Skip to main content

Kubeadm

Installation#

  • Minimum system requirements
    • 2 CPU
    • 2 GB memory
kubeadm-installation.yaml
---
- hosts: all
become: yes
vars:
version: 1.17.0-00
tasks:
- name: install required
apt:
name: '{{ item }}'
state: latest
update_cache: yes
loop: ['apt-transport-https', 'ca-certificates', 'curl']
- name: add kubernetes GPG apt key
apt_key:
url: https://packages.cloud.google.com/apt/doc/apt-key.gpg
keyring: /usr/share/keyrings/kubernetes-archive-keyring.gpg
- name: add kubernetes repository
apt_repository:
repo: deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg]
https://apt.kubernetes.io/ kubernetes-xenial main
filename: kubernetes
- name: install kubeadm kubectl version={{ version }}
apt:
name: '{{ item }}={{ version }}'
update_cache: yes
force: yes
loop: ['kubelet', 'kubeadm', 'kubectl']
- name: disable swap
command: swapoff -a
when: ansible_swaptotal_mb > 0
- name: remove swapfile from /etc/fstab
replace:
path: /etc/fstab
regexp: '^([^#].*?\sswap\s+sw\s+.*)$'
replace: '# \1'
- name: add br_netfilter to modules-load.d
lineinfile:
path: /etc/modules-load.d/k8s.conf
line: br_netfilter
create: yes
- name: modprobe br_netfilter
command: modprobe br_netfilter
- name: add netbridge config ip6
lineinfile:
path: /etc/sysctl.d/k8s.conf
line: 'net.bridge.bridge-nf-call-ip6tables = 1'
create: yes
- name: add netbridge config ip4
lineinfile:
path: /etc/sysctl.d/k8s.conf
line: 'net.bridge.bridge-nf-call-iptables = 1'
create: yes
- name: update sysctl
command: sysctl --system

Complition#

echo "source <(kubectl completion bash)" >> ~/.bashrc
echo "[[ $commands[kubectl] ]] && source <(kubectl completion zsh)" >> ~/.zshrc

Control plane node#

ํ”„๋กœํ† ์ฝœ๋ฐฉํ–ฅํฌํŠธ ๋ฒ”์œ„๋ชฉ์ ์‚ฌ์šฉ์ž
TCP์ธ๋ฐ”์šด๋“œ6443*์ฟ ๋ฒ„๋„คํ‹ฐ์Šค API ์„œ๋ฒ„๋ชจ๋‘
TCP์ธ๋ฐ”์šด๋“œ2379-2380etcd ์„œ๋ฒ„ ํด๋ผ์ด์–ธํŠธ APIkube-apiserver, etcd
TCP์ธ๋ฐ”์šด๋“œ10250kubelet API์ž์ฒด, ์ปจํŠธ๋กค ํ”Œ๋ ˆ์ธ
TCP์ธ๋ฐ”์šด๋“œ10251kube-scheduler์ž์ฒด
TCP์ธ๋ฐ”์šด๋“œ10252kube-controller-manager์ž์ฒด
sudo kubeadm init --pod-network-cidr 10.130.0.0/16
  • --pod-network-cidr: Specify range of IP addresses for the pod network. ex) 192.168.0.0/16
  • --apiserver-advertise-address: The IP address the API Server will advertise it's listening on.
mkdir -p $HOME/.kube \
&& sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config \
&& sudo chown $(id -u):$(id -g) $HOME/.kube/config

calico#

Go to calico installation

token#

sudo kubeadm token list

hash#

openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt \
| openssl rsa -pubin -outform der 2>/dev/null \
| openssl dgst -sha256 -hex | sed 's/^.* //'

Worker node#

ํ”„๋กœํ† ์ฝœ๋ฐฉํ–ฅํฌํŠธ ๋ฒ”์œ„๋ชฉ์ ์‚ฌ์šฉ์ž
TCP์ธ๋ฐ”์šด๋“œ10250kubelet API์ž์ฒด, ์ปจํŠธ๋กค ํ”Œ๋ ˆ์ธ
TCP์ธ๋ฐ”์šด๋“œ30000-32767NodePort์„œ๋น„์Šคโ€  ๋ชจ๋‘
sudo kubeadm join <control plane ip>:6443 \
--token <token> \
--discovery-token-ca-cert-hash sha256:<hash>

reset#

sudo kubeadm reset -f
sudo rm -r /etc/kubernetes/manifests $HOME/.kube/config

Reference#

Last updated on