Setup Kubernetes Cluster Using Kubeadm [Multi-node]

00:00

hello guys welcome to another practical

00:01

devops tutorial in this video I'll be

00:04

showing you guys how to set up

00:05

kubernetes cluster using the cubeadm

00:07

utility

00:08

please check the description where I

00:09

have given all the links to the required

00:11

documentation and GitHub repository to

00:13

follow this tutorial you can use the

00:15

blog Link in the description as a

00:16

reference for the entire setup as it is

00:18

constantly updated with the latest

00:19

kubernetes version

00:22

cubeadm is a great tool to set up

00:24

working kubernetes cluster in less time

00:26

it simplifies the process of setting up

00:28

all the kubernetes Clusters components

00:30

and follows all the best practices for

00:32

cluster configurations there are

00:34

solutions like kind and mini Cube which

00:35

you can set up locally to have a

00:37

kubernetes environment those tools are

00:39

great for development purposes but it

00:41

abstracts away all the cluster

00:42

configurations while these tools can

00:44

save time and reduce complexity it is

00:46

essential for devops engineer to have a

00:48

deep understanding of the various

00:50

components that make up the kubernetes

00:51

cluster building and maintaining a

00:53

self-hosted kubernetes cluster provides

00:55

valuable hands-on experience and exposes

00:58

you to the system's complexities this

01:00

experience will help you better

01:01

understand the cluster control plane and

01:03

worker node components so I strongly

01:05

suggest using a self-hosted kubernetes

01:07

cluster during your learning process

01:08

rather than using easily available

01:10

solution with a multi-node cluster you

01:12

can have the setup that mimics the real

01:14

world project setup also if you are

01:15

preparing for cka or cks certification

01:18

exams it is important to note that

01:20

cluster management using cubeadm is part

01:22

of the exam syllabus

01:25

let's look at the prerequisites to

01:27

follow this tutorial you should have a

01:28

minimum of two bundle notes one master

01:30

and one worker node the master node

01:33

should have a minimum of two vcpu and

01:35

2GB RAM for the worker nodes a minimum

01:37

of 1 bcpu and 2GB Ram is recommended and

01:40

here is an important requirement your

01:42

nodes should have an IP range in the

01:43

10.ex OR 172.x series with static IPS

01:47

for master and worker nodes we will be

01:50

using 192 series as the power Network

01:53

range through the Calico Network plugin

01:55

it is very important to have a

01:57

non-overlapping node and pod IP

01:59

addresses to avoid any type of IPM

02:01

routing conflicts

02:02

your nodes should be able to talk to

02:04

each other on all these ports required

02:06

by kubernetes

02:11

if you are setting up Cuba dim cluster

02:13

on cloud servers ensure you allow the

02:15

ports in the respective firewall

02:16

configuration also make sure the subnets

02:19

have the routing rules enabled for the

02:20

cidr ranges you use in the setup to

02:23

avoid any sort of routing issues

02:26

all the commands and scripts used in

02:28

this guide are hosted on GitHub clone

02:30

the repository to follow along this

02:31

guide

02:34

in a high level here is what we are

02:35

going to do deploy three virtual

02:37

machines install container runtime on

02:40

all the nodes we'll be using crio

02:42

install cubadium cubelet and Cube CTL on

02:46

all the nodes

02:47

initiate cubadium control plane

02:49

configuration on the master node it

02:51

first pulls all the images from the

02:53

registry.koh.io

02:55

join the worker node to the control

02:57

plane

02:58

install the Calico Network plugin to

03:00

enable power networking

03:02

install kubernetes metric server to

03:05

enable pod and node metrics validate all

03:08

the cluster components and nodes finally

03:10

deploy a sample nginx app and validate

03:13

the cluster

03:16

here is how qbdm works when you

03:19

initialize Cube ADM first it runs all

03:21

the PreFlight checks to validate the

03:23

system State and it downloads all the

03:24

required cluster container images from

03:27

the registry.kh.io container registry it

03:30

then generates required TLS certificates

03:32

and stores it on the HC kubernetes PK

03:35

folder next it generates all the

03:38

cubeconfig file for the cluster

03:39

components in the HC slash kubernetes

03:41

folder

03:42

then it starts a cubelet service and

03:45

generates the static pod manifest for

03:47

all the cluster components and saves it

03:49

in the slash it see slash kubernetes

03:51

slash manifest folder

03:54

next it starts all the control plane

03:56

components from the static Point

03:58

manifests then it installs core DNS and

04:01

Cube proxy components finally it

04:04

generates the node bootstrap token

04:05

worker nodes use this token to join the

04:08

control plane as you can see all the key

04:10

cluster configurations will be present

04:12

under the HC slash kubernetes folder

04:16

let's get started with the Hands-On labs

04:19

you can use any cloud or local

