Trước khi bắt đầu chúng ta cần nắm được kiến trúc cơ bản của k8s.
Proxmox Ubuntu 24.04 LTS
cp-01: 192.168.0.109 // control-plane cp-01: 192.168.0.123 // worker-01 cp-01: 192.168.0.175 // worker-02
Install container engine
Có các options chúng ta có thể lựa chọn:
- containerd
- CRI-O
- Docker Engine
- Mirantis Container Runtime
Vì k8s sẽ không support docker nữa nên mình prefer install containerd. Trước khi cài containerd:
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
# Apply sysctl params without reboot
sudo sysctl --system
Install containerd:
# Download containerd binary
wget https://github.com/containerd/containerd/releases/download/v1.7.16/containerd-1.7.16-linux-amd64.tar.gz
# Extract to /usr/local
sudo tar Cxzvf /usr/local containerd-1.7.16-linux-amd64.tar.gz
wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
sudo cp containerd.service /etc/systemd/system/
sudo systemctl daemon-reload
sudo systemctl enable --now containerd
sudo mkdir /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml
Sửa containerd config cho cgroups:
sudo systemctl daemon-reload
sudo systemctl restart containerd
Install runc
wget https://github.com/opencontainers/runc/releases/download/v1.1.12/runc.amd64
sudo install -m 755 runc.amd64 /usr/local/sbin/runc
Installing CNI plugins
wget https://github.com/containernetworking/plugins/releases/download/v1.4.0/cni-plugins-linux-amd64-v1.4.0.tgz
sudo mkdir -p /opt/cni/bin
sudo tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.4.0.tgz
Install kubeadm, kubelet and kubectl
Trước hết bạn cần tắt swap vì kubelet sẽ không thể chạy nếu node enable swap: sudo swapoff -a. Nếu muốn persist swap config bạn cần comment/delete config swap trong /etc/fstab sau đó reboot. 1 master node cần tối thiếu 2core CPU và 2GB ram để có thể cài và chạy k8s.
sudo apt-get update
# apt-transport-https may be a dummy package; if so, you can skip that package
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
# Download the public signing key for the Kubernetes package repositories. The same signing key is used for all repositories so you can disregard the version in the URL:
# If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
# sudo mkdir -p -m 755 /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
# Add the appropriate Kubernetes apt repository
# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Init cluster
sudo kubeadm init --control-plane-endpoint "192.168.0.191:8765" --upload-certs
kubectl create -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
check running containers:
sudo crictl --runtime-endpoint unix:///var/run/containerd/containerd.sock ps -a
Join worker:
# Get join command
sudo kubeadm token create --print-join-command
kubeadm join 192.168.0.109:6443 --token 6w1e19.7vx2ngoha87s7687 --discovery-token-ca-cert-hash sha256:f332faa8f45940bf65becc67c5f82cddf109877be9bdbff63376755a9f4ef0cd