November 21, 2018 – jonamiki.com

DEPRECIATED: The setup in this article has been superseded by a newer, better version as per the link below:

Kubernetes home lab: Upgraded edition with functional LoadBalancer and external access to pods

Introduction:

Building a Kubernetes cluster for the lab at home or at work doesn’t have to be complicated. Below are the steps to create a 3-node cluster (1 master + 2 workers).

Prerequisites:

Install three copies of Ubuntu 18.04. I used VirtualBox + Vagrant (and the image “ubuntu/bionic64”) to create mine. My nodes are named as follows:

k8s-c3-n1 (ip: 192.168.11.101)
k8s-c3-n2 (ip: 192.168.11.102)
k8s-c3-n3 (ip: 192.168.11.103)

Be sure to disable swap. Kubernetes won’t work if it’s enabled. This can be done by commenting out or removing the entry for swap in /etc/fstab followed by a reboot. Temporarily it can be turned off with “swapoff -a”.

Installing Kubernetes:

On all three nodes, download the Google apt key and add it:

wget https://packages.cloud.google.com/apt/doc/apt-key.gpg<br>
sudo apt-key add apt-key.gpg"; done<br>
sudo apt-add-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"<br>
sudo apt-get update

Install kubeadm – also on all three nodes:

sudo apt-get install kubeadm -y

Installing Docker:

We also need Docker on all three nodes. Install it and enable the service as follows:

sudo apt-get install docker.io -y<br>
sudo systemctl enable docker<br>
sudo systemctl start docker

Configuring the master node:

On the master (k8s-c3-n1 in this case), enable the kubelet service:

sudo systemctl enable kubelet<br>
sudo systemctl start kubelet

Initialize the cluster:

Now let’s initialize the cluster with “kubeadmin init”. This is done on the master node. Note some detail about the two variables we need to provide:

The API server advertise address: If your hosts have multiple network cards, specify which IP address the API server should bind to. Make sure the nodes are all able to communicate on the network chosen here.
The pod network CIDR: The network you wish the pods to utilize. This appears to be arbitrary. I chose the 10.244.0.0/16 for my network.

sudo kubeadm init --apiserver-advertise-address=192.168.11.101 --pod-network-cidr=10.244.0.0/16

The “kubeadmin init” will result in output similar to the below. Make note of the “kubeadmin join” string as it’s unique to your installation and we’ll need it whenever registering worker nodes:

Your Kubernetes master has initialized successfully!</p>
<p>To start using your cluster, you need to run the following as a regular user:</p>
<p>mkdir -p $HOME/.kube<br>
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config<br>
sudo chown $(id -u):$(id -g) $HOME/.kube/config</p>
<p>You should now deploy a pod network to the cluster.<br>
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:<br>
https://kubernetes.io/docs/concepts/cluster-administration/addons/</p>
<p>You can now join any number of machines by running the following on each node as root:</p>
<p>kubeadm join 192.168.11.101:6443 --token bohtxr.206wlhy38gyse6vw --discovery-token-ca-cert-hash sha256:8daef1a7da449a1dffb9bd1ae9a95755d2ecbb407d8940e240e51344c9894bce

Let’s finalize by running the commands as suggested in the “kubeadm join” output. This is done on the master node – same as we used for ‘kubeadmin join’.

 mkdir -p $HOME/.kube<br>
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config<br>
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Congratulations – Kubernetes is installed! However, there is still a little bit of work to be done. First installing a pod network and then adding our two worker nodes.

Adding the pod network:

We’ll use Flannel for this example. There are other network solutions available too, but this worked well for me in my lab, and it’s both quick and easy:

sudo kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

Joining the worker nodes:

Finally, let’s join our two workers to the master node by executing the “kubeadm join” string which was provided by our “kubeadm init” earlier.

On each of the two worker nodes, execute the “kubeadm join” string that is unique to your installation. For me it was as follows:

sudo kubeadm join 192.168.11.101:6443 --token bohtxr.206wlhy38gyse6vw --discovery-token-ca-cert-hash sha256:8daef1a7da449a1dffb9bd1ae9a95755d2ecbb407d8940e240e51344c9894bce

Let’s see if the three nodes are visible. On the master node, execute “kubectl get nodes”. Output should be similar to the below:

NAME STATUS ROLES AGE VERSION<br>
k8s-c3-n1 Ready master 4m7s v1.12.2<br>
k8s-c3-n2 Ready <none> 34s v1.12.2<br>
k8s-c3-n3 Ready <none> 32s v1.12.2

It may take around 30 sec to a minute for the workers to reach “Ready” status, but that’s it – Kubernetes is installed and ready.

We can now deploy containers / pods and they will be scheduled to run on the worker nodes. Note: There’s no load balancer or other fancy stuff installed by default so it’s pretty bare-bones 🙂

Deploy a test application:

Let’s verify that our cluster works by deploying a container with a web server.