04:20

virtualization setup of your preference

04:23

this setup will work on any platform all

04:25

you need to have is three virtual

04:27

machines which will talk to each other

04:28

on the required ports for this demo I am

04:31

using AWS Cloud to deploy three virtual

04:33

machines I have a simple terraform

04:35

script that deploys three T2 dot medium

04:37

instances with security groups that

04:40

allows all the traffic between the nodes

04:42

and allow traffic and Port 6443 and note

04:46

Port range thirty thousand to thirty two

04:48

thousand seven sixty eight from anywhere

04:50

so that we can access the API server and

04:53

applications on node Port from our

04:54

workstation if you are a terraform and

04:56

AWS user all you have to do is from the

04:59

Clone repository go to the instances

05:01

folder

05:06

in the main.tf replace the Ami ID key

05:09

name and the subnet IDs to your custom

05:11

values then do a terraform unit plan and

05:14

then apply you will have three VMS ready

05:15

in a matter of minutes now that we have

05:18

the VMS ready let's get started with the

05:19

setup

05:20

to make the setup easier I have added

05:23

all the commands in two shell scripts

05:24

under the scripts folder common.sh and

05:27

master.sh for demonstration purposes and

05:30

to save time I will run the shell

05:31

scripts containing all the commands if

05:34

you want to set up the cluster by

05:35

executing the commands individually you

05:37

can follow the documentation

05:39

let's take a look at the common.sh

05:41

script

05:44

the common.sh should be run on all the

05:46

nodes let's have a look at the script

05:49

here we have the kubernetes underscore

05:51

version variable to set the required

05:53

cluster version then we are disabling

05:55

this web and add a crown type entry to

05:58

keep the swap off during server reboots

06:00

it is a requirement for the setup then

06:02

from lines 21 to 57 we execute commands

06:05

to install the crio container runtime

06:07

similar to the kubernetes version

06:09

from lines 63 to 69 we install cubelet

06:13

Cube CDL and cubeadm based on the

06:16

version that we set in the kubernetes

06:18

version variable

06:19

from lines 73 to 76 we are setting the

06:23

respective node IPS to the cubelet extra

06:26

arcs in the slash Etc default slash

06:29

cuplet file

06:30

this is required for few setup because

06:32

the servers might have more than one IP

06:35

addresses and cubelet might end up

06:37

picking the wrong ones now you can run

06:39

these commands one by one on all the

06:41

nodes or execute the whole shell script

06:44

here I'm logged into three nodes as a

06:46

root user k8's Master one is the master

06:48

node and k8s worker 2 and 3 are the

06:51

worker nodes we need to execute the

06:53

commands as a pseudo user so ensure

06:55

you're logged in this route

06:57

I will clone the cubead in scripts

06:59

repository to all the VMS and CD into

07:01

the scripts folder

07:08

let's execute the common.sh on all the

07:11

three nodes

07:15

it will take a few minutes for the

07:16

script execution to complete

07:22

in all the nodes the script has executed

07:24

successfully

07:27

next we have the master.sh script

07:30

it should be run on the master node to

07:32

set up the control plane components

07:34

let's have a look at the script

07:37

here we are setting up three environment

07:39

variables public IP access node name and

07:42

Port C idea if you are working on a poc

07:45

in your personal or sandboxed

07:46

environment you might need access to the

07:48

kubernetes API server using the public

07:50

IP address for that you can set the

07:52

public IP access equal to true because

07:54

the cubeadim initialization command

07:57

parameter needs to be changed for public

07:59

IP end points

08:00

here we are using pod cidrs 192 series

08:04

ensure your node IP range doesn't

08:06

conflict with the Pod cadr range

08:09

then the image's pull command here will

08:11

download all the required images for the

08:13

control plane components because except

08:15

cubelet every cluster component runs as

08:18

a container

08:19

then we have a condition to check if the

08:21

public IP access is set to true or false

08:23

if it is false then we fetch the private

08:26

IP address of the server using the IP

08:28

80dr Command and set it to the master

08:31

private IP variable then we initialize

08:34

cubeadm with the master private IP node

08:36

name and pods idea if the public IP

08:39

access is set to true then we retrieve

08:42

the public IP using curl and ifconfig.me

08:44

service and set it to master public IP

08:47

variable

08:48

then we initialize Cube ADM with control

08:51

plane endpoint parameter with the public

08:53

IP address instead of the API server

08:55

advertise address parameter that is the

08:58

only change if you want to use the

08:59

public IP address of the master node

09:01

next we copy the generated admin Cube

09:04

config file to the home folder so that

09:06

we can execute Cube CTL commands from

09:08

the master node finally we install the

09:11

