In this blog post, I have covered the step-by-step guide to setup a kubernetes cluster using Kubeadm with one master and two worker nodes.
Kubeadm is an excellent tool to set up a working kubernetes cluster in less time. It does all the heavy lifting in terms of setting up all kubernetes cluster components. Also, It follows all the configuration best practices for a kubernetes cluster.
What is Kubeadm?
Kubeadm is a tool to set up a minimum viable Kubernetes cluster without much complex configuration. Also, Kubeadm makes the whole process easy by running a series of prechecks to ensure that the server has all the essential components and configs to run Kubernetes.
It is developed and maintained by the official Kubernetes community. There are other options like minikube, kind, etc., that are pretty easy to set up. You can check out my minikube tutorial. Those are good options with minimum hardware requirements if you are deploying and testing applications on Kubernetes.
But if you want to play around with the cluster components or test utilities that are part of cluster administration, Kubeadm is the best option. Also, you can create a production-like cluster locally on a workstation for development and testing purposes.
How Does Kubeadm Work?
When you initialize a Kubernetes cluster using Kubeadm, it does the following.
- When you initialize kubeadm, first it runs all the preflight checks to validate the system state and it downloads all the required cluster container images from the registry.k8s.io container registry.
- It then generates required TLS certificates and stores them in the /etc/kubernetes/pki folder.
- Next, it generates all the kubeconfig files for the cluster components in the /etc/kubernetes folder.
- Then it starts the kubelet service and generates the static pod manifests for all the cluster components and saves it in the /etc/kubernetes/manifests folder.
- Next, it starts all the control plane components from the static pod manifests.
- Then it installs core DNS and Kubeproxy components
- Finally, it generates the node bootstrap token.
- Worker nodes use this token to join the control plane.
As you can see all the key cluster configurations will be present under the /etc/kubernetes folder.
Kubeadm Setup Prerequisites
Following are the prerequisites for Kubeadm Kubernetes cluster setup.
- Minimum two Ubuntu nodes [One master and one worker node]. You can have more worker nodes as per your requirement.
- The master node should have a minimum of 2 vCPU and 2GB RAM.
- For the worker nodes, a minimum of 1vCPU and 2 GB RAM is recommended.
- 10.X.X.X/X network range with static IPs for master and worker nodes. We will be using the 192.x.x.x series as the pod network range that will be used by the Calico network plugin. Make sure the Node IP range and pod IP range don’t overlap.
Note: If you are setting up the cluster in the corporate network behind a proxy, ensure set the proxy variables and have access to the container registry and docker hub. Or talk to your network administrator to whitelist registry.k8s.io to pull the required images.
Kubeadm for Kubernetes Certification Exams
If you are preparing for Kubernetes certifications like CKA, CKAD, or CKS, you can use the local kubeadm clusters to practice for the certification exam. In fact, kubeadm itself is part of the CKA and CKS exam. For CKA you might be asked to bootstrap a cluster using Kubeadm. For CKS, you have to upgrade the cluster using kubeadm.
If you use Vagrant-based VMs on your workstation, you can start and stop the cluster whenever you need. By having the local Kubeadm clusters, you can play around with all the cluster configurations and learn to troubleshoot different components in the cluster.
Important Note: If you are planning for Kubernetes certification, make use of the CKA/CKAD/CKS coupon Codes before the price increases.
Kubeadm Port Requirements
Please refer to the following image and make sure all the ports are allowed for the control plane (master) and the worker nodes. If you are setting up the kubeadm cluster cloud servers, ensure you allow the ports in the firewall configuration.
If you are using vagrant-based Ubuntu VMs, the firewall would be disabled by default. So you don’t have to do any firewall configurations.
Vagrantfile, Kubeadm Scripts & Manifests
Also, all the commands used in this guide for master and worker nodes config are hosted in GitHub. You can clone the repository for reference.
git clone https://github.com/techiescamp/kubeadm-scripts
This guide intends to make you understand each config required for the Kubeadm setup. If you don’t want to run the command one by one, you can run the script file directly.
