Install Kubernetes on CentOS 7
Prerequisites
- Multiple Linux servers running CentOS 7 (1 Master Node, Multiple Worker Nodes)
- A user account on every system with sudo or root privileges
- The yum package manager, included by default
- Command-line/terminal window
- To use Kubernetes, you need to install a containerization engine. Please refer the below link.
- https://kubeadm.blogspot.com/2020/04/install-docker-on-centos-7.html
STEP 1 - Configure Kubernetes Repository
Kubernetes packages are not available from official CentOS 7 repositories. Add this repository on both master and worker node.
root# cat <<EOF > /etc/yum.repos.d/kubernetes.rep
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
STEP 2 - Install kubelet, kubeadm, and kubectl
These 3 basic packages are required to be able to use Kubernetes and to be installed on all nodes.
root# yum install -y kubelet kubeadm kubectl
root# systemctl enable kubelet
root# systemctl start kubelet
Note - Before deploying a cluster, make sure to set hostnames, configure the firewall, and kernel settings.
STEP 3 - Set Hostname on Nodes
Give unique hostnames to each of your nodes.
root# hostnamectl set-hostname master-node
root# hostnamectl set-hostname worker-node1
Make a host entry or DNS record to resolve the hostname for all nodes
root# vi /etc/hosts
Add the below entry:
192.168.1.100 master.practice.com master-node
192.168.1.200 node1.practice.com node1 worker-node1
STEP 4 - Configure Firewall
The nodes, containers, and pods need to be able to communicate across the cluster to perform their functions. Firewalld is enabled in CentOS by default on the front-end. Add the following ports by entering the listed commands.
On the Master Node:
root# firewall-cmd --permanent --add-port=6443/tcp
root# firewall-cmd --permanent --add-port=2379-2380/tcp
root# firewall-cmd --permanent --add-port=10250/tcp
root# firewall-cmd --permanent --add-port=10251/tcp
root# firewall-cmd --permanent --add-port=10252/tcp
root# firewall-cmd --permanent --add-port=10255/tcp
root# firewall-cmd –-reload
Verify you are getting success message for each command.
On each worker node:
root# firewall-cmd --permanent --add-port=10251/tcp
root# firewall-cmd --permanent --add-port=10255/tcp
root# firewall-cmd –-reload
STEP 5 - Update Iptables Settings
Set the net.bridge.bridge-nf-call-iptables to ‘1’ in your sysctl config file. This ensures that packets are properly processed by IP tables during filtering and port forwarding.
root# cat < /etc/sysctl.d/master_node_name
net.bridge.bridge-nf-call-iptables = 1
EOF
root# sysctl --system
STEP 6 - Disable SELinux
The containers need to access the host filesystem. SELinux needs to be set to permissive mode, which effectively disables its security functions.
root# setenforce 0
root# sed -i ‘s/^SELINUX=enforcing$/SELINUX=permissive/’ /etc/selinux/config
STEP 7 - Disable SWAP
we need to disable SWAP to enable the kubelet to work properly
root# sed -i '/swap/d' /etc/fstab
root# swapoff -a