kubernetes kubeadm high availability

We’ve already written an article to setup the single master node. we’re going to configure Master and worker node on Linux. We can also configure master-slave Kubernetes cluster high availability using kubeadm on Linux.

We can also install the Kubernetes Master-Slave cluster using the Kubectl on both Linux and Windows platforms. Let’s see, how to configure master-slave Kubernetes cluster high availability with kubeadm on Linux.

Check Out: Solve add-apt-repository: Command Not Found on Ubuntu

As per Kubernetes guidelines, we must have swapped off and SELinux disabled on the machine because Kubernetes doesn’t support them.

Configure the Master Node:

Step 1: we will disable the swap and SELinux using the below commands and also uncomment the swap from /etc/fstab.

[[email protected] ~]# swapoff -a
[[email protected] ~]# free -m
     total      used     free      shared     buff/cache     available
Mem:  979       145      308        12          525            636
Swap:            0        0         0
[[email protected] ~]# sudo sed -i 's/^SELINUX=enforcing$/SELINUX=disabled/' /etc/selinux/config

Step 2: Make sure br_netfilter module is loaded before this configuration. you can check it using lsmod | grep br_netfilter. if it’s not loaded, we can load using modprobe br_netfilter.

We have to enable networking and I will create a new file in this location /etc/sysctl.d/kub.conf.

[[email protected] ~]# cat /etc/sysctl.d/kub.conf
net.bridge.bridge-nf-call-ip6tables =1
net.bridge.bridge-nf-call-iptables =1
[[email protected] ~]# sysctl --system
[[email protected] ~]# sysctl -p

Check Out: How To Upgrade Firefox and Enable Multi-Process On Ubuntu

Step 3: Create a Kubernetes repository. 

[[email protected] ~]# vim /etc/yum.repos.d/kub.repo
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl

Step 4: Install the required packages including docker and kubeadm

[[email protected] ~]# yum install docker kubeadm -y

This kubeadm is a single command that will install both the required package to configure the Kubernetes. Now we will start the docker service and enable at boot time.

[[email protected] ~]# systemctl start docker 
[[email protected] ~]# systemctl enable docker 
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[[email protected] ~]# systemctl enable kubelet.service
Created symlink from /etc/systemd/system/multi-user.target.wants/kubelet.service to /usr/lib/systemd/system/kubelet.service.

Step 5: Initialize the cluster using the below commands and we will advertise the network address for the cluster. if you don’t have 2 CPU, you can ignore this hardware check at the time of running the below command by using –ignore-preflight-errors=all in the end. 

[[email protected] ~]# kubeadm init --pod-network-cidr "" --service-cidr ""


When you face any issue related to required cgroups disabled“. you can check your Cgroup driver type using the below command. 

[[email protected] ~]# docker info | grep -i 'cgroup driver'
WARNING: You're not using the default seccomp profile
Cgroup Driver: systemd

Check Out: Kubernetes Kubelet Service Failed To Start Up On CentOS

An alternative command to check Cgroup driver.

[[email protected] ~]# docker info -f {{.CgroupDriver}}

You can check the kubelet service-related logs here.

[[email protected] ~]# journalctl -xeu kubelet | more

We can add this parameter in this file. 

[[email protected] ~]# vim /etc/sysconfig/kubelet

Now start and enable the kubelet service. if you face again the service issue then change cgroupfs to systemd like docker.

[[email protected] ~]# systemctl daemon-reload
[[email protected] ~]# systemctl startkubelet
[[email protected] ~]# systemctl enale kubelet
[[email protected] ~]# systemctl status kubelet
● kubelet.service - kubelet: The Kubernetes Node Agent
Loaded: loaded (/usr/lib/systemd/system/kubelet.service; enabled; vendor preset: disabled)
Drop-In: /usr/lib/systemd/system/kubelet.service.d
Active: active (running) since Tue 2020-04-07 11:33:37 EDT; 426ms ago
Docs: https://kubernetes.io/docs/
Main PID: 2841 (kubelet)
CGroup: /system.slice/kubelet.service
└─2841 /usr/bin/kubelet --bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf --config=/var/lib/kubelet/config.yaml --cgroup-driver=systemd ...

Now initialize the below command to install the required packages.

[[email protected] ~]# kubeadm init --pod-network-cidr "" --service-cidr "" --ignore-preflight-errors=all

You have to run the below command. 

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Check Out: How To Install Plugins on WordPress 5.4 On Linux

Check if you’re able to make a connection with the Cluster/API server.

[[email protected] ~]# kubectl get componentstatuses
NAME                 STATUS                 MESSAGE       ERROR
scheduler            Healthy                  ok 
controller-manager   Healthy                  ok 
etcd-0               Healthy          {"health":"true"}

Step 6: Now we will check the master node status. 

[[email protected] ~]# kubectl get node
NAME           STATUS        ROLES        AGE       VERSION
master-node    NotReady      master       57m       v1.18.0

The Master node is not ready because we haven’t added any pod network yet. you can check the status using the below command.

[[email protected] ~]# kubectl get pods --all-namespaces=true -o wide

Step 7: We have to a pod network I will use the weave network. 

[[email protected] ~]# export kubever=$(kubectl version | base64 | tr -d '\n')
[[email protected] ~]# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$kubever"
serviceaccount/weave-net created
clusterrole.rbac.authorization.k8s.io/weave-net created
clusterrolebinding.rbac.authorization.k8s.io/weave-net created
role.rbac.authorization.k8s.io/weave-net created
rolebinding.rbac.authorization.k8s.io/weave-net created
daemonset.apps/weave-net created

Once the network is ready. Check the master node status. 

[[email protected] log]# kubectl get node
NAME                     STATUS              ROLES            AGE           VERSION
master-node              Ready                 master           84m             v1.18.0

Configure the Worker Node:

Step 8: we have to repeat the same Steps 1,2,3 and 4 on the worker node. Once you’re done with it then run the below command to join the worker node to the master node. 

Check Out: Learn Cat Commands With Examples On Linux

[[email protected] ~]# kubeadm join --token srio4m.8o3t3bk3d0lhj3qt --discovery-token-ca-cert-hash sha256:7e3f6c35f997295f9f5b6f625f381c444266041cdc4a658e852855adf0ab053a
W0430 11:14:45.879568    8907 join.go:346] [preflight] WARNING: JoinControlPane.controlPlane settings will be ignored when control-plane flag is not set.
[preflight] Running pre-flight checks
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Downloading configuration for the kubelet from the "kubelet-config-1.18" ConfigMap in the kube-system namespace
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...

This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.

Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
Once it's joined the master the output will look like as shown below. if your token is
expired or wants to join the new nodes. you will have to get the token with the below
commands than simply run on worker nodes. 
[[email protected] ~]# kubeadm token create --print-join-command

Check the health status of the Kubernetes using the below command. 

[[email protected] ~]# curl -sSL http://localhost:10248/healthz

Nou you can see worker node has joined the master node as shown below. 

[[email protected] ~]# kubectl get node
NAME               STATUS        ROLES       AGE       VERSION
master-node        Ready         master      22h       v1.18.0
worker-node        Ready         <none>      18m       v1.18.0

That’s it.


Please enter your comment!
Please enter your name here