If you are using Vagrant to set up the Kubernetes cluster, you can make use of my Vagrantfile. It launches 3 VMs. A self-explanatory basic Vagrantfile.
If you are a Terraform and AWS user, you can make use of the Terraform script present under the Terraform folder to spin up ec2 instances.
If you are new to Vagrant, check the Vagrant tutorial.
Also, I have created a video demo of the whole kubeadm setup. You can refer it during the setup.
Kubernetes Cluster Setup Using Kubeadm
Following are the high-level steps involved in setting up a kubeadm-based Kubernetes cluster.
- Install container runtime on all nodes- We will be using cri-o.
- Install Kubeadm, Kubelet, and kubectl on all the nodes.
- Initiate Kubeadm control plane configuration on the master node.
- Save the node join command with the token.
- Install the Calico network plugin.
- Join the worker node to the master node (control plane) using the join command.
- Validate all cluster components and nodes.
- Install Kubernetes Metrics Server
- Deploy a sample app and validate the app
All the steps given in this guide are referred from the official Kubernetes documentation and related GitHub project pages.
If you want to understand every cluster component in detail, refer to the comprehensive Kubernetes Architecture.
Now let’s get started with the setup.
Enable iptables Bridged Traffic on all the Nodes
Execute the following commands on all the nodes for IPtables to see bridged traffic.
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf overlay br_netfilter EOF sudo modprobe overlay sudo modprobe br_netfilter # sysctl params required by setup, params persist across reboots cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 net.ipv4.ip_forward = 1 EOF # Apply sysctl params without reboot sudo sysctl --system
Disable swap on all the Nodes
For kubeadm to work properly, you need to disable swap on all the nodes using the following command.
sudo swapoff -a (crontab -l 2>/dev/null; echo "@reboot /sbin/swapoff -a") | crontab - || true
fstab entry will make sure the swap is off on system reboots.
You can also, control swap errors using the kubeadm parameter
--ignore-preflight-errors Swap we will look at it in the latter part.
Install CRI-O Runtime On All The Nodes
The basic requirement for a Kubernetes cluster is a container runtime. You can have any one of the following container runtimes.
- Docker Engine (using cri-dockerd)
We will be using CRI-O instead of Docker for this setup as Kubernetes deprecated Docker engine
As a first step, we need to install
cri-o on all the nodes. Execute the following commands on all the nodes.
.conf file to load the modules at bootup
cat <<EOF | sudo tee /etc/modules-load.d/crio.conf overlay br_netfilter EOF # Set up required sysctl params, these persist across reboots. cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 EOF
Execute the following commands to enable overlayFS & VxLan pod communication.
sudo modprobe overlay sudo modprobe br_netfilter
Set up required sysctl params, these persist across reboots.
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf net.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 net.bridge.bridge-nf-call-ip6tables = 1 EOF
Reload the parameters.
sudo sysctl --system
Enable cri-o repositories for version 1.23
OS="xUbuntu_20.04" VERSION="1.23" cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ / EOF cat <<EOF | sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.list deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$VERSION/$OS/ / EOF
Add the gpg keys.
curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/$OS/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers.gpg add - curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key --keyring /etc/apt/trusted.gpg.d/libcontainers.gpg add -
Update and install crio and crio-tools.
sudo apt-get update sudo apt-get install cri-o cri-o-runc cri-tools -y
Reload the systemd configurations and enable cri-o.
sudo systemctl daemon-reload sudo systemctl enable crio --now
The cri-tools contain
crictl, a CLI utility to interact with the containers created by the contianer runtime. When you use container runtimes other than Docker, you can use the crictl utility to debug containers on the nodes. Also, it is useful in CKS certification where you need to debug containers.
Install Kubeadm & Kubelet & Kubectl on all Nodes
Install the required dependencies.
sudo apt-get update sudo apt-get install -y apt-transport-https ca-certificates curl sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
Add the GPG key and apt repository.
