Deploy kubernetes cluster with kubeadm

Prepare VM for Container Runtime

# run on all nodes
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
sudo sysctl --system
# Verify
lsmod | grep br_netfilter
lsmod | grep overlay
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward

Install containerd

# run on all nodes
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
     sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
# Install containerd
sudo apt-get install -y
# Verify
systemctl status containerd.service

Configure systemd cgroup driver

# run on all nodes
containerd config default | sudo tee /etc/containerd/config.toml
sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml
sudo systemctl restart containerd
# Verify
# crictl ps -a

Installing kubeadm, kubelet and kubectl

# run on all nodes
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
curl -fsSL | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Initializing your control-plane node

# run on master node
#K8S_MASTER_1_IP=$(hostname -I)
sudo kubeadm init --pod-network-cidr=
# install metic server
kubectl apply -f

Configure k8s configure client

# run on master node
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
# export KUBECONFIG=~/.kube/config
# deploy bash completion
kubectl completion bash | sudo tee /etc/bash_completion.d/kubectl
echo "alias k=kubectl" >> .bashrc 
echo "complete -o default -F __start_kubectl k" >> .bashrc 
# verify
kubectl get pod --all-namespaces

Install network addon

# run on master node
wget -qO /tmp/weave-daemonset-k8s.yaml
# todo: automate
#kubectl edit -n kube-system ds weave-net
vi /tmp/weave-daemonset-k8s.yaml
        - name: IPALLOC_RANGE
kubectl apply -f /tmp/weave-daemonset-k8s.yaml
# todo: fix crashed containers
# sudo reboot
# verify
kubectl get all --all-namespaces

Join worker nodes

# run on worker node
# get jon command on master
kubeadm token create --print-join-command
# get join command from the sudo kubeadm init command output
sudo kubeadm join --token ******** \
	--discovery-token-ca-cert-hash sha256:********
# Verify
kubectl get nodes

Deploy test application

# run on master node
# verify
kubectl create deployment nginx --image nginx --replicas 2
kubectl expose deployment nginx --name nginx-service --type NodePort --port 80
kubectl get all
APP_PORT=$(kubectl get service nginx-service -o jsonpath='{.spec.ports[*].nodePort}');
kubectl delete deployment nginx
kubectl delete service nginx-service