Skip to content

Latest commit

 

History

History

01-kubeadm-calico

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 

Bootstrapping your cluster

You will need at least one server running Debian 9 to serve as the control plane node, and zero or more servers for the worker nodes that run pods. Your control plane node can also run pods if you tell it to, but for production environments, it's generally not advised.

Note: There is a known issue with Debian 10 ("buster") where pods are unable to communicate with each other across nodes. This is due to an incompatability with kube-proxy and Debian's decision to make iptables a wrapper for nftables. This is supposedly accounted for in K8s versions 1.18 and up, but I still have issues with Debian 10 as of 1.19.

Control Plane

Initialize Cluster

  1. Use kubeadm to provision the first control plane node. Replace the CIDR ranges, cluster_name and load_balancer with actual values.
sudo kubeadm init --pod-network-cidr=10.x.0.0/16 --pod-network-cidr=10.y.0.0/16 --service-dns-domain "<cluster_name>.local" --control-plane-endpoint "<load_balancer>:6443" --upload-certs

Save the kubeadm join commands somewhere safe so they can be used later to join the other control plane nodes and any worker nodes.

Gather kubectl config

  1. Run these steps on the first control plane node to setup kubectl for your non-root user.
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Copy the .kube/config file to your local workstation so you can run kubectl commands locally against the files in this repo.

Install Calico networking subsystem

  1. From the 01-calico directory, install the Tigera Calico operator and CRDs.
kubectl create -f https://docs.projectcalico.org/manifests/tigera-operator.yaml
  1. If needed, modify the custom-resources.yaml to change the blockSize (size of pod IP range assigned to each node) and cidr (not necessary if you passed --pod-network-cidr in the kubeadm init command). Apply the Calico config.
kubectl create -f https://docs.projectcalico.org/manifests/custom-resources.yaml
  1. Validate Calico was installed successfully - the control plane node will show "Ready".
kubectl get nodes -o wide

Join Additional Control Plane Nodes

  1. Use the previous kubeadm join command to join the remaining control plane nodes to the cluster. The appropriate command to use is the one that contains the --control-plane and --certificate-key flags.

Untaint Control Plane Nodes

  1. If your control plane nodes will run pods, untaint them now.
kubectl taint nodes --all node-role.kubernetes.io/master-

Worker Nodes

  1. For any other nodes not intended to be control plane nodes, use the other kubeadm join command that does not contain the --control-plane flag.

Next Step

Continue to Step 2 - MetalLB