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
Update apt and install the latest version of kubelet, kubeadm, and kubectl.
sudo apt-get update -y sudo apt-get install -y kubelet kubeadm kubectl
Note: If you are preparing for Kubernetes certification, install the specific version of kubernetes. For example, the current Kubernetes version for CKA, CKAD and CKS exams is kubernetes version 1.26
You can use the following commands to find the latest versions.
sudo apt update apt-cache madison kubeadm | tac
Specify the version as shown below.
sudo apt-get install -y kubelet=1.26.1-00 kubectl=1.26.1-00 kubeadm=1.26.1-00
Add hold to the packages to prevent upgrades.
sudo apt-mark hold kubelet kubeadm kubectl
Now we have all the required utilities and tools for configuring Kubernetes components using kubeadm.
Add the node IP to
sudo apt-get install -y jq local_ip="$(ip --json a s | jq -r '. | if .ifname == "eth1" then .addr_info | if .family == "inet" then .local else empty end else empty end')" cat > /etc/default/kubelet << EOF KUBELET_EXTRA_ARGS=--node-ip=$local_ip EOF
Initialize Kubeadm On Master Node To Setup Control Plane
Here you need to consider two options.
- Master Node with Private IP: If you have nodes with only private IP addresses and the API server would be accessed over the private IP of the master node.
- Master Node With Public IP: If you are setting up a Kubeadm cluster on Cloud platforms and you need master Api server access over the Public IP of the master node server.
Only the Kubeadm initialization command differs for Public and Private IPs.
Execute the commands in this section only on the master node.
If you are using Private IP for master Node,
Set the following environment variables. Replace
10.0.0.10 with the IP of your master node.
IPADDR="10.0.0.10" NODENAME=$(hostname -s) POD_CIDR="192.168.0.0/16"
If you want to use the Public IP of the master node,
Set the following environment variables. The IPADDR variable will be automatically set to the server’s public IP using
ifconfig.me curl call. You can also replace it with a public IP address
IPADDR=$(curl ifconfig.me && echo "") NODENAME=$(hostname -s) POD_CIDR="192.168.0.0/16"
Now, initialize the master node control plane configurations using the kubeadm command.
For a Private IP address-based setup use the following init command.
sudo kubeadm init --apiserver-advertise-address=$IPADDR --apiserver-cert-extra-sans=$IPADDR --pod-network-cidr=$POD_CIDR --node-name $NODENAME --ignore-preflight-errors Swap
--ignore-preflight-errors Swap is actually not required as we disabled the swap initially.
For public IP address-based setup use the following init command.
Here instead of
--apiserver-advertise-address we use
--control-plane-endpoint parameter for the API server endpoint.
sudo kubeadm init --control-plane-endpoint=$IPADDR --apiserver-cert-extra-sans=$IPADDR --pod-network-cidr=$POD_CIDR --node-name $NODENAME --ignore-preflight-errors Swap
All the other steps are the same as configuring the master node with private IP.
Note: You can also pass the kubeadm configs as a file when initializing the cluster. See Kubeadm Init with config file
On a successful kubeadm initialization, you should get an output with kubeconfig file location and the join command with the token as shown below. Copy that and save it to the file. we will need it for joining the worker node to the master.
Use the following commands from the output to create the
kubeconfig in master so that you can use
kubectl to interact with cluster API.
mkdir -p $HOME/.kube sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config sudo chown $(id -u):$(id -g) $HOME/.kube/config
Now, verify the kubeconfig by executing the following kubectl command to list all the pods in the
kubectl get po -n kube-system
You should see the following output. You will see the two Coredns pods in a pending state. It is the expected behavior. Once we install the network plugin, it will be in a running state
Note: You can copy the
admin.conffile from the master to your workstation in $HOME/.kube/config location if you want to execute
kubectlcommands from the workstation.
