Installing and Configuring Kubernetes

Anthony E. Nocentino
ENTERPRISE ARCHITECT @ CENTINO SYSTEMS
@nocentino www.centinosystems.com
Course Overview

Introduction
Exploring Kubernetes Architecture
Installing and Configuring Kubernetes
Working with Your Kubernetes Cluster
 Installation Considerations
Overview
Installation Overview
Getting Kubernetes
Installing a Cluster with kubeadm
Creating a Cluster in the Cloud
Installation Considerations
Where to install?
Cloud
IaaS - Virtual Machines
PaaS - Managed Service
On-Premises
Bare Metal
Virtual Machines
Which one should you choose?
Installation Considerations (con’t)

Cluster Networking
Scalability
High Availability
Disaster Recovery
 Installation Methods

Desktop kubeadm Cloud Scenarios

 Installation Requirements

System Requirements Container Runtime Networking

Container Runtime
Linux - Ubuntu/RHEL Interface (CRI)
Connectivity between all Nodes

2 CPUs containerd Unique hostname

2GB RAM Docker (Deprecated 1.20) Unique MAC address

Swap Disabled CRI-O

 Cluster Network Ports
Component Ports (tcp) Used By
etcd API 6443 All

API Server
Control etcd 2379-2380 API/etcd
Scheduler
Plane Scheduler 10251 Self
Node Controller
Controller Manager
10252 Self
Manager
Kubelet 10250 Control Plane
Kubelet

Kube-proxy Kubelet 10250 Control Plane

Node
NodePort 30000-32767 All
Container Runtime
 Getting Kubernetes

Maintained on GitHub
https://github.com/kubernetes/kubernetes

Linux Distribution Repositories

yum and apt
 Building Your Cluster

Install and Configure Create Your Cluster Configure Pod Join Nodes to Your
Packages Networking Cluster
 Required Packages

containerd

kubelet

kubeadm

kubectl

Install on all Nodes in your cluster

 Getting and Installing Kubernetes on Ubuntu VMs
sudo apt-get install -y containerd

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

cat <<EOF >/etc/apt/sources.list.d/kubernetes.list

deb https://apt.kubernetes.io/ kubernetes-xenial main
EOF

apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl containerd

Do this on all nodes

Hostnames set
Host file on each
Lab Environment Ubuntu 18.04
VMware Fusion VMs
2vCPU
2GB RAM
kubectl 100GB
Swap Disabled

Control
Plane Node Node Node
Node

c1-cp1 c1-node1 c1-node2 c1-node3

172.16.94.10 172.16.94.11 172.16.94.12 172.16.94.13
c1-master1
 Install Packages
Demo • containerd
• kubelet
• kubeadm
• kubectl
systemd Units
 Bootstrapping a Cluster with kubeadm
Creates a
Pre-flight Generates
kubeadm init Certificate
checks kubeconfig files
Authority

Generates Wait for the Taints the Generates a

Static Pod Control Plane Control Plane Bootstrap
Manifests Pods to Start Node Token

Starts Add-On components:

DNS and kube-proxy
 Certificate Authority
Self signed Certificate Authority (CA)
Can be part of an external PKI
Securing cluster communications
API Server
Authentication of users and cluster components
/etc/kubernetes/pki
Distributed to each Node

https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-init/
kubeadm Created kubeconfig Files
Used to define how to connect to your Cluster
Client certificates
Cluster API Server network location
/etc/kubernetes
admin.conf (kubernetes-admin)
kubelet.conf
controller-manager.conf
scheduler.conf
Static Pod Manifests
Manifest describes a configuration
/etc/kubernetes/manifests

etcd

API Server

Controller Manager

Scheduler
Watched by the kubelet started automatically when
the system starts and over time

Enable the startup of the cluster…without the cluster

 Pod Networking
Single, un NATed IP address per Pod

Pod Pod Direct routing

IP IP
Configure infrastructure to support IP
reachability between Pods and Nodes

Overlay networking

Flannel - Layer 3 virtual network

Calico - L3 and policy based traffic

Pod Pod
management
IP IP
Weave Net - multi-host network

https://kubernetes.io/docs/concepts/cluster-administration/networking/
 Creating a Control Plane Node
wget https://docs.projectcalico.org/manifests/calico.yaml

kubeadm config print init-defaults | tee ClusterConfiguration.yaml

sudo kubeadm init \

--config=ClusterConfiguration.yaml \
--cri-socket /run/containerd/containerd.sock

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

kubectl apply -f calico.yaml

 Adding a Node to a Cluster

Download Cluster
Install Packages kubeadm join
Information

CA Signs the CSR Configures

Node submits a CSR
automatically kubelet.conf
kubeadm join 172.16.94.10:6443 \
--token i0pr88.pbid2af0071xhuo1 \
--discovery-token-ca-cert-hash \
sha256:9a56f13bbae1f77e3a01fecc2bf8c59e6977d9c71c2d3482b988fa47767353d7

Adding a Node to a Cluster

 Creating a Cluster
Demo
Creating a Pod Network
systemd Units…again!
Static Pod manifests
Joining Nodes to a Cluster
Managed Cloud Deployment Scenarios
Elastic Kubernetes Service (EKS)

https://aws.amazon.com/getting-started/projects/deploy-kubernetes-app-amazon-
eks/

Google Kubernetes Engine (GKE)

https://cloud.google.com/kubernetes-engine/docs/how-to/

Azure Kubernetes Services (AKS)

https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough
Demo
Creating a Managed Service Cluster
• Azure Kubernetes Services (AKS)
 Installation Considerations
Summary
Installation Overview
Getting Kubernetes
Installing a Cluster with kubeadm
Creating a Cluster in the Cloud
 What’s Next!
Working With Your Cluster