Kubernetes Cluster On Ubuntu 2204 With Kubeadm: A Step-by-Step Guide

by Team 69 views
Kubernetes Cluster on Ubuntu 2204 with Kubeadm: A Step-by-Step Guide

Hey guys! Today, we're diving into the exciting world of Kubernetes and getting our hands dirty by building a Kubernetes cluster on Ubuntu 22.04 using Kubeadm. If you've been itching to orchestrate containers like a pro, you're in the right place. So, buckle up, and let's get started!

Prerequisites

Before we jump into the nitty-gritty, let's make sure we have all our ducks in a row. Here’s what you’ll need:

  • Ubuntu 22.04 Servers: You'll need at least two Ubuntu 22.04 servers. One will act as the master node, and the others will be worker nodes. For a basic setup, two servers are sufficient, but for anything resembling a real-world scenario, consider at least three.
  • SSH Access: Make sure you can SSH into all your servers. This is how we'll be issuing commands and configuring everything.
  • Root Privileges: You'll need sudo or root access to perform most of the commands. Be careful out there!
  • Basic Networking: Ensure your servers can communicate with each other. This usually means having them on the same network or configuring routing correctly.
  • Internet Access: Your servers will need internet access to download packages and container images. No internet, no party!

Step 1: Install Container Runtime (CRI) - Docker

First things first, Kubernetes needs a container runtime to, well, run containers. We're going to use Docker for this guide, but you could also use others like containerd or CRI-O. Let's get Docker installed:

sudo apt update
sudo apt install -y docker.io
sudo systemctl enable docker
sudo systemctl start docker

Let's break down what each command does:

  • sudo apt update: This updates the package lists for upgrades and new package installations. It's like telling your system, "Hey, check for the latest software!"
  • sudo apt install -y docker.io: This installs Docker. The -y flag automatically answers "yes" to any prompts, so the installation proceeds without interruption. Useful for scripting!
  • sudo systemctl enable docker: This ensures Docker starts automatically when your server boots up. No need to manually start Docker every time!
  • sudo systemctl start docker: This starts the Docker service immediately. Now Docker is up and running, ready to handle containers.

After running these commands, it's a good idea to verify that Docker is running correctly. Use the following command:

sudo docker run hello-world

If everything is set up correctly, you'll see a message from the hello-world image confirming that Docker is working. If you encounter any errors, double-check the installation steps and make sure Docker is properly installed and running.

Important Considerations:

  • Storage Driver: Docker uses a storage driver to manage image layers and container data. The default storage driver might not be the best choice for production environments. Consider using overlay2 for better performance and stability. You can configure this in the /etc/docker/daemon.json file.
  • Resource Limits: By default, Docker doesn't enforce strict resource limits on containers. In a multi-tenant environment, it's crucial to set CPU and memory limits to prevent resource exhaustion and ensure fair usage.
  • Security: Docker containers run with certain default security profiles. For enhanced security, explore using AppArmor or SELinux to define stricter security policies for your containers.

Step 2: Install Kubeadm, Kubelet, and Kubectl

Now, let's install the Kubernetes tools we'll need: kubeadm, kubelet, and kubectl. kubeadm is the command-line tool to bootstrap the cluster. kubelet is the agent that runs on each node and manages the containers. kubectl is the command-line tool to interact with the cluster.

First, we need to add the Kubernetes package repository to our system. This involves adding the Kubernetes signing key and the package source:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list

Here’s what each command does:

  • sudo apt-get update: Again, we're updating the package lists. Always a good practice before installing new software.
  • sudo apt-get install -y apt-transport-https ca-certificates curl: This installs necessary packages to allow apt to use HTTPS repositories. apt-transport-https enables secure communication, ca-certificates provides SSL certificates, and curl is used to download the Kubernetes signing key.
  • curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -: This downloads the Kubernetes signing key and adds it to your system. This ensures that the packages you're installing are authentic and haven't been tampered with.
  • echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee -a /etc/apt/sources.list.d/kubernetes.list: This adds the Kubernetes package repository to your system's list of sources. The tee command allows you to append the line to the file while also displaying it in the terminal.

Next, let's install kubeadm, kubelet, and kubectl:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Let's break down these commands:

  • sudo apt-get update: You guessed it, updating the package lists again.
  • sudo apt-get install -y kubelet kubeadm kubectl: This installs kubelet, kubeadm, and kubectl. These are the core Kubernetes tools we'll be using.
  • sudo apt-mark hold kubelet kubeadm kubectl: This prevents these packages from being automatically updated. This is important because Kubernetes version upgrades should be done carefully and deliberately.