You verify all the cluster component health statuses using the following command.
kubectl get --raw='/readyz?verbose'
You can get the cluster info using the following command.
By default, apps won’t get scheduled on the master node. If you want to use the master node for scheduling apps, taint the master node.
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
Install Calico Network Plugin for Pod Networking
Kubeadm does not configure any network plugin. You need to install a network plugin of your choice.
I am using the Calico network plugin for this setup.
Note: Make sure you execute the kubectl command from where you have configured the
kubeconfigfile. Either from the master of your workstation with the connectivity to the kubernetes API.
Execute the following command to install the calico network plugin on the cluster.
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.25.0/manifests/calico.yaml
After a couple of minutes, if you check the pods in
kube-system namespace, you will see calico pods and running CoreDNS pods.
Join Worker Nodes To Kubernetes Master Node
We have set up cri-o, kubelet, and kubeadm utilities on the worker nodes as well.
Now, let’s join the worker node to the master node using the Kubeadm join command you have got in the output while setting up the master node.
If you missed copying the join command, execute the following command in the master node to recreate the token with the join command.
kubeadm token create --print-join-command
Here is what the command looks like. Use
sudo if you running as a normal user. This command performs the TLS bootstrapping for the nodes.
sudo kubeadm join 10.128.0.37:6443 --token j4eice.33vgvgyf5cxw4u8i \ --discovery-token-ca-cert-hash sha256:37f94469b58bcc8f26a4aa44441fb17196a585b37288f85e22475b00c36f1c61
On successful execution, you will see the output saying, “This node has joined the cluster”.
Now execute the kubectl command from the master node to check if the node is added to the master.
kubectl get nodes
[email protected]:/home/vagrant# kubectl get nodes NAME STATUS ROLES AGE VERSION master-node Ready control-plane 14m v1.24.6 worker-node01 Ready <none> 2m13s v1.24.6 worker-node02 Ready <none> 2m5s v1.24.6
In the above command, the ROLE is
<none> for the worker nodes. You can add a label to the worker node using the following command. Replace
worker-node01 with the hostname of the worker node you want to label.
kubectl label node worker-node01 node-role.kubernetes.io/worker=worker
You can further add more nodes with the same join command.
Setup Kubernetes Metrics Server
Kubeadm doesn’t install metrics server component during its initialization. We have to install it separately.
To verify this, if you run the top command, you will see the
Metrics API not available error.
[email protected]:~# kubectl top nodes error: Metrics API not available
To install the metrics server, execute the following metric server manifest file. It deploys metrics server version
kubectl apply -f https://raw.githubusercontent.com/techiescamp/kubeadm-scripts/main/manifests/metrics-server.yaml
This manifest is taken from the official metrics server repo. I have added the
--kubelet-insecure-tls flag to the container to make it work in the local setup and hosted it separately. Or else, you will get the following error.
because it doesn't contain any IP SANs" node=""
Once the metrics server objects are deployed, it takes a minute for you to see the node and pod metrics using the top command.
kubectl top nodes
You should be able to view the node metrics as shown below.
[email protected]:/home/vagrant# kubectl top nodes NAME CPU(cores) CPU% MEMORY(bytes) MEMORY% master-node 111m 5% 1695Mi 44% worker-node01 28m 2% 1078Mi 57% worker-node02 219m 21% 980Mi 52%
You can also view the pod CPU and memory metrics using the following command.
kubectl top pod -n kube-system
Deploy A Sample Nginx Application
Now that we have all the components to make the cluster and applications work, let’s deploy a sample Nginx application and see if we can access it over a NodePort
Create an Nginx deployment. Execute the following directly on the command line. It deploys the pod in the default namespace.
cat <<EOF | kubectl apply -f - apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment spec: selector: matchLabels: app: nginx replicas: 2 template: metadata: labels: app: nginx spec: containers: - name: nginx image: nginx:latest ports: - containerPort: 80 EOF
Expose the Nginx deployment on a NodePort 32000
cat <<EOF | kubectl apply -f - apiVersion: v1 kind: Service metadata: name: nginx-service spec: selector: app: nginx type: NodePort ports: - port: 80 targetPort: 80 nodePort: 32000 EOF
Check the pod status using the following command.
kubectl get pods
Once the deployment is up, you should be able to access the Nginx home page on the allocated NodePort.
