Installing Your Kubernetes Cluster: A Comprehensive Guide

 Kubernetes is a difficult concept to learn. It has so many moving parts. But as we all know, the best way to learn a difficult concept is to practice it. It is no different for kubernetes. For that, we need a kubernetes cluster. The problem is, kubernetes is such a complicated tool that even installing it is very difficult. I will guide you through it here.

What will we do?

Before we do something, I like outlining what exactly we will accomplish in this blog post. We are going to install a tool called kubeadm..

What is kubeadm?

If you have ever tried to install kubernetes the traditional way, you will know that the process is extremely complicated and error-prone. You will also do a lot of very complicated configuration configuration, install tools with very specific steps, and make everything work together perfectly. That is extremely difficult. This is why, over the years, there have been many other tools created to aid in this process. One of the most popular is kubeadm.

How does kubeadm do it?

As you know, there are several components to kubernetes. All these components can be installed and configured in several different ways. Kubeadm takes an approach that is rather common in sandbox and development environments. While it is not harmful to use kubeadm in production, it is often not ideal for that specific use-case.

To install kubernetes, kubeadm installs kubelet on the node itself. In fact, it comes pre-installed with kubeadm. Now, when you run a specific kubeadm command, it spins up the control plane components. It does this in a rather unique way, though. Instead of just installing it on the node itself, it creates containers of them. Not only that, it creates kubernetes pods. The type of pods kubeadm creates to install the control-plane components are called "static pods".

Basics of Static Pods

Static pods are a very intriguing concept in kubernetes. These are pods that are not managed by control-plane. Instead, they are managed by kubelet itself. Any manifest files for static pods need to be put into the /etc/kubernetes/manifests in a normal deployment (kubeadm does it a bit differently). Any pod manifests put in this folder will automatically be deployed and managed by kubelet. You get all the advantages of using containers in a kubernetes cluster. This is why kubeadm uses static pods.

Installing Kubeadm

Now that you have understood what kubeadm does, let's install it. The very first thing you need to do is to pull all the packages from your apt repositories.

sudo apt update

After that, we need to install some packages we will need. Here is the command for that:

sudo apt install -y apt-transport-https curl

After that, we need to add the kubernetes repository to our apt repositories list. This makes it so we can install and manage the kubeadm package directly through the package manager.

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key --keyring /usr/share/keyrings/kubernetes-archive-keyring.gpg add -
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list > /dev/null

After that, we update our packages list and install kubeadm along with a couple other tools we will need.

sudo apt update
sudo apt install -y kubeadm kubelet kubectl

Now, kubeadm is installed. You can verify that by running this command.

kubeadm --help

If you do not get an error, everything is working perfectly.

Installing Docker and Other Requirements

In this exercise, we will be using docker as our container runtime. The problem is, the only container runtimes you can use are those which support the kubernetes CRI (Container Runtime Interface). Docker does not support that. But, there is a package called CRI-dockerd which makes docker CRI compatible. We will be installing both.

Docker Install

First thing is first, we need to install docker. There are some very simple commands. Here they are.

# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

This adds the docker repository to the list. Now, to install docker, run this.

sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

Now, docker should be installed. You can run this command to verify that.

docker --help

Installing CRI-dockerd

The installation of CRI-dockerd is usually done manually. The problem with this is that it is very error-prone. The easier way to do it is to simply install a .deb file. The CRI-dockerd community recently stopped releasing .deb files, though. That is ok, because we can just use an older version. You should never do this in production.

So, to download the .deb file, you need to run this command.

wget https://github.com/Mirantis/cri-dockerd/releases/download/v0.3.8/cri-dockerd_0.3.8.3-0.ubuntu-jammy_amd64.deb

After that, just use this command to install it.

sudo dpkg -i cri-dockerd_0.3.8.3-0.ubuntu-jammy_amd64.deb

Creating the Cluster

Now that we have a container runtime, we can create our cluster. Just run this command.

sudo kubeadm init --cri-socket unix:///var/run/cri-dockerd.sock

This will take a moment to execute, but after that, you have your cluster ready. It will give you the command to join other nodes. It will also give you the command to configure kubectl. You can run all that.

Exploration

Now that we have a cluster, let's explore what is going on. Type this command first to list all the namespaces in the cluster.

kubectl get namespaces

Almost all of them are empty, but the kube-system namespace has pods in it. Let's see what it has for us. Run this.

kubectl get pods -n kube-system

As you can see, it has a pod for kube-apiserver, etcd, DNS, kube-scheduler, kube-controller-manager, and kube-proxy. While most of these are control plane components, kube-proxy is not. This is a component that should run on every worker node. So, how does that work?

For kube-proxy, kubeadm uses something called a Daemonset. It creates 1 copy of this pod on every node. In fact, you can see the daemonset with this command.

kubectl get daemonsets -n kube-system

Conclusion

There are a lot of things in this cluster that are not configured, and probably should be. I will create other posts about those and how you can install and configure them. You can be on the lookout for that. Thank you for reading.


Comments

Post a Comment

Popular posts from this blog

Persistent Data in Docker: Explanation + Hands-On Demo

Docker containers, by nature, are ephemeral. They are not designed to stay without being deleted for long periods of time. While you could, theoretically never delete the image, most of the benefits of docker are realized when containers are temporary. There is something wrong with this approach, though. Almost all the data in the world is designed to be persistent. This poses a problem that docker volumes can solve. What are docker volumes? Docker volumes are a method of ensuring data persistence in a containerized environment. To comply with best practices, you need to make sure that spontaneously losing a container or 2 does not have an impact on anything but the performance of your infrastructure. To do this, all the important data in your containers needs to be put somewhere. Somewhere which is not liked to the life-cycle of the container itself. That somewhere is a volume. A docker volume is little more than a place to store data. From the point of view of the container, nothing
Read more

Pods to Deployments | Kubernetes Architecture Evolution

Image
When I was learning the basic kubernetes concepts, I was confused between pods, replicasets, and deployments. Each one seemed to have the other inside of it. I remained confused for a long time. I kept trying to avoid the topic. When I actually understood, it felt great. I do not want you to have that confusion when you are learning these concepts. That is why I created this post. Manifest files As we talked about in our previous post, to access your cluster, you use a tool called kubectl . While you can execute commands to deploy and manage resources, there is a better way of doing it. As you must know if you have read my posts about docker compose , Infrastructure As Code is often more efficient and easier to manage when compared to traditional CLI tools. This is why kubernetes also supports infrastructure as code. It is written in yaml. Those files are called kubernetes manifest files. It is best practice to use them. That is why we are going to be using them here. Step 1: Deploying
Read more

Docker Compose Explained: Simplifying Multi-Container Deployments

Docker compose and other IaC (Infrastructure as Code) tools are very important to learn. Today, they are almost essential knowledge to manage any sort of infrastructure, anywhere. Docker Compose is one of the most prominent tools in this space. According to Stackshare, at the time of writing, there are about 2108 companies using docker compose in their tech stack. This includes giant companies like Udemy. The knowledge of this relatively simple tool is very important. That is why I am going to break it down for you here. What is Docker Compose As mentioned before, Docker Compose is an IaC tool for Docker containers. It makes it significantly easier to deploy and manage containers in an environment with several containers. Why Docker Compose Now that you know what docker compose is, let's talk about why somebody would need such a tool. What benefits does it provide? Simplifies Deployment: Docker compose simplifies deployment. Once you have the IaC template in place, you can deploy a
Read more