Hi all, this will be probably a series of post over the upcoming months on k8s and Openshift. Will try to do very slow phased for people that want to get into it but doesn’t have time for doing so.
Probably won’t get into too much of the details but I can strongly suggest other training material as Mumshad Mannambeth class at Udemy and Linux Foundation LFS258 if you want to look into further details.
- K8s v1.22.4
- CentOS Stream release 9 (5.14.0-22.el9.x86_64)
- kube-router CNI
- crictl version v1.21.0
- Make sure non of the nodes have swap.
# Creating sysctl configuration and loading it $ cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes.conf net.bridge.bridge-nf-call-ip6tables = 1 net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 EOF $ sudo sysctl --load=/etc/sysctl.d/99-kubernetes.conf # Installing CRI-O to use as runtime and configure few settings $ sudo dnf install -y jq $ sudo curl https://raw.githubusercontent.com/cri-o/cri-o/main/scripts/get | bash $ cat <<EOF | sudo tee /etc/modules-load.d/crio.conf overlay br_netfilter EOF $ cat <<EOF | sudo tee /etc/crio/crio.conf [crio.runtime] conmon_cgroup = "pod" cgroup_manager = “systemd” EOF $ cat <<EOF | sudo tee /etc/containers/registries.conf unqualified-search-registries=["registry.fedoraproject.org", "docker.io"] EOF # Disable SELinux $ sudo setenforce 0 $ sudo sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config Add Kubernetes yumrepo $ cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude=kubelet kubeadm kubectl EOF # Install kubelet, kubeadm and kubectl $ sudo def install -y kubelet kubeadm kubectl --disableexcludes=kubernetes # Disable firewalld (or you could just configure it) $ sudo systemctl disable --now firewalld # Enable crio and kubelet $ sudo systemctl enable --now kubelet crio
kubeadm init --pod-network-cidr=10.244.0.0/16
As we been using a non-root user, execute the commands to put the config in place as described
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
You’ll need to select the pod network, in this case we will do kube-router.
Please take into consideration that the certificate at admin.conf is a super user group that bypasses the authorization layer. This shouldn’t be shared.
Now you’ll see if you try to do kubectl get pods –all-namespaces that the coredns pods will be waiting for you to load the CNI.
In this case, we will be using kube-router using
kubectl apply -f https://raw.githubusercontent.com/cloudnativelabs/kube-router/master/daemonset/kubeadm-kuberouter.yaml
Adding an additional node
We will grab the line we got from kubeadm init. Make sure every single system preparation step was done on this additional node.
sudo kubeadm join :6443 --token tokenprovidedbyinstaller \ --discovery-token-ca-cert-hash sha256:5970b2af51bd815a32f64c27bc4c31c987f9ba38fcb04752a39199e0b29e20ae
After this, you should be able to see the node added to the cluster from the control-plane
By the end of this part of the tutorial, you should be able to visualize pods running on both nodes.
Hope this helped someone!