By Alex Mungai Muchiri, Alibaba Cloud Community Blog author
Kubernetes does not have to be complicated and messy. You can achieve quick turnaround and configure a Kubernetes cluster easily using the Kubeadm toolkit, which is a tool to automate the installation and configuration of Kubernetes components. The tool can help set up an executable cluster with minimal working components in place. It handles installations such as the API server, Controller Manager, and Kube DNS.
In this tutorial, you will learn how to install a Kubernetes cluster on an Alibaba Cloud ECS instance installed with Ubuntu 16.04 with Kubeadm. The purpose of this tutorial is just to give you a simple test environment.
Before you begin this tutorial, make sure that you have the following items:
Specifically, the three servers or hosts should have familiar names, such as kube-1, kube-2 and kube-3 as shown below:
| Server | Hostname |
| 1 | kube-01 |
| 2 | kube-02 |
| 3 | kube-03 |
In this tutorial, we will create roles for the three hosts as a master and two workers. While not essential to the configuration of Kubernetes clusters, keep in mind the following:
| Assigned roles | Hostname |
| Master | kube-01 |
| Worker | kube-02 |
| Worker | kube-03 |
Now proceed with the server preparation.
Follow the steps outlined below to install a Kubernetes clusters on Alibaba with Kudeadm.
In this step, we'll prepare our servers for the configuration of our Kubernetes cluster. The first step in preparing the server is ensuring your virtual servers have unique hostnames. For this tutorial, I recommend that you use kube-1, kube-2, and kube-3. You'll also need MAC addresses and some other unique identifiers. In reality, Alibaba Cloud automatically assigns unique identifiers to your servers so to ensure the hostnames are also unique.
The next step in preparing the server is enabling the ports 6443 and 10250 for the Kubernetes API Server and Kubelet API respectively. As a requirement, the commands below should be run with the root user.
Run the command:
firewall-cmd --get-active-zonesNext, activate the ports by running the commands below:
firewall-cmd --zone=public --add-port=6443/tcp --permanent
firewall-cmd --zone=public --add-port=10250/tcp --permanentFinally, you will need to switch off SWAP partitioning by running the command below:
sudo swapon -s
sudo swapoff -aThe first command checks the swap list while the next one disables it. Repeat the commands for all the three server instances and the proceed to the next step. However, for permanent disabling, you need to access the /etc/fstab file in your favorite editor like so:
sudo nano /etc/fstabNext, you'll want to find the line below and place a # comment like so:
#/dev/mapper/hakase--labs--vg-swap_1 none swap sw 0 0Save, exit and reboot system with the below command:
sudo rebootWe'll step up Docker for container runtime and iinstall Docker to run containers for future projects and of course, for purposes of demonstrating the lessons of this tutorial. Installing Docker in an Ubuntu server is as easy as running the commands below in all three servers:
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add ¨C
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt-get update
apt-get install -y docker-ceIt is important to note that Kubernetes supports the latest Docker Engine version and there are potential conflicts if a newer version is installed. So, ensure that you check the supported version for the installed Kubernetes release.
The command below checks the Docker version:
docker versionWhen you have the right version installed, you may need to hold it so that it is not updated by mistake and hence become incompatible with Kubernetes.
sudo apt-mark hold docker-ceEnable and start Docker using the commands below:
sudo systemctl enable docker
sudo systemctl start dockerNow we have our container runtime installed and ready to deploy the Kubeadm toolkit
In this step, we'll need to SSH into each of the three servers that make up our cluster and install the three components. Again, you will need to login as root to be able to run these commands.
Accordingly, run the commands below in Kube-1, Kube-2 and Kube-3:
apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cd /etc/apt
sudo nano sources.list.d/kubernetes.listPaste the line below in the file:
deb http://apt.kubernetes.io/ kubernetes-xenial mainThen, run the commands below:
apt-get update
apt-get install -y kubelet kubeadm kubectlHowever, we should ensure that Kubernetes does not get updated to a version that would be incompatible with Docker. We shall update the package manager to exclude Kubernetes from potential updates by running the command below:
sudo apt-mark hold kubelet kubeadm kubectlNow that we have ensured that the packages remain in sync, we shall proceed to configure the cgroup driver.
This is not a mandatory step and whether to proceed with this step or to bypass it will depend on the results of the command below. In kube-1 server, run the command:
sudo docker info | grep -i cgroupIf the output of this command is something of this sorts, then you will need cgroup configuration.
Cgroup Driver: cgroupfsNow we'll modify the default kubelet default file and include the Cgroup driver that we have seen above. In your favourite editor (I use nano), run the command below:
sudo nano /etc/default/kubelet Include the following line in the file:
KUBELET_KUBEADM_EXTRA_ARGS= - cgroup-driver=< cgroupfs >Now you should restart Kubelet by running the commands below:
systemctl daemon-reload
systemctl restart kubeletGreat, we are all set for the master configuration in the next step.
Now SSH into the kube-1 server to initiate the master node. The command below will be all we need:
kubeadm init --pod-network-cidr=192.168.100.10/6433During the server preparation, we enabled the ports 6443 and 10250. Now, be sure to replace the 10.244.0.0/16 in the command above with your IP/port combination.
Let us breakdown the kubeadm init command above:
--pod-network-cidr: This will define the Pod network segment for your cluster.--apiserver-advertise-address: This argument defines the IP address to be used by the Kubernetes API and could of any type.--apiserver-cert-extra-sans: This argument serves to define the IP or domain to be included in the certificate sans, to include more information apart from the host machine hostname and IP.When executed, you should see numbers running down the black screen and then finally a 'Your Kubernetes master has initialized successfully!' message. You should also get a line that you will run in the worker nodes to link them to the master.
Now, follow the steps below to make modifications to the user shell environment if you are using a non-root user to run these commands:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/configAs was mentioned earlier, you should also get a line that you will run in the worker nodes to link them to the master.
kubeadm join 192.168.100.10/6433--token bkz1q4.yuevvhvve90jk --discovery-token-ca-cert-hash sha256: F3409C6C295F87249D5C08DA11791F3452950A0ACE646DF2BAD06514940DF847This line is very useful and without it, your worker nodes cannot be enjoined to the cluster. Copy it in preparation for linking your two workers. However, if it is more than24 hours since it was generated, you will need to regenerate using the command below:
kubeadm token create --print-join-commandGreat, let now deploy the cluster networking in the next step
Cluster networking facilitates communication between pods, containers and between external services and nodes. The chosen model is the Flannel, which we will apply by running the command below:
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.ymlSo far we have set up the cluster networking and you can verify that by running the command below:
kubectl get deployments --all-namespacesYou should be able to see your master listed. Now we shall add the workers:
As we initiated the master node, we received an initializing command. In the remaining servers (kube-1 and kube-2), we will run the command below to add them as workers:
kubeadm join 192.168.100.10/6433--token bkz1q4.yuevvhvve90jk --discovery-token-ca-cert-hash sha256: F3409C6C295F87249D5C08DA11791F3452950A0ACE646DF2BAD06514940DF847As a reminder, you will need to have installed Docker, kubeadm and kubernetes in the worker nodes prior to this step. Once the command runs, you should see a This node has joined the cluster message.
Repeat the command to all hosts.
Clusters could fail at the setup for any number of reasons. It is thus important to verify that all nodes are running properly. Check from the master node by this SSH command:
ssh ubuntu@master_ipNext, run the below command to retrieve the cluster's status:
kubectl get nodesYou should receive a similar output:
Output
NAME STATUS ROLES AGE VERSION
Kube-1 Ready master 1d v1.10.1
Kube-2 Ready <worker> 1d v1.10.1
Kube-3 Ready <worker> 1d v1.10.1If the output indicates that all nodes are ready, we can proceed to run some workloads. If they are not, wait for five minutes and try again. If that fails, repeat the installation until you succeed.
This tutorial has guided you on how to set up a Kubernetes cluster in Ubuntu with Kubeadm. You can try deploying new services to the cluster to get comfortable working with Kubernetes. Kubernetes offers a great advantage with its functionalities and features, which you can learn from the Kubernetes Official Documentation. Alibaba Cloud provides a stable and reliable cloud platform to run these containerized applications made by Kubernetes.
Do you have an Alibaba Cloud account? Sign up for an account and try over 40 products for free worth up to $1200. Get Started with Alibaba Cloud to learn more.
Setting up and Troubleshooting Your Nginx Server on Alibaba Cloud
Alibaba Clouder - September 21, 2018
Alibaba Clouder - May 14, 2018
Alibaba Clouder - July 1, 2020
Alibaba Clouder - December 19, 2019
Alibaba Clouder - September 21, 2018
Alibaba Developer - January 20, 2021
Container Service for Kubernetes
Alibaba Cloud Container Service for Kubernetes is a fully managed cloud container management service that supports native Kubernetes and integrates with other Alibaba Cloud products.
Learn More
ACK One
Provides a control plane to allow users to manage Kubernetes clusters that run based on different infrastructure resources
Learn More
Cloud-Native Applications Management Solution
Accelerate and secure the development, deployment, and management of containerized applications cost-effectively.
Learn More
Serverless Workflow
Visualization, O&M-free orchestration, and Coordination of Stateful Application Scenarios
Learn MoreMore Posts by Alex
