version
• Kubernetes v1.17.0
• Name:master — IP:10.21.21.100
• Name:worker01 — IP:10.21.21.101
• Name:worker02 — IP:10.21.21.102
• Name:worker03 — IP:10.21.21.103

$ sudo sh -c "echo \"master 10.21.21.100\" >> /etc/hosts"
$ sudo sh -c "echo \"worker01 10.21.21.101\" >> /etc/hosts"
$ sudo sh -c "echo \"worker02 10.21.21.102\" >> /etc/hosts"
$ sudo sh -c "echo \"worker03 10.21.21.103\" >> /etc/hosts"

Build Master node

Install Docker

I will do it for all VM’s

$ sudo sed -i 's|/swap|#/swap|' /etc/fstab
$ sudo sed -i 's|GRUB_CMDLINE_LINUX=""|GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1"|' /etc/default/grub
$ sudo apt-get remove docker docker-engine docker.io containerd runc
$ sudo apt-get update
$ sudo apt-get install \
  apt-transport-https \
  ca-certificates \
  curl \
  gnupg-agent \
  software-properties-common -y
$ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
$ sudo add-apt-repository \
 "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
 $(lsb_release -cs) \
 stable"
$ sudo apt-get update
$ sudo apt-get install docker-ce docker-ce-cli containerd.io -y
$ sudo sh -c "echo '{\"exec-opts\":[\"native.cgroupdriver=systemd\"],\"log-driver\":\"json-file\",\"log-opts\":{\"max-size\":\"100m\"},\"storage-driver\":\"overlay2\"}' > /etc/docker/daemon.json"
$ sudo mkdir -p /etc/systemd/system/docker.service.d
$ sudo usermod -aG docker $USER
$ sudo systemctl daemon-reload
$ sudo systemctl enable docker
$ sudo systemctl restart docker

Install Kubernetes

I will do it for all VM’s

$ curl -fsSL https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
$ sudo add-apt-repository -y ppa:projectatomic/ppa
$ sudo sh -c "echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' > /etc/apt/sources.list.d/kubernetes.list"
$ sudo apt update
$ sudo apt install -y kubelet kubeadm kubectl libseccomp2 software-properties-common
$ sudo modprobe overlay
$ sudo modprobe br_netfilter
$ sudo sh -c 'echo "net.bridge.bridge-nf-call-iptables = 1\nnet.ipv4.ip_forward = 1\nnet.bridge.bridge-nf-call-ip6tables = 1" > /etc/sysctl.d/99-kubernetes-cri.conf'
$ sudo sysctl --system
$ sudo systemctl daemon-reload
$ sudo systemctl enable kubelet
$ sudo systemctl restart kubelet

After done reboot all machines

Build a cluster

Build Master node

$ sudo kubeadm init
Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user:
mkdir -p $HOME/.kube
  sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
  https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:
kubeadm join 10.21.21.100:6443 --token pk20xj.72b6a17303c51b1e \
    --discovery-token-ca-cert-hash sha256:fe7f08aa80ce0d20c83207f35199a723127a297e3eb08e05e22eab8cc7fbbe7b

joinIs output when the command for is output.
kubectlCopy the credentials so that the command can be executed.

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config

Build Worker node

joinUse the command output earlier on worker nodes

$ sudo kubeadm join 10.21.21.100:6443 --token pk20xj.72b6a17303c51b1e \
    --discovery-token-ca-cert-hash sha256:fe7f08aa80ce0d20c83207f35199a723127a297e3eb08e05e22eab8cc7fbbe7b
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.

Run ~ Is output, it is successful.

Testing

Do it with Master.

$ kubectl get node
NAME       STATUS     ROLES    AGE     VERSION
master     NotReady   master   15m20s   v1.17.0
worker01   NotReady   <none>   5m7s    v1.17.0
worker02   NotReady   <none>   5m7s    v1.17.0
worker03   NotReady   <none>   5m7s    v1.17.0

NotReadyThis is because I haven't installed CNI yet, but that's okay .

CNI

Since Kubernetes itself does not provide network functions, it is necessary to create a network for inter-node communication.

There are :

• Flannel,
• Weave,
• Calico,

But this time we will use Weave.

Do it with Master.

$ kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net created

As I mentioned earlier NotReady, I installed CNI, so let's check it again.

$ kubectl get node
NAME       STATUS   ROLES    AGE   VERSION
master     Ready    master   48m   v1.17.0
worker01   Ready    <none>   44m   v1.17.0
worker02   Ready    <none>   44m   v1.17.0
worker03   Ready    <none>   44m   v1.17.0

I Ready'm safe .

This completes the Kubernetes cluster construction.