PureDevOps

Install Kubernetes on CentOS 7

Kubernetes May 02, 2020

Prerequisites

  • Multiple Linux servers running CentOS 7 (1 Master Node, Multiple Worker Nodes)
  • A user account on every system with sudo or root privileges
  • The yum package manager, included by default
  • Command-line/terminal window
  • To use Kubernetes, you need to install a containerization engine. Please refer the below link.
  • https://kubeadm.blogspot.com/2020/04/install-docker-on-centos-7.html

STEP 1 - Configure Kubernetes Repository

Kubernetes packages are not available from official CentOS 7 repositories. Add this repository on both master and worker node.

root# cat <<EOF > /etc/yum.repos.d/kubernetes.rep

name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF

STEP 2 - Install kubelet, kubeadm, and kubectl

These 3 basic packages are required to be able to use Kubernetes and to be installed on all nodes.

root# yum install -y kubelet kubeadm kubectl

root# systemctl enable kubelet

root# systemctl start kubelet

Note - Before deploying a cluster, make sure to set hostnames, configure the firewall, and kernel settings.

STEP 3 - Set Hostname on Nodes

Give unique hostnames to each of your nodes.

root# hostnamectl set-hostname master-node

root# hostnamectl set-hostname worker-node1

Make a host entry or DNS record to resolve the hostname for all nodes

root# vi /etc/hosts

Add the below entry:

192.168.1.100 master.practice.com master-node

192.168.1.200 node1.practice.com node1 worker-node1

STEP 4 - Configure Firewall

The nodes, containers, and pods need to be able to communicate across the cluster to perform their functions. Firewalld is enabled in CentOS by default on the front-end. Add the following ports by entering the listed commands.

On the Master Node:

root# firewall-cmd --permanent --add-port=6443/tcp

root# firewall-cmd --permanent --add-port=2379-2380/tcp

root# firewall-cmd --permanent --add-port=10250/tcp

root# firewall-cmd --permanent --add-port=10251/tcp

root# firewall-cmd --permanent --add-port=10252/tcp

root# firewall-cmd --permanent --add-port=10255/tcp

root# firewall-cmd –-reload

Verify you are getting success message for each command.

On each worker node:

root# firewall-cmd --permanent --add-port=10251/tcp

root# firewall-cmd --permanent --add-port=10255/tcp

root# firewall-cmd –-reload

STEP 5 - Update Iptables Settings

Set the net.bridge.bridge-nf-call-iptables to ‘1’ in your sysctl config file. This ensures that packets are properly processed by IP tables during filtering and port forwarding.

root# cat  < /etc/sysctl.d/master_node_name

net.bridge.bridge-nf-call-iptables = 1
EOF

root# sysctl --system

STEP 6 - Disable SELinux

The containers need to access the host filesystem. SELinux needs to be set to permissive mode, which effectively disables its security functions.

root# setenforce 0

root# sed -i ‘s/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config

STEP 7 - Disable SWAP

we need to disable SWAP to enable the kubelet to work properly

root# sed -i '/swap/d' /etc/fstab

root# swapoff -a

Samaya Ramesh R

Recommended for you

No results for your search, please try with something else.

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.