On the master node (“k8s-c3-n1” in this example), deploy the “httpd” webserver using “kubectl run”. I picked the name “httpd-01” for this pod. This is arbitrary so feel free to use any name that makes sense in your installation.

vagrant@k8s-c3-n1:~$ kubectl run --image=httpd:2.4 httpd-01 --port=80 --env="DOMAIN=cluster"<br>
kubectl run --generator=deployment/apps.v1beta1 is DEPRECATED and will be removed in a future version. Use kubectl create instead.<br>
deployment.apps/httpd-01 created

We can now check that it’s running with “kubectl get pods”:

vagrant@k8s-c3-n1:~$ kubectl get pods<br>
NAME READY STATUS RESTARTS AGE<br>
httpd-01-9f5587597-7jc8b 0/1 ContainerCreating 0 5s

Since this is a web server we want to expose port 80 so it can be accessed. This creates a service which has to be named. I picked the name ‘httpd-01-http”, but chose any name that makes sense in your installation. Note that we’re referring to the name we gave our our pod at deployment: “httpd-01”.

vagrant@k8s-c3-n1:~$ kubectl expose deployment httpd-01 --port=80 --name=httpd-01-http<br>
service/httpd-01-http exposed

Let’s find out more about our web server application / pod by using “kubectl get pods” and then “kubectl describe pod <pod id>”:

vagrant@k8s-c3-n1:~$ kubectl get pods<br>
NAME READY STATUS RESTARTS AGE<br>
httpd-01-9f5587597-7jc8b 1/1 Running 0 9m8s<br>
vagrant@k8s-c3-n1:~$

vagrant@k8s-c3-n1:~$ kubectl describe pod httpd-01-9f5587597-7jc8b<br>
Name: httpd-01-9f5587597-7jc8b<br>
Namespace: default<br>
Priority: 0<br>
PriorityClassName: <none><br>
Node: k8s-c3-n2/10.0.2.15<br>
Start Time: Wed, 21 Nov 2018 02:07:09 +0000<br>
Labels: pod-template-hash=9f5587597<br>
run=httpd-01<br>
Annotations: <none><br>
Status: Running<br>
IP: 10.244.1.2<br>
Controlled By: ReplicaSet/httpd-01-9f5587597<br>
Containers:<br>
httpd-01:<br>
Container ID: docker://52cb9559af71c39f4ca58a2520b3d4d4278048dab9c1b2a826fabd8a073cb77a<br>
Image: httpd:2.4<br>
Image ID: docker-pullable://httpd@sha256:9753aabc6b0b8cd0a39733ec13b7aad59e51069ce96d63c6617746272752738e<br>
Port: 80/TCP<br>
Host Port: 0/TCP<br>
State: Running<br>
Started: Wed, 21 Nov 2018 02:07:26 +0000<br>
Ready: True<br>
Restart Count: 0<br>
Environment:<br>
DOMAIN: cluster<br>
Mounts:<br>
/var/run/secrets/kubernetes.io/serviceaccount from default-token-hldjg (ro)<br>
Conditions:<br>
Type Status<br>
Initialized True<br>
Ready True<br>
ContainersReady True<br>
PodScheduled True<br>
Volumes:<br>
default-token-hldjg:<br>
Type: Secret (a volume populated by a Secret)<br>
SecretName: default-token-hldjg<br>
Optional: false<br>
QoS Class: BestEffort<br>
Node-Selectors: <none><br>
Tolerations: node.kubernetes.io/not-ready:NoExecute for 300s<br>
node.kubernetes.io/unreachable:NoExecute for 300s<br>
Events:<br>
Type Reason Age From Message<br>
---- ------ ---- ---- -------<br>
Normal Scheduled 9m18s default-scheduler Successfully assigned default/httpd-01-9f5587597-7jc8b to k8s-c3-n2<br>
Normal Pulling 9m17s kubelet, k8s-c3-n2 pulling image "httpd:2.4"<br>
Normal Pulled 9m5s kubelet, k8s-c3-n2 Successfully pulled image "httpd:2.4"<br>
Normal Created 9m1s kubelet, k8s-c3-n2 Created container<br>
Normal Started 9m1s kubelet, k8s-c3-n2 Started container<br>
vagrant@k8s-c3-n1:~$

Among a lot of other information we can see it’s running on worker node “k8s-c3-n2”.

Let’s also get some information about the service we got when exposing port 80 earlier:

vagrant@k8s-c3-n1:~$ kubectl get services<br>
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE<br>
httpd-01-http ClusterIP 10.104.247.184 <none> 80/TCP 2m11s<br>
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 61m<br>
vagrant@k8s-c3-n1:~$<br>
vagrant@k8s-c3-n1:~$ kubectl describe service httpd-01-http<br>
Name: httpd-01-http<br>
Namespace: default<br>
Labels: run=httpd-01<br>
Annotations: <none><br>
Selector: run=httpd-01<br>
Type: ClusterIP<br>
IP: 10.104.247.184<br>
Port: <unset> 80/TCP<br>
TargetPort: 80/TCP<br>
Endpoints: 10.244.1.2:80<br>
Session Affinity: None<br>
Events: <none><br>
vagrant@k8s-c3-n1:~$

Here we can see the endpoint IP and port: “10.244.1.2:80”

Since we know it’s running on worker node “k8s-c3-n2”, let’s SSH there and verify that we can get the default webpage:

vagrant@k8s-c3-n2:~$ wget -qO- http://10.244.1.2<br>
<html><body><h1>It works!</h1></body></html><br>
vagrant@k8s-c3-n2:~$

As shown in the output: “It works!”.

That goes both for the httpd container and for the Kubernetes cluster. Have fun!

Day: November 21, 2018

Building a Kubernetes (k8s) cluster for the home lab