Possible Kubeadm Issues
Following are the possible issues you might encounter in the kubeadm setup.
- Pod Out of memory and CPU: The master node should have a minimum of 2vCPU and 2 GB memory.
- Nodes cannot connect to Master: Check the firewall between nodes and make sure all the nodes can talk to each other on the required kubernetes ports.
- Calico Pod Restarts: Sometimes, if you use the same IP range for the node and pod network, Calico pods may not work as expected. So make sure the node and pod IP ranges don’t overlap. Overlapping IP addresses could result in issues for other applications running on the cluster as well.
For other pod errors, check out the kubernetes pod troubleshooting guide.
If your server doesn’t have a minimum of 2 vCPU, you will get the following error.
[ERROR NumCPU]: the number of available CPUs 1 is less than the required 2
If you use public IP with
--apiserver-advertise-address parameter, you will have failed master node components with the following error. To rectify this error, use
--control-plane-endpoint parameter with the public IP address.
kubelet-check] Initial timeout of 40s passed. Unfortunately, an error has occurred: timed out waiting for the condition This error is likely caused by: - The kubelet is not running - The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled) If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands: - 'systemctl status kubelet' - 'journalctl -xeu kubelet'
Kubernetes Cluster Important Configurations
Following are the important cluster configurations you should know.
|Static Pods Location (etcd, api-server, controller manager and scheduler)||/etc/kubernetes/manifests|
|TLS Certificates location (kubernetes-ca, etcd-ca and kubernetes-front-proxy-ca)||/etc/kubernetes/pki|
|Admin Kubeconfig File||/etc/kubernetes/admin.conf|
Upgrading Kubeadm Cluster
Using kubeadm you can upgrade the kubernetes cluster for the same version patch or a new version.
Kubeadm upgrade doesn’t introduce any downtime if you upgrade one node at a time.
To do hands-on, please refer to my step-by-step guide on Kubeadm cluster upgrade
How to use Custom CA Certificates With Kubeadm?
By default, kubeadm creates its own CA certificates. However, if you wish to use custom CA certificates, they should be placed in the
/etc/kubernetes/pki folder. When kubeadm is run, it will make use of existing certificates if they are found, and will not overwrite them.
How to generate the Kubeadm Join command?
You can use
kubeadm token create --print-join-command command to generate the join command.
In this post, we learned to install Kubernetes step by step using kubeadm.
As a DevOps engineer, it is good to have an understanding of the Kubernetes cluster components. With companies using managed Kubernetes services, we miss learning the basic building blocks of kubernetes.
This Kubeadm setup is good for learning and playing around with kubernetes.
Also, there are many other Kubeadm configs that I did not cover in this guide as it is out of the scope of this guide. Please refer to the official Kubeadm documentation. By having the whole cluster setup in VMs, you can learn all the cluster components configs and troubleshoot the cluster on component failures.
Also, with Vagrant, you can create simple automation to bring up and tear down Kubernetes clusters on-demand in your local workstation. Check out my guide on automated kubernetes vagrant setup using kubeadm.
If you are learning kubernetes, check out the comprehensive Kubernetes tutorial for beginners.[convertkit form=2269618]
I am able to setup the k8s cluster with 1master and 1worker but when I try to add another master node to the existing cluster I am unable to do that. Can anyone please help in this. Like what’s the process for joining another master to the running cluster.
Hi Bibin, thank you for providing grate article to intiate kubemaster and workernodes with in few minutes by simple steps.
