Roby Yasir Amri
:date_full
Clustering Kubernetes using Kubeadm
1. Eksekusi di semua nodes
- Update repo & packages
sudo apt-get update -y && sudo apt upgrade -y --with-new-pkgs
- Install dependencies
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg lsb-release
- Setup localtime
sudo timedatectl set-timezone Asia/Jakarta
- Setup hosts file
sudo nano /etc/hosts
...
xxx.xxx.xxx.xxx hostname
...
2. Install Kubernetes dan Containerd
- Disable swap
sudo swapoff -a
- Disable swap on startup in /etc/fstab:
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
- Create configuration file for containerd:
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
- Load modules:
sudo modprobe overlay
sudo modprobe br_netfilter
- Set system configurations for Kubernetes networking:
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
- Apply new settings:
sudo sysctl --system
- Install Containerd
sudo apt-get update && sudo apt-get install -y containerd
- Create default configuration file for containerd:
sudo mkdir -p /etc/containerd
- Generate default containerd configuration and save to the newly created default file:
sudo containerd config default | sudo tee /etc/containerd/config.toml
- Restart & check status containerd to ensure new configuration file usage:
sudo systemctl restart containerd
sudo systemctl status containerd
- Add kubernetes repository
sudo curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF
sudo apt-get update
- Install Kubelet, kubeadm dan kubectl
sudo apt-get -y install kubelet=1.23.0-00 kubeadm=1.23.0-00 kubectl=1.23.0-00
3. Clustering Kubernetes
Master Nodes
- Init kubernetes
Jika menggunakan flannel
sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --control-plane-endpoint "<vip-atau-hostname-master:6443>" --upload-certs
Jika menggunakan calico
sudo kubeadm init --control-plane-endpoint "<vip-atau-hostname-master:6443>" --upload-certs
- Set Kubectl access
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
- Alternatively, if you are the root user, you can run:
export KUBECONFIG=$HOME/.kube/config
- Install CNI
Jika menggunakan Flannel
kubectl apply -f [https://raw.githubusercontent.com/coreos/**flan**nel/master/Documentation/kube-**flan**nel.yml](https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml)
jika menggunakan Calico
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
Init kubernetes jika menggunakan versi dibawah 1.20.x
- Bikin file kubeadm-config
sudo nano kubeadm-config.yaml
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
networking:
podSubnet: "10.244.0.0/16"
kubernetesVersion: "v1.15.1" ## *sesuaikan dengan versi cluster*
controlPlaneEndpoint: “<vip-atau-hostname-master:6443>"
apiServer:
certSANs:
- "IP-Master1"
- "hostname-master1"
- "IP-Master2"
- "hostname-master2"
- "IP-Master3"
- "hostname-master3"
- "IP-VIP"
- "hostname-VIP"
- Init Cluster
kubeadm init --config=kubeadm-config.yaml
- Sebelum join cluster, copy file ke semua master
scp -r /etc/kubernetes/pki master-node:~/
cd pki
mkdir -p /etc/kubernetes/pki/etcd
cp ca.crt ca.key sa.key sa.pub front-proxy-ca.crt front-proxy-ca.key /etc/kubernetes/pki
cp etcd/ca.crt etcd/ca.key /etc/kubernetes/pki/etcd/
Join cluster
- Join Master node ke Cluster
In the Control Plane Node/Master node, create the token and copy the kubeadm join command (NOTE:The join command can also be found in the output from kubeadm init command):
sudo kubeadm token create --print-join-command
sudo kubeadm join <join command from the previous command> --control-plane —apiserver-advertise-address=<ip-node>
- Join Worker node ke Cluster
sudo kubeadm join <join command from the previous command>
kubectl label nodes <worker-hostname> type=app
- Add worker label
kubectl label nodes <worker-hostname> [node-role.kubernetes.io/worker=](http://node-role.kubernetes.io/worker=)
4. Rejoin master/worker node baru ke existing cluster
master$ sudo KUBECERT=$(kubeadm init phase upload-certs --upload-certs)
master# sudo kubeadm token create --certificate-key $KUBECERT --print-join-command
worker-new$ sudo kubeadm join <join command from the previous command>
master-new$ sudo kubeadm join --control-plane <join command from the previous command>