Installing Kubernetes Cluster using Kubeadm: A Step-by-Step Guide

Fri Oct 27, 2023

Introduction

Kubernetes is an open-source container orchestration platform that has gained immense popularity for its ability to manage containerized applications effortlessly. To set up a Kubernetes cluster, you'll need a tool like Kubeadm, which simplifies the process of bootstrapping a cluster and automating much of the tedious work.

In this blog, we'll explore what Kubeadm is, why you should use it, and provide a detailed guide on setting up a Kubernetes cluster with one control-plane and two worker nodes on AWS.

What is Kubeadm?

Kubeadm is a command-line tool that makes it easy to initialize, manage, and upgrade a Kubernetes cluster. It is part of the Kubernetes project and is designed to simplify cluster provisioning and deployment.

Why Use Kubeadm to Set Up a Kubernetes Cluster?

Kubeadm offers several advantages when it comes to setting up a Kubernetes cluster:

Simplicity: Kubeadm abstracts many of the complexities involved in cluster creation, making it accessible to a wider audience, including developers and administrators who may not have deep Kubernetes expertise.
Consistency: Kubeadm follows best practices and Kubernetes conventions, ensuring that your cluster is set up in a consistent and recommended way.
Automation: Kubeadm automates the process of initializing the control-plane node, joining worker nodes, and configuring various cluster components. This reduces the chances of human error and saves time.
Community Support: Kubeadm is an official Kubernetes project, and its active community provides support, updates, and ongoing development.

Now, let's dive into the step-by-step guide to set up a Kubernetes cluster with one control plane and two worker nodes on AWS using Kubeadm.

Prerequisites

You need an active AWS account to create and manage instances.
three instances (one for control-plane and two for worker) running a deb/rpm-compatible Linux OS; for example: Ubuntu or CentOS.
2 GiB or more of RAM per machine--any less leaves little room for your apps.
At least 2 CPUs on the machine that you use as a control-plane node.
Full network connectivity among all machines in the cluster. You can use either a public or a private network.
Open the following ports on the control-plane and worker nodes as shown below.

Run the following Commands on Both Control-Plane and Worker Nodes.

Switch to root user

sudo su -

Disable Swap

Kubernetes requires disabling swap to work correctly. You can do this on each node by editing the file: /etc/fstab file.

sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

swapoff -a

Disabling swap when installing Kubernetes is necessary because swap can lead to unpredictable resource usage, performance issues, and instability within the Kubernetes cluster. Kubernetes relies on precise control over system resources for efficient container management, and swap can disrupt this control.

Forwarding IPv4 and letting iptables see bridged traffic

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

sudo modprobe overlay
sudo modprobe br_netfilter

# sysctl params required by setup, params persist across reboots

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables     = 1
net.bridge.bridge-nf-call-ip6tables  = 1
net.ipv4.ip_forward                               = 1
EOF

# Apply sysctl params without reboot 
sudo sysctl --system

Verify that the br_netfilter, overlay modules

lsmod | grep br_netfilter 
lsmod | grep overlay

Verify that the net.bridge.bridge-nf-call-iptables, net.bridge.bridge-nf-call-ip6tables, and net.ipv4.ip_forward system variables are set to 1 in your sysctl

sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward

Installing a container runtime

apt-get install -y containerd

Configure the container runtime to use systemd Cgroups.

Create default configuration

mkdir -p /etc/containerd 
containerd config default > /etc/containerd/config.toml

Edit the configuration to set up CGroups
Scroll down till you find a line with SystemdCgroup = false. Edit it to be SystemdCgroup = true, then save and exit vi

vi /etc/containerd/config.toml

Restart contained

systemctl restart containerd

These instructions are for Kubernetes 1.28

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update 
# apt-transport-https may be a dummy package; if so, you can skip that package 
sudo apt-get install -y apt-transport-https ca-certificates curl gpg

Download the public signing key for the Kubernetes package repositories. The same signing key is used for all repositories so you can disregard the version in the URL:

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg

Add the appropriate Kubernetes apt repository.

# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update the apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Configure crictl

crictl config \
    --set runtime-endpoint=unix:///run/containerd/containerd.sock \
    --set image-endpoint=unix:///run/containerd/containerd.sock

Run the following Commands on the Control-Plane Node only.

Switch to root user

sudo su -

To initialize the control plane node run

kubeadm init --apiserver-advertise-address <controlplane ip> --pod-network-cidr=10.244.0.0/16

To make kubectl work for your non-root user, run these commands

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Install Weave Net

kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml

Join your worker nodes

You can easily add worker nodes to your Kubernetes cluster by executing the following command on the worker nodes.

The token required for this operation is generated on the control-plane node:

kubeadm join --token <token> <control-plane-host>:<control-plane-port> --discovery-token-ca-cert-hash sha256:<hash>

You can test the k8s Cluster

kubectl get no              # To list all the nodes

kubectl get pods -A    #  To list all pods from all namespaces.

Conclusion

Kubeadm is a fantastic tool for simplifying the setup of Kubernetes clusters, and in this blog, we've shown you how to create one control-plane and two worker nodes on AWS.

I hope you enjoyed reading this blog and found it informative. If you have any questions or topics you'd like us to cover in future blogs, please don't hesitate to connect with me on LinkedIn.

Thank you for joining us on this Kubernetes journey,

Sampath Siva Kumar Boddeti
AWS & Terraform Certified

Installing Kubernetes Cluster using Kubeadm: A Step-by-Step Guide

Introduction

What is Kubeadm?

Why Use Kubeadm to Set Up a Kubernetes Cluster?

Prerequisites

Run the following Commands on Both Control-Plane and Worker Nodes.

Switch to root user

Disable Swap

Forwarding IPv4 and letting iptables see bridged traffic

Verify that the br_netfilter, overlay modules

Installing a container runtime

Configure the container runtime to use systemd Cgroups.

These instructions are for Kubernetes 1.28

Run the following Commands on the Control-Plane Node only.

Switch to root user

To initialize the control plane node run

To make kubectl work for your non-root user, run these commands

Install Weave Net

Join your worker nodes

You can test the k8s Cluster

Conclusion

You may also be interested in