Getting error while executing for following cmd – to schedule apps in masternode.
kubectl taint nodes –all node-role.kubernetes.io/master-
But is resolved by using following cmd:
kubectl taint nodes –all node-role.kubernetes.io/control-plane-
Very direct tutorial. Thanks for your writing.
One of my worker node is in different subnet, but i was able ping the physical ips from both master and worker nodes, and i can schedule job on worker node also but, from worker node pods it was not able to communicate to master node pods also i am not able to do telnet.
telnet 10.96.0.10 53
telnet: Unable to connect to remote host: Connection timed out
this 10.96.0.10 is core DNS service ip , can you please help me i got stuck here from a long time
It seems like the issue you’re facing might be related to network policies, security groups, or routing configurations. Since you can ping and schedule jobs between the master and worker nodes but are unable to establish a connection between their respective pods, it is likely that there’s a networking misconfiguration or firewall blocking the communication between the two.
Here are some steps to troubleshoot and resolve the issue:
Verify routing and subnet configuration:
Ensure that the subnets and routing configurations for both the master and worker nodes are set up correctly. If there’s a misconfiguration, it might be blocking communication between the pods. If it is a corporate network, check with the network team about the routing rules.
If host has custom DNS servers configured use that same for cluster as well.
Check network policies:
Network policies define how groups of pods are allowed to communicate with each other and other network endpoints. Ensure that there are no network policies blocking communication between the master and worker node pods. If necessary, create a new network policy to allow the required communication.
Examine firewall rules and security groups:
Check the firewall rules and security group configurations for both the master and worker nodes to ensure that they allow the necessary traffic. You might need to open up specific ports or allow certain IP ranges to enable communication between the pods.
Hey Great tutorial , I am able to deploy kubernets and kubeflow , thank you for sharing it.
But I have few issues can u help on it.
My worker node is not able communicate with master node cluster ip, when i do telnet
telnet 10.96.0.10 53 from worker node it is not reaching to master , and there is not cross pod communication between the pods from worker node to master node, and finally from worker node pod am not able to ping google.com also, can u please help on it.
Did you install the CNI plugin to enable pod networking?
Are the POD CIDR range and node CIDR range different? Ensure there are not IP conflicts.
Also, check if the CoreDNS pod is running without any issues
core dns pods are running without issues, am using calico cni which running fine on both nodes,
kubectl cluster-info dump | grep -m 1 cluster-cidr
[kubelet-check] Initial timeout of 40s passed.
Unfortunately, an error has occurred:
timed out waiting for the condition
This error is likely caused by:
– The kubelet is not running
– The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
– ‘systemctl status kubelet’
– ‘journalctl -xeu kubelet’
Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers using your preferred container runtimes CLI.
Here is one example how you may list all running Kubernetes containers by using crictl:
– ‘crictl –runtime-endpoint unix:///var/run/cri-dockerd.sock ps -a | grep kube | grep -v pause’
Once you have found the failing container, you can inspect its logs with:
– ‘crictl –runtime-endpoint unix:///var/run/cri-dockerd.sock logs CONTAINERID’
error execution phase wait-control-plane: couldn’t initialize a Kubernetes cluster
To see the stack trace of this error execute with –v=5 or higher
I’m using docker as container service and cri-dockerd is also installed.
This error is still showing after running command
kubeadm init –control-plane-endpoint=$IPADDR –apiserver-cert-extra-sans=$IPADDR –pod-network-cidr=$POD_CIDR –node-name $NODENAME –cri-socket=unix:///var/run/cri-dockerd.sock
@priyabrata Where are you trying to run this setup?
Is it a private IP-based setup or Public IP based setup
If you are trying to use Public IP for the API server endpoint, you need to use the –control-plane-endpoint with public IP parameter instead of –apiserver-advertise-address as mentioned in the guide.
no i’m using private ip.
Also i’m trying to setup using public ip what you have mention in thread, that too gave same kind of error.
Try once with crio instead of dockerd. Also, there is no IP conflict between Node Ip and Pod CIDR.