Important Considerations:

  • Version Compatibility: Ensure that the versions of kubeadm, kubelet, and kubectl are compatible. Mismatched versions can lead to unexpected issues. It's generally recommended to use the same version for all three components.
  • Package Pinning: The apt-mark hold command is crucial for preventing automatic upgrades. Kubernetes upgrades can be complex, and it's essential to manage them explicitly.
  • Repository Configuration: Double-check the Kubernetes repository configuration to ensure it's pointing to the correct version and release channel. Using the wrong repository can lead to installation issues.

Step 3: Initialize the Kubernetes Cluster

Now for the fun part – initializing the Kubernetes cluster! We'll use kubeadm to do this. Run the following command on your master node:

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

Explanation:

  • sudo kubeadm init: This is the command that bootstraps the Kubernetes control plane.
  • --pod-network-cidr=10.244.0.0/16: This specifies the IP address range for the pod network. This range should not overlap with any existing network in your environment. We're using 10.244.0.0/16 because it's commonly used with Calico, which we'll install later.

This command will take a few minutes to run. Once it's done, it will output a kubeadm join command that you'll need to run on your worker nodes to join them to the cluster. Make sure to copy this command! It will look something like this:

kubeadm join <master-ip>:<master-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>

You'll also see instructions to configure kubectl to interact with the cluster. Run these commands on your master node:

mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

These commands do the following:

  • mkdir -p $HOME/.kube: Creates the .kube directory in your home directory, where kubectl will look for its configuration file.
  • sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config: Copies the Kubernetes configuration file to the .kube directory.
  • sudo chown $(id -u):$(id -g) $HOME/.kube/config: Changes the ownership of the configuration file to your user, so you can use kubectl without sudo.

Important Considerations:

  • Control Plane Endpoints: In a production environment with multiple master nodes, you'll need to configure a load balancer to distribute traffic to the control plane endpoints. This ensures high availability and fault tolerance.
  • Token Management: The token used in the kubeadm join command is used for initial node discovery. It's essential to manage these tokens securely and rotate them regularly.
  • Certificate Management: Kubernetes uses certificates for authentication and encryption. Ensure that these certificates are properly managed and rotated to maintain security.

Step 4: Install a Pod Network Add-on (Calico)

Kubernetes needs a pod network add-on to allow pods to communicate with each other. There are several options, such as Flannel, Calico, and Cilium. We're going to use Calico in this guide because it's robust and provides network policies.

To install Calico, run the following command on your master node:

kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

This command downloads the Calico manifest file and applies it to your cluster. This will create the necessary pods and services to set up the Calico network.

Important Considerations:

  • CNI Compatibility: Ensure that the CNI (Container Network Interface) plugin you choose is compatible with your Kubernetes version and runtime. Using an incompatible CNI can lead to network connectivity issues.
  • Network Policy Enforcement: Calico provides network policy enforcement, which allows you to control traffic flow between pods. Define clear and concise network policies to enhance the security of your cluster.
  • MTU Configuration: The Maximum Transmission Unit (MTU) is the size of the largest packet that can be transmitted over a network. Ensure that the MTU is properly configured for your network to avoid fragmentation and performance issues.

Step 5: Join Worker Nodes to the Cluster

Now, let's join the worker nodes to the cluster. On each worker node, run the kubeadm join command that you copied from the master node after running kubeadm init.

It should look something like this:

kubeadm join <master-ip>:<master-port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>

This command will configure the worker node to connect to the master node and join the cluster.

Important Considerations:

  • Node Labels: Add labels to your worker nodes to categorize them based on their hardware capabilities or roles. This allows you to schedule pods to specific nodes based on their requirements.
  • Taints and Tolerations: Use taints and tolerations to control which pods can be scheduled to specific nodes. This is useful for reserving nodes for specific workloads or for preventing pods from being scheduled to nodes with specific hardware limitations.
  • Resource Capacity: Monitor the resource capacity of your worker nodes to ensure they have enough CPU and memory to handle the workload. Add more nodes to the cluster if necessary to maintain performance and availability.

Step 6: Verify the Cluster

Finally, let's verify that the cluster is up and running. On your master node, run the following command:

kubectl get nodes

This command will list all the nodes in your cluster. You should see your master node and all your worker nodes listed, with their status as Ready.

You can also check the status of the pods in the cluster by running:

kubectl get pods --all-namespaces

This command will list all the pods in all namespaces. You should see the Calico pods running, as well as other Kubernetes system pods.

Conclusion

And there you have it! You've successfully created a Kubernetes cluster on Ubuntu 22.04 using Kubeadm. This is just the beginning, though. There's a whole world of Kubernetes to explore, including deployments, services, ingress, and more. Keep experimenting, keep learning, and you'll be orchestrating containers like a seasoned pro in no time! Happy Kuberneting!

Remember always to consult the official Kubernetes documentation and best practices for production deployments. Good luck, and have fun with your new cluster!