Today we’ll deploy a three node Kubernetes cluster on top of Fedora 30. We’ll run the nodes on VMs in DigitalOcean’s datacenters. DigitalOcean also offers a managed Kubernetes deployment, but here we’ll deploy it manually using kubeadm. The cluster we will end up with is a single control-plane cluster, i.e. it’ll be lacking High Availability (HA) features.

Using this link to DigitalOcean will grant you $50 to spend on DigitalOcean services over 30 days for free.

If you don’t want to run Kubernetes in the cloud, you could apply this same tutorial to your bare metal machines at home, be it Raspberry Pis, other single board computers, Intel NUCs or others.

The cluster will consist of the following bits and pieces:

  • 3x DigitalOcean virtual machines
  • Fedora 30, the Linux distribution
  • kubeadm, the method by which we’ll deploy Kubernetes
  • Weave CNI, the container network interface
  • containerd, the container runtime used for Kubernetes
  • cni-plugins, various container network interface plugins required

Create VMs on DigitalOcean

First, create three VMs on DigitalOcean running Fedora 30. One of these nodes will be the master node, while the others will be worker nodes.

You can do this either by using the DigitalOcean web console, or by using their command line tools.

Make sure you activate “Private networking” when you create the VMs.

Prepare Every VM for Kubernetes

Start by upgrading the base OS:

$ sudo dnf update -y

If the kernel was upgraded, reboot:

$ sudo reboot

Now we’ll continue with Kubernetes itself. Start by adding the Kubernetes repository by adding the following block of text to the file /etc/yum.repos.d/kubernetes.repo. Run:

$ sudo vim /etc/yum.repos.d/kubernetes.repo

And paste the following:

[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg

Next, we’ll need to disable SELinux and the firewall.

NOTE: This is not recommended for production use, at all! But for learning and testing it should be ok. If you’re running this in production, please consult the Kubernetes documentation for information on how to properly configure the firewall.

To disable SELinux:

$ sudo setenforce 0
$ sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

And the firewall (firewalld):

$ sudo systemctl disable firewalld
$ sudo systemctl stop firewalld

When we’re done removing all security from our systems 🤯, let’s continue by removing all swap:

$ sudo swapoff -a
$ sudo sed -e '/swap/ s/^#*/#/' -i /etc/fstab

Finally, load required modules and configure sysctl:

$ sudo echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.d/kubernetes.conf
$ sudo echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.d/kubernetes.conf
$ sudo echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/kubernetes.conf
$ sudo sysctl --system          # reload sysctl configuration
$ sudo echo "br_netfilter" >> /etc/modules-load.d/br_netfilter.conf
$ sudo modprobe br_netfilter    # load br_netfilter without reboot

Install Kubernetes on Every Node

First, install the container runtime containerd, kubeadm, kubelet and kubectl:

$ sudo dnf install -y containerd kubelet kubeadm kubectl --disableexcludes=kubernetes

Next, enable and start the containerd and kubelet services:

$ sudo systemctl enable --now containerd
$ sudo systemctl enable --now kubelet

Initialize the Kubernetes Cluster on the Master Node

On the node that you have designated as your master node, simply run the following to initialize the new cluster:

$ sudo kubeadm init

Join the Worker Nodes to the Kubernetes Cluster

When you initialized the Kubernetes cluster on your master node, it should have outputed a command start starts with kubeadm join. Copy and paste this command on your worker nodes (after you’ve completed the earlier steps preparing and installing Kubernetes):

$ sudo kubeadm join [...]

Deploy the Weave Net CNI

Finally, we’ll deploy a Container Network Interface, CNI. In this tutorial we’ll use Weave Net.

To do so on Fedora 30, we’ll need to install a few CNI plugins, called loopback and portmap. The following commands will do so for you:

$ mkdir -p /tmp/cni-plugins
$ cd /tmp/cni-plugins
$ wget https://github.com/containernetworking/plugins/releases/download/v0.8.2/cni-plugins-linux-amd64-v0.8.2.tgz
$ tar xfvz cni-plugins-linux-amd64-v0.8.2.tgz
$ sudo cp {loopback,portmap} /opt/cni/bin/

Now, deploy the Weave Net CNI:

$ sudo kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

Copy Kubernetes Config to Local Machine

Finally, if you want to be able to run kubectl on your local machine to manage the Kubernetes cluster, simply copy the Kubernets config to your home directory (replace user and master.example.com with your username and Kubernetes master hostname or IP address):

$ mkdir -p ~/.kube
$ scp [email protected]:/etc/kubernetes/admin.conf ~/.kube/config

Last Words

Hopefully you’ll now have a working Kubernetes cluster, and hopefully this was a decent learning exercise in deploying a Kubernetes cluster on Fedora 30, on DigitalOcean and with the Weave Net CNI.

If you’d like to learn more about Kubernetes, I’d like to recommend the following books (make sure to get the latest editions, as the world of Kubernetes moves at the speed of light):

Best of luck with Kubernetes! 😊