With crio, it is working fine. But issue occurs in docker
NODEIP: NODEPORT not working (from windows machine in same subnect with same SG) for nodes other than the nodes where pods are deployed.
i.e masternodeip:nodeport — not working
worker1:nodeport —- working (pods are running here)
worker2:nodeport — not working
thank you for the guide, it is simple and intuitive.
Welcome Aleksei 🙂
Unable to join my worker nodes to the cluster and getting the below timeout error.
[preflight] Running pre-flight checks
error execution phase preflight: couldn’t validate the identity of the API Server: Get “https://:6443/api/v1/namespaces/kube-public/configmaps/cluster-info?timeout=10s”: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
To see the stack trace of this error execute with –v=5 or higher
Kubelet service also not getting started in the worker nodes alone.
command failed” err=”failed to validate kubelet flags: the container runtime endpoint address was not specified or empty, use –container-runtime-endpoint to set”
Am i missing anything? Please help me to resolve this.
@Sathish could you please give some more information about the environment you are setting up the cluster? did you add required firewall rules for the nodes to communicate?
Is the port requirements part recently added to the blog? havent seen that before. After adding the port it worked.
Hi Sathish, It was there from the start 🙂
Hello, thanks for this article. I get an error when doing vagrant up. bellow the output:
Bringing machine ‘master’ up with ‘virtualbox’ provider…
Bringing machine ‘node01’ up with ‘virtualbox’ provider…
Bringing machine ‘node02’ up with ‘virtualbox’ provider…
==> master: Checking if box ‘bento/ubuntu-22.04’ version ‘202212.11.0’ is up to date…
==> master: Clearing any previously set network interfaces…
There was an error while executing `VBoxManage`, a CLI used by Vagrant
for controlling VirtualBox. The command and stderr is shown below.
Command: [“hostonlyif”, “create”]
VBoxManage: error: Failed to create the host-only adapter
VBoxManage: error: VBoxNetAdpCtl: Error while adding new interface: failed to open /dev/vboxnetctl: No such file or directory
VBoxManage: error: Details: code NS_ERROR_FAILURE (0x80004005), component HostNetworkInterfaceWrap, interface IHostNetworkInterface
VBoxManage: error: Context: “RTEXITCODE handleCreate(HandlerArg *)” at line 105 of file VBoxManageHostonly.cpp
does any one experienced the same issue ?
Which version of Virtual Box are you using?
Also, did you add the following to /etc/vbox/networks.conf
* 0.0.0.0/0 ::/0
This is awesome article Bibin, helped me a lot for the kubernetes cluster setup. Keep Rock !
Really nice article, help me a lot to understand how Kubernetes ecosystem really works, thanks! 😊
The link (https://docs.projectcalico.org/manifests/calico.yaml) is not found.
Thanks for the update. Please use the following YAML
Updated the article as well.
Thanks a lot!
Dear Mr. Bibin Wilson,
Thank you so much you help me a lot 🙂
Thanks for the post.
I had to manually upgrade ca-certificates in order to install CRI-O.
Hi @Bibin Wilson,
This article is really very great. It helped us a lot to install kubernetes cluster.
Thanks a lot!!
This is awesome. I’m glad I found it. I have been struggling with getting my Kubernetes cluster working. I think it is selecting the version that did it for me. Thank you.
Glad it helped Iheaka 🙂
First of all, thanks for this article !
But I’m starting to following the different steps, and in some code blocks, in the article, i see “cat <" instead of the commands to execute.
Is this a temporary issue ?
Hi Pierre. It was an HTML issue. It is fixed now.
Thanks a lot for this water-clear tutorial. It is the end of one week struggling to get it working \o/
I really appreciate this article. Thank you so much!
Glat it helped Ed 🙂
Got an issue while running the kubeadm init but after following the resolution steps in this PR it worked: https://github.com/containerd/containerd/issues/4581
I had to use this instead:
cat > /etc/containerd/config.toml <<EOF
systemd_cgroup = true
systemctl restart containerd