Calico CNA plugin to enable power

09:13

networking

09:15

now that we have an understanding of the

09:17

master script let's execute the script

09:19

on the muscle node

09:20

I am executing this on the server with a

09:22

public IP so first I need to set the

09:25

public IP access variable to true in the

09:28

master.sh script on the master node

09:39

if you don't want to use the public IP

09:40

do not make any changes to the script as

09:43

by default the script picks up the

09:45

private IP address of the server let's

09:47

execute the master.sh script

09:56

initialization you should get an output

09:59

with cubeconfig file location and the

10:01

join command with the token copy that

10:03

and save it to a file we will need the

10:05

join command for joining the worker

10:07

nodes to the master now let's verify the

10:09

cube config by executing the cube CDL

10:12

command to list all the parts in the

10:13

cube system namespace

10:22

here you can see all the cluster

10:23

component parts like APA server hcd Cod

10:27

DNS and Cube scheduler are running

10:28

without any issues we can also verify

10:31

the Readiness of the API server by

10:33

querying the kubernetes API server

10:34

endpoint using cubectl

10:37

here you can see all the API server

10:39

endpoints is written the OK status which

10:41

means we have a working Master node

10:43

without any issues

10:45

now let's join the worker node to the

10:47

master node using the cubeadm join

10:49

command that we have got in the output

10:51

while setting in the master node if you

10:53

do not have the command with you you can

10:55

print it using the cubeadm token create

10:57

command from the master node

11:01

I will copy the join command and will

11:04

execute a join command from the two

11:05

worker nodes

11:16

it performs the TLs bootstrapping for

11:19

the nodes meaning the TLs certificates

11:21

required for the master and node

11:23

authentication are automatically created

11:25

in this process once it is successfully

11:27

executed you will see the output saying

11:30

this node has joined the cluster if you

11:32

have multiple worker nodes execute the

11:34

node join command on all the worker

11:35

nodes I am configuring two worker nodes

11:38

for this setup now from the master node

11:40

let's try to list the nodes

11:45

we can see three nodes one is the

11:47

control plane node and others are the

11:49

worker nodes without any labels let's

11:51

label the worker nodes as worker using

11:54

the cube CDL command

11:55

you need to replace KH worker 2 and 3

11:58

with the hostname of your worker node

12:02

if you list the notes now you can see

12:04

the label worker on the worker nodes

12:11

to get CPU and memory metrics of PODS we

12:14

need the metric server component in the

12:15

cluster it collects and stores resource

12:18

usage data such as CPU and memory from

12:20

each node in the cluster and exposes

12:22

this data through kubernetes API cubeadm

12:25

doesn't install the metric server

12:26

component during its initialization we

12:29

have to install it separately

12:30

to verify this if you run the top

12:33

command you will see the Matrix API not

12:35

available error

12:42

let's deploy the metric server using the

12:45

metric service manifest file present

12:47

under the Manifest folder

12:50

this manifest is taken from the official

12:52

metric server repo I have added the

12:54

cubelet insecure TLS flag to The

12:56

Container to make it work because in our

12:59

setup qbdm uses cells and certificates

13:02

the insecure flag is not recommended in

13:04

actual projects or production

13:05

environments as you have to use valid

13:07

TLS certificates in the cluster

13:10

let's deploy the Manifest

13:17

if you check the cube system namespace

13:19

you can see the metric server getting

13:21

deployed

13:24

once it is in registered you can check

13:26

the Pod and node metrics using the top

13:28

command

13:39

here you can see the CPU and memory

13:41

metrics of nodes and pods

13:44

it means the metric server is working as

13:46

expected

13:47

our final step is to validate the

13:49

cluster by deploying an app and access

13:51

it over a note port we will deploy nginx

13:54

application and expose it using a

13:56

service of type node Port under the

13:58

Manifest folder you will find the sample

14:00

iPhone app.yaml file

14:04

in this manifest we have a deployment

14:06

object with the latest nginx image and a

14:08

service object that exposes the nginx

14:10

deployment on node port 32000.

14:14

now let's deploy the sample app in the

14:16

next deployment using cubectl

14:28

it is successfully deployed to verify

14:31

the node Port service let's try to

14:33

access it using the worker nodes IP and

14:35

Port 32000. here I'm using the public IP

14:38

address of the worker mode

14:41

we are able to see the nginx homepage on

14:43

node Port it means the cluster setup is

14:45

working as expected in the whole setup I

14:47

have used Cube CDL from the master node

14:49

if you want to access the kubernetes

14:51

cluster from your local workstation you

14:53