Skip to content

Instantly share code, notes, and snippets.

@Machy8

Machy8/installation.md

Last active May 20, 2022 08:59
Show Gist options
  • Save Machy8/da45ed785b0a14ab625f9b2614b9829b to your computer and use it in GitHub Desktop.
Save Machy8/da45ed785b0a14ab625f9b2614b9829b to your computer and use it in GitHub Desktop.
Download ZIP
Kubernetes, single node, bare metal cluster installation (Debian)
Raw
installation.md

Kubernetes

https://kubernetes.io/docs/setup/independent/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl

apt-get update && apt-get install -y apt-transport-https curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF
apt-get update
apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl

Before initializing kubeadmin make shure iptables tooling does not use the nftables backend https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#ensure-iptables-tooling-does-not-use-the-nftables-backend

# ensure legacy binaries are installed
apt-get install -y iptables arptables ebtables

# switch to legacy versions
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
update-alternatives --set arptables /usr/sbin/arptables-legacy
update-alternatives --set ebtables /usr/sbin/ebtables-legacy

https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#pod-network

kubeadm init --pod-network-cidr=10.244.0.0/16

https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/#network-plugin-requirements

sysctl net.bridge.bridge-nf-call-iptables=1

Notes from kubeadm installation

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

https://github.com/coreos/flannel

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

(Only if single node) https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#master-isolation

kubectl taint nodes --all node-role.kubernetes.io/master-

Kubectx

https://github.com/ahmetb/kubectx

git clone https://github.com/ahmetb/kubectx /opt/kubectx
ln -s /opt/kubectx/kubectx /usr/local/bin/kubectx
ln -s /opt/kubectx/kubens /usr/local/bin/kubens

Helm

https://github.com/helm/helm/blob/master/docs/install.md#from-script

curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get > get_helm.sh
chmod 700 get_helm.sh
./get_helm.sh

helm init --upgrade

kubectl create serviceaccount --namespace kube-system tiller
kubectl create clusterrolebinding tiller-cluster-rule --clusterrole=cluster-admin --serviceaccount=kube-system:tiller
kubectl patch deploy --namespace kube-system tiller-deploy -p '{"spec":{"template":{"spec":{"serviceAccount":"tiller"}}}}'      
helm init --service-account tiller --upgrade

Gitlab tips

If you use Gitlab ci and gitlab runner and there is an error like this

ERROR: Job failed (system failure): secrets is forbidden: User "system:serviceaccount:gitlab:default" cannot create resource "secrets" in API group "" in the namespace "gitlab"

then run this

kubectl create clusterrolebinding gitlab-cluster-admin --clusterrole=cluster-admin --group=system:serviceaccounts --namespace=gitlab
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment