Kubernetes on Bare Metal

How to install Kubernetes onto Bare Metal

Jonathan Homer

3 minute read

Install Kubernetes on Bare Metal

Kubernetes is very popular. But perhaps you want to try it out locally on a server rather than an instance on your machine. Can you do it? Well yes, but it does take some configuring and know how. Kubernetes is designed to run by large organisations with experience and sometimes expensive equipment. So here are some instructions to convert an old server (or new) into a decent little kubernetes cluster. With a little more work you can build this into your own Kubernetes platform.

Swap Off

Kubernetes runs processes to their maximum. So SWAP is off so it knows when memory is being used up.

sudo swapoff -a

Comment out /etc/fstab any SWAP lines using # like below.

UUID=cfd93499-d43d-4cfb-8691-e0be0508e554 / ext4 defaults 0 0
#/swap.img	none	swap	sw	0	0

Install Docker

Docker and Kubernetes work together so first step is to make sure Ubuntu is updated and then install docker

sudo apt-get update \
  && sudo apt-get install -qy docker.io

Kubernetes Install

Next we install curl (just incase is it not installed). We then collect a key from Google to get access to Kubernetes files etc. We add this so sources so that we can download.

sudo apt install curl
sudo apt-get update \
  && sudo apt-get install -y apt-transport-https \
  && curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
OK 
echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" \
  | sudo tee -a /etc/apt/sources.list.d/kubernetes.list \
  && sudo apt-get update

Using that key we can now download and we have updated with where all the software is located. We can now start installing.

sudo apt-get update \
  && sudo apt-get install -yq \
  kubelet \
  kubeadm \
  kubernetes-cni

Kubernetes Configure

Now we start getting a little complex. This needs to run as root. This makes a change to Docker that Kubernetes prefers.

sudo bash
sudo cat > /etc/docker/daemon.json <<EOF
{
  "exec-opts": ["native.cgroupdriver=systemd"],
  "log-driver": "json-file",
  "log-opts": {
    "max-size": "100m"
  },
  "storage-driver": "overlay2"
}
EOF
exit

Then we start the docker ready for Kubernetes to do its thing.

Starting Kubernetes up

The below grabs the IP address and exports IP to equal it. You can type it manually if you want. Watch kubernetes. It doesn’t like IP address changes so much.

# Fetch IP Address for Advertisement
export IP=`hostname -I | awk '{print $1}'`
# Start Kubernetes Cluster
sudo kubeadm init  --apiserver-advertise-address=$IP --kubernetes-version stable-1.18

Creating a Kube User

Its best not to run Kubernetes as the root user. Or simply don’t run kubernetes as root!

The below script creates a user called kube. Change the password by replacing ChangeMe! Please CHANGE THE PASSWORD!

adduser kube
echo ChangeMe | passwd kube --stdin
usermod -aG sudo kube
cd /home/kube
sudo cp /etc/kubernetes/admin.conf admin.conf
sudo chown kube /home/kube/admin.conf
su kube
echo "export KUBECONFIG=/home/kube/admin.conf" | tee -a ~/.bashrc
source ~/.bashrc

It copies the kubernetes admin file so that the system defaults to the right Kubernetes machine. If you copy the admin.conf to your personal machine you can actually run kubernetes commands on your own machine. The advantage is that you reduce the times, that you need to log on to your kubernetes cluster. Improving again security.

Allow Master Node to run Jobs. If we move to a multi node we can move away from this.

kubectl taint nodes --all node-role.kubernetes.io/master-

Calico Network

Calicio provides the network plugin for Kubernetes. Kubernetes likes to give choices so not installed out of the box.

This is the current website with installation instructions.

https://docs.projectcalico.org/v3.11/getting-started/kubernetes/installation/calico

Download the Install file and run it.

curl https://docs.projectcalico.org/v3.15/manifests/calico.yaml -O
kubectl apply -f calico.yaml

Metallb - Load Balancer

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/namespace.yaml
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.9.3/manifests/metallb.yaml
# On first install only
kubectl create secret generic -n metallb-system memberlist --from-literal=secretkey="$(openssl rand -base64 128)"
comments powered by Disqus