- Lab
- A Cloud Guru
Bootstrapping Kubernetes Worker Nodes
When working with Kubernetes clusters, a common task is standing up new worker nodes. This activity explains how to create and configure worker nodes and gives you some hands-on experience in setting up new worker nodes for a cluster. After completing this activity, you will have some direct experience creating Kubernetes worker nodes from scratch.
Path Info
Table of Contents
-
Challenge
Install the required packages.
You can install the required packages like this. Make sure you install the packages on both worker nodes:
sudo apt-get -y install socat conntrack ipset
-
Challenge
Download and install the necessary binaries.
You can download and install the binaries like this:
wget -q --show-progress --https-only --timestamping https://github.com/kubernetes-incubator/cri-tools/releases/download/v1.0.0-beta.0/crictl-v1.0.0-beta.0-linux-amd64.tar.gz https://storage.googleapis.com/gvisor/releases/release/latest/x86_64/runsc https://github.com/opencontainers/runc/releases/download/v1.0.0-rc5/runc.amd64 https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz https://github.com/containerd/containerd/releases/download/v1.1.0/containerd-1.1.0.linux-amd64.tar.gz https://storage.googleapis.com/kubernetes-release/release/v1.10.2/bin/linux/amd64/kubectl https://storage.googleapis.com/kubernetes-release/release/v1.10.2/bin/linux/amd64/kube-proxy https://storage.googleapis.com/kubernetes-release/release/v1.10.2/bin/linux/amd64/kubelet sudo mkdir -p /etc/cni/net.d /opt/cni/bin /var/lib/kubelet /var/lib/kube-proxy /var/lib/kubernetes /var/run/kubernetes chmod +x kubectl kube-proxy kubelet runc.amd64 runsc sudo mv runc.amd64 runc sudo mv kubectl kube-proxy kubelet runc runsc /usr/local/bin/ sudo tar -xvf crictl-v1.0.0-beta.0-linux-amd64.tar.gz -C /usr/local/bin/ sudo tar -xvf cni-plugins-amd64-v0.6.0.tgz -C /opt/cni/bin/ sudo tar -xvf containerd-1.1.0.linux-amd64.tar.gz -C /
-
Challenge
Configure the containerd service.
Configure the containerd service like this:
sudo mkdir -p /etc/containerd/
Create the containerd
config.toml
.cat << EOF | sudo tee /etc/containerd/config.toml [plugins] [plugins.cri.containerd] snapshotter = "overlayfs" [plugins.cri.containerd.default_runtime] runtime_type = "io.containerd.runtime.v1.linux" runtime_engine = "/usr/local/bin/runc" runtime_root = "" [plugins.cri.containerd.untrusted_workload_runtime] runtime_type = "io.containerd.runtime.v1.linux" runtime_engine = "/usr/local/bin/runsc" runtime_root = "/run/containerd/runsc" EOF
Create the containerd unit file:
cat << EOF | sudo tee /etc/systemd/system/containerd.service [Unit] Description=containerd container runtime Documentation=https://containerd.io After=network.target [Service] ExecStartPre=/sbin/modprobe overlay ExecStart=/bin/containerd Restart=always RestartSec=5 Delegate=yes KillMode=process OOMScoreAdjust=-999 LimitNOFILE=1048576 LimitNPROC=infinity LimitCORE=infinity [Install] WantedBy=multi-user.target EOF
-
Challenge
Configure the kubelet service.
You can set up kubelet like this. Make sure you set
HOSTNAME
toworker0
on the first worker node andworker1
on the second.HOSTNAME=<worker1 or worker0, depending on the server>.mylabserver.com sudo mv ${HOSTNAME}-key.pem ${HOSTNAME}.pem /var/lib/kubelet/ sudo mv ${HOSTNAME}.kubeconfig /var/lib/kubelet/kubeconfig sudo mv ca.pem /var/lib/kubernetes/
Create the kubelet config file:
cat << EOF | sudo tee /var/lib/kubelet/kubelet-config.yaml kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 authentication: anonymous: enabled: false webhook: enabled: true x509: clientCAFile: "/var/lib/kubernetes/ca.pem" authorization: mode: Webhook clusterDomain: "cluster.local" clusterDNS: - "10.32.0.10" runtimeRequestTimeout: "15m" tlsCertFile: "/var/lib/kubelet/${HOSTNAME}.pem" tlsPrivateKeyFile: "/var/lib/kubelet/${HOSTNAME}-key.pem" EOF
Create the kubelet unit file:
cat << EOF | sudo tee /etc/systemd/system/kubelet.service [Unit] Description=Kubernetes Kubelet Documentation=https://github.com/kubernetes/kubernetes After=containerd.service Requires=containerd.service [Service] ExecStart=/usr/local/bin/kubelet \ --config=/var/lib/kubelet/kubelet-config.yaml \ --container-runtime=remote \ --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock \ --image-pull-progress-deadline=2m \ --kubeconfig=/var/lib/kubelet/kubeconfig \ --network-plugin=cni \ --register-node=true \ --v=2 \ --hostname-override=${HOSTNAME} \ --allow-privileged=true Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target EOF
-
Challenge
Configure the kube-proxy service.
You can configure kube-proxy like this:
sudo mv kube-proxy.kubeconfig /var/lib/kube-proxy/kubeconfig
Create the kube-proxy config file:
cat << EOF | sudo tee /var/lib/kube-proxy/kube-proxy-config.yaml kind: KubeProxyConfiguration apiVersion: kubeproxy.config.k8s.io/v1alpha1 clientConnection: kubeconfig: "/var/lib/kube-proxy/kubeconfig" mode: "iptables" clusterCIDR: "10.200.0.0/16" EOF
Create the kube-proxy unit file:
cat << EOF | sudo tee /etc/systemd/system/kube-proxy.service [Unit] Description=Kubernetes Kube Proxy Documentation=https://github.com/kubernetes/kubernetes [Service] ExecStart=/usr/local/bin/kube-proxy \ --config=/var/lib/kube-proxy/kube-proxy-config.yaml Restart=on-failure RestartSec=5 [Install] WantedBy=multi-user.target EOF
-
Challenge
Successfully start all of the services.
Enable and start all of the services like this:
sudo systemctl daemon-reload sudo systemctl enable containerd kubelet kube-proxy sudo systemctl start containerd kubelet kube-proxy
You can verify that the services are up and running like this:
sudo systemctl status containerd kubelet kube-proxy
Make sure containerd, kubelet, and kube-proxy are all in the
active (running)
state on both worker nodes.Now make sure that both nodes are registering with the cluster. Log in to the control node and run this command:
kubectl get nodes --kubeconfig /home/cloud_user/admin.kubeconfig
Make sure your two worker nodes appear. Note that they will likely not be in the
READY
state. For now, just make sure they both show up.
What's a lab?
Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.
Provided environment for hands-on practice
We will provide the credentials and environment necessary for you to practice right within your browser.
Guided walkthrough
Follow along with the author’s guided walkthrough and build something new in your provided environment!
Did you know?
On average, you retain 75% more of your learning if you get time for practice.