Appendix_A_docker_k8s_install

Appendix A: Docker and Kubernetes Installation Guide

This guide provides steps for installing Docker and setting up a Kubernetes cluster using kubeadm. These instructions may require adjustments based on your specific Linux distribution and version.

Part 1: Docker Installation

1.1 Prepare Hosts and Install Docker

sudo apt update -y
sudo apt install -y \
  docker.io \
  watch \
  ipset \
  tcpdump \
  jq

1.2 Enable Docker

Ensure Docker is enabled to start on boot and check the installed version.

sudo systemctl enable docker
sudo systemctl start docker # Ensure Docker service is running
sudo docker --version

1.3 Alternative Docker Installation (Using Docker's Official Script)

Alternatively, you can install Docker using the official convenience script from Docker.

curl https://get.docker.com/ | sh
# Post-installation steps might be required, e.g., adding user to 'docker' group:
# sudo usermod -aG docker $USER
# newgrp docker

Part 2: Kubernetes Installation (using kubeadm)

These steps should be performed on all machines that will be part of your Kubernetes cluster.

Disable Swap: Kubernetes requires swap to be disabled.

sudo swapoff -a
# Persistently disable swap by commenting out swap entries in /etc/fstab
# sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

Install kubeadm, kubelet, and kubectl: Refer to the official Kubernetes documentation for installing these packages for your specific OS version, as the repository used in Docker setup might be outdated for current kubeadm. Assuming apt.kubernetes.io is correctly configured for a compatible version (or pkgs.k8s.io):

# Example for Debian/Ubuntu based on official docs (adjust for your needs):
# sudo apt-get update
# sudo apt-get install -y apt-transport-https ca-certificates curl gpg
# curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update # Or use the specific repo update if you added a new one
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl # Prevent unintended upgrades

Verify installation:

kubeadm version

Pull Required Images (Optional but Recommended): This step downloads the container images kubeadm will use, which can speed up kubeadm init and kubeadm join.
```
sudo kubeadm config images pull
```

2.2 Initialize the Master Node

Perform these steps only on the machine designated as the master node.

Determine Master Node's Internal IP: The following command attempts to get the IP from eth1. Adjust the interface name (eth1) if your primary network interface is different (e.g., ens160, enp0s3).
```
export MASTER_INTERNAL_IP=$(ip -f inet addr show eth1 | sed -En -e 's/.*inet ([0-9.]+).*/\1/p')
echo "Master Node IP: $MASTER_INTERNAL_IP"
```
If $MASTER_INTERNAL_IP is empty or incorrect, set it manually.

Initialize Kubernetes Control Plane: Adjust --apiserver-cert-extra-sans if you have a specific DNS name for your master node or a load balancer.

sudo kubeadm init \
    --pod-network-cidr=192.168.0.0/16 \
    --apiserver-cert-extra-sans=127.0.0.1,$(hostname -f),your-master-node.your-domain.com \
    --apiserver-advertise-address "$MASTER_INTERNAL_IP"

(Replaced specific FQDN with a placeholder and used $(hostname -f))

Post-Initialization Steps:
- CRITICAL: After kubeadm init finishes, it will output a kubeadm join command. You must copy this entire command and save it. You will need it to join worker nodes to the cluster. It will look something like this (your token and hash will be different):
  kubeadm join <master_ip>:<master_port> --token <token> \ --discovery-token-ca-cert-hash sha256:<hash>
- Configure kubectl for Admin Access: The /etc/kubernetes/admin.conf file contains credentials providing administrative access to your cluster.
  mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
  This configuration grants full control over the cluster. Handle it securely.
Monitor Node Status (Optional): Open another terminal or run in the background to watch nodes join. Initially, the master node might show "NotReady" until a CNI is installed.
```
watch kubectl get nodes
```

2.3 Join Worker Nodes

Perform these steps on each machine designated as a worker node. Ensure steps from "2.1 Install kubeadm and Related Tools on All Nodes" have been completed on each worker.

Use the Saved kubeadm join Command: Execute the kubeadm join command that you saved from the kubeadm init output on the master node. It will look like:
```
sudo kubeadm join <master_ip>:<master_port> --token <token> --discovery-token-ca-cert-hash sha256:<hash>
```
(The original document mentioned "---- copy the print join command ---". This clarifies that it's the command from the master's init.)

2.4 Install a Container Network Interface (CNI) Plugin

This step is performed on the master node after worker nodes have (or are starting to) join. Pod networking is required for pods to communicate and for nodes to become "Ready".

Apply Calico CNI Manifest: Calico is a popular CNI choice. Ensure your chosen --pod-network-cidr in kubeadm init (e.g., 192.168.0.0/16) is compatible with the CNI plugin's default configuration or update the CNI manifest accordingly.
```
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
```
Verify Node Status: After a few minutes, nodes should transition to the "Ready" state.
```
watch kubectl get nodes
```

Home

PreviousApp_Routable_Demo NextAppendix_B_tcpdump_lab

Last updated 6 months ago