Kubernetes Installation Guide for beginners

this guide is for begginers. like me.

it's the simplest way to install Kubernetes on your VM, that i've used to install my Cluster. it took me 8 hours to research and install it.

Prerequisites

• A single VM with Ubuntu installed
• A Domain (not required but recommended)

Creating a Cluster ready machine.

Step 1: Make sure you have a freshly installed VM.

if you dont, you might face some errors. i had those issues and i decided to do it on a fresh VM.

Step 2: Update your repositories and packages

sudo apt update && sudo apt upgrade -y

Step 3: Disable swap and enable some kernel configurations

# this will disable swap
sudo swapoff -a
 
# this will comment out the swap line in the fstab file
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

these kernel configurations are required for Kubernetes to work properly.

# this will enable overlay and br_netfilter
sudo tee /etc/modules-load.d/containerd.conf <<EOF
overlay
br_netfilter
EOF
 
# here we are loading the modules
sudo modprobe overlay
sudo modprobe br_netfilter
 
# this will enable some kernel configurations
sudo tee /etc/sysctl.d/kubernetes.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.ipv4.ip_unprivileged_port_start=0
EOF
 
# this will apply the changes
sudo sysctl --system

net.ipv4.ip_unprivileged_port_start=0 seems to be important to use traefik. otherwise you'll get bind to:80/443 error.

when i was trying to configure my Cluster, i faced this issue. that traefik was failing to bind to :80/443.

i had to set net.ipv4.ip_unprivileged_port_start=0 and then, everything worked fine.

Step 4: Add the required repositories

always update your repositories and install the required packages.

sudo apt update -y

then install curl, software-properties-common, apt-transport-https, and ca-certificates.

sudo apt install -y curl software-properties-common apt-transport-https ca-certificates

now add the kubernetes, docker, and containerd reposetories.

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/docker.gpg
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

update the repositories.

sudo apt update -y

Step 5: Install and configure containerd

first install it by

sudo apt install -y containerd.io

then write the configuration to /etc/containerd/config.toml and set SystemdCgroup = true

containerd config default | sudo tee /etc/containerd/config.toml >/dev/null 2>&1
sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

enable containerd

sudo systemctl restart containerd
sudo systemctl enable containerd

Step 6: Install kubernetes packages

sudo apt install -y kubelet kubeadm kubectl

use apt-mark to keep them from being updated, deleted or changed.

sudo apt-mark hold kubelet kubeadm kubectl

reboot the machine.

sudo reboot

Creating a Cluster

Step 1: Initialize the node

first get the machine ip address.

export MACHINE_IP=$(hostname -I | awk '{print $1}')

then initialize the node. (you could just initialize it with sudo kubeadm init but i added some flags to it to make it easier to debug)

sudo kubeadm init --pod-network-cidr=10.96.0.0/12 --control-plane-endpoint=${MACHINE_IP} --v=5

Don't worry about the join token, we can create it later again using :)

sudo kubeadm token create --print-join-command

Step 2: Create the kubeconfig file

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Step 3: Apply the network configuration

i'd like to use calico for the network configuration. you can use any other network plugin if you want. like flannel, cilium, etc.

kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml

Step 4: Wait for the nodes to be ready (you have to wait for network pods to be ready)

watch kubectl get nodes -A

Congratulations! you've created your first Kubernetes cluster.

if you want to add more nodes (it should always be an odd number), you have to repeat the initialization process on the new node. and then use the join command that we created earlier. to join the new node to the cluster.

Install helm, ingress, and other tools

Step 1: Install helm

i'd like to install helm using apt. you can do it how ever you want.

curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /usr/share/keyrings/helm.gpg > /dev/null
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list

then update the package manager

sudo apt update

then install helm

sudo apt install helm

Step 2: Install ingress

i'd like to use traefik for the ingress. you can use any other ingress controller if you want. like nginx, etc.

helm install traefik traefik/traefik --namespace traefik --create-namespace -f traefik-values.yaml

i'd like to use my own values file for the traefik. you can use the default values file if you want.

ports:
  web:
    port: 80
  websecure:
    port: 443
service:
  type: LoadBalancer
 
additionalArguments:
  - '--api.dashboard=true'

Step 3: Install longhorn to manage your storage

helm install longhorn longhorn-system/longhorn-manager --namespace longhorn-system --create-namespace

Step 4: Install Rancher

you can use rancher how ever you want. but this is how i do it:

first, add the rancher repo

helm repo add rancher-stable https://releases.rancher.com/server-charts/stable

then create a namespace

kubectl create namespace cattle-system

then we may need a cert-manager if we don't have one already, we can apply the following command to install it

kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.16.3/cert-manager.yaml

add it's repo

helm repo add jetstack https://charts.jetstack.io

then install it

helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace

• then install the rancher chart

helm install rancher rancher-stable/rancher \
--namespace cattle-system --create-namespace \
--set hostname=${RANCHER_DOMAIN} \
--set ingress.tls.source=secret \
--set ingress.tls.secretName=rancher-cert-tls \
--set bootstrapPassword=admin # this is the default password for rancher

replace ${RANCHER_DOMAIN} with your domain name.

and then apply a certificate

kubectl apply -f - <<EOF
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
 name: rancher-cert
 namespace: cattle-system
spec:
 secretName: rancher-cert-tls
 issuerRef:
   name: letsencrypt-prod
   kind: ClusterIssuer
 dnsNames:
 - ${RANCHER_DOMAIN}
EOF

wait for rancher to be ready, then goto https://${RANCHER_DOMAIN}/dashboard?setup=admin and login with admin and admin.

then you'll see a page that says You have access to the dashboard.

click on it and you'll see a page that says You have access to the dashboard.

UnTainted your node if you're using a Single node cluster

set the node to untainted

export NODE_NAME=$(hostname)

kubectl taint nodes ${NODE_NAME} node-role.kubernetes.io/control-plane-

if you ever want to taint the node again, you can use the following command:

kubectl taint nodes ${NODE_NAME} node-role.kubernetes.io/control-plane:NoSchedule

should you really use Kubernetes?

well, NO.

Kubernetes is a complex system that requires a lot of resources to maintain.

if you have multiple vms and you do need to manage them and have a lot of services, then yes, you should use Kubernetes.

but if you have a single vm and you do need to manage a few services, then you don't need to use Kubernetes.

and remember, it's always easier to pay a DevOps Engineer to initiate your Cluster. then all you have to do is to manage it :)