|
| 1 | +--- |
| 2 | +title: "pre-requisites" |
| 3 | +description: " Includes configuring pre-requisites to install kubeadm " |
| 4 | +weight: 2 |
| 5 | +--- |
| 6 | + |
| 7 | + |
| 8 | + |
| 9 | +#### Includes configuring pre-requisites to install kubeadm |
| 10 | + |
| 11 | +###### step 01) Enable following ports and protcols |
| 12 | + |
| 13 | +``` |
| 14 | +on kubemaster : Open following ports : https://kubernetes.io/docs/reference/networking/ports-and-protocols/ |
| 15 | +
|
| 16 | +sudo ufw status |
| 17 | +sudo ufw enable |
| 18 | +sudo ufw allow 80/tcp |
| 19 | +sudo ufw allow 443/tcp |
| 20 | +sudo ufw allow 22/tcp |
| 21 | +sudo ufw allow 6443/tcp |
| 22 | +sudo ufw allow 2379/tcp |
| 23 | +sudo ufw allow 2380/tcp |
| 24 | +sudo ufw allow 10250/tcp |
| 25 | +sudo ufw allow 10259/tcp |
| 26 | +sudo ufw allow 10257/tcp |
| 27 | +sudo ufw allow 30000:32767/tcp |
| 28 | +sudo ufw reload |
| 29 | +sudo ufw status |
| 30 | +
|
| 31 | +###### ----- kubenode01, kubenode02 ---# |
| 32 | +
|
| 33 | +sudo ufw status |
| 34 | +sudo ufw enable |
| 35 | +sudo ufw allow 80/tcp |
| 36 | +sudo ufw allow 443/tcp |
| 37 | +sudo ufw allow 22/tcp |
| 38 | +sudo ufw allow 10250/tcp |
| 39 | +sudo ufw allow 30000:32767/tcp |
| 40 | +sudo ufw reload |
| 41 | +sudo ufw status |
| 42 | +
|
| 43 | +sudo iptables -L #--- on all nodes |
| 44 | +``` |
| 45 | +###### step 02) |
| 46 | + |
| 47 | +``` |
| 48 | +------ Install Container Runtime ----------# |
| 49 | +
|
| 50 | +#---- on all nodes : Forwarding IPv4 and letting iptables see bridged traffic : https://kubernetes.io/docs/setup/production-environment/container-runtimes/#forwarding-ipv4-and-letting-iptables-see-bridged-traffic |
| 51 | +
|
| 52 | +cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf |
| 53 | +overlay |
| 54 | +br_netfilter |
| 55 | +EOF |
| 56 | +
|
| 57 | +sudo modprobe overlay |
| 58 | +sudo modprobe br_netfilter |
| 59 | +``` |
| 60 | + |
| 61 | +###### sysctl params required by setup, params persist across reboots |
| 62 | +``` |
| 63 | +cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf |
| 64 | +net.bridge.bridge-nf-call-iptables = 1 |
| 65 | +net.bridge.bridge-nf-call-ip6tables = 1 |
| 66 | +net.ipv4.ip_forward = 1 |
| 67 | +EOF |
| 68 | +``` |
| 69 | + |
| 70 | +###### Apply sysctl params without reboot |
| 71 | +``` |
| 72 | +sudo sysctl --system |
| 73 | +``` |
| 74 | +###### Verify that the br_netfilter, overlay modules are loaded |
| 75 | +``` |
| 76 | +lsmod | grep br_netfilter |
| 77 | +lsmod | grep overlay |
| 78 | +``` |
| 79 | +###### Verify that the net.bridge.bridge-nf-call-iptables, net.bridge.bridge-nf-call-ip6tables, and net.ipv4.ip_forward system variables are set to 1 in sysctl config |
| 80 | +``` |
| 81 | +sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward |
| 82 | +``` |
| 83 | + |
| 84 | +###### We are selecting option 2 here using apt-get |
| 85 | + |
| 86 | +``` |
| 87 | +###### install via package manager : https://docs.docker.com/engine/install/ubuntu/ |
| 88 | +``` |
| 89 | + |
| 90 | +###### Remove old versions |
| 91 | +for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done |
| 92 | + |
| 93 | +###### setup docker repository |
| 94 | +###### Add Docker's official GPG key: |
| 95 | + |
| 96 | +``` |
| 97 | +sudo apt-get update |
| 98 | +sudo apt-get install ca-certificates curl |
| 99 | +sudo install -m 0755 -d /etc/apt/keyrings |
| 100 | +sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc |
| 101 | +sudo chmod a+r /etc/apt/keyrings/docker.asc |
| 102 | +``` |
| 103 | +###### Add the repository to Apt sources: |
| 104 | + |
| 105 | +``` |
| 106 | +echo \ |
| 107 | + "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \ |
| 108 | + $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \ |
| 109 | + sudo tee /etc/apt/sources.list.d/docker.list > /dev/null |
| 110 | +sudo apt-get update |
| 111 | +``` |
| 112 | +###### Install package |
| 113 | +###### we are only interested in containerd |
| 114 | + |
| 115 | +``` |
| 116 | +#---- on all nodes : Install container runtime ----------- https://github.com/containerd/containerd/blob/main/docs/getting-started.md |
| 117 | +
|
| 118 | +sudo apt-get install containerd.io |
| 119 | +systemctl status containerd |
| 120 | +``` |
| 121 | +###### check and install cgroup driver for container runtime and kubelet to integrate with control groups for getting resources from the instance. |
| 122 | +#! both kubelet and containerd should use same cgroup driver |
| 123 | +##### find if the instances are systemd instances |
| 124 | +``` |
| 125 | +systemctl # if this command runs its a systemd system |
| 126 | +ps -p 1 #output should be something 1 ? Ss 0:02 /sbin/init systemd |
| 127 | +``` |
| 128 | +###### Configure cgroup driver |
| 129 | + |
| 130 | +``` |
| 131 | +https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd |
| 132 | +
|
| 133 | +sudo vi /etc/containerd/config.toml |
| 134 | +``` |
| 135 | +###### copy following content to install cgroup drivers : Tip : delete all the content inside that file using command mode :%d and copy following content. |
| 136 | +``` |
| 137 | +[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc] |
| 138 | + [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] |
| 139 | + SystemdCgroup = true |
| 140 | +``` |
| 141 | +##### save above config and run following |
| 142 | +``` |
| 143 | +sudo systemctl restart containerd |
| 144 | +``` |
| 145 | + |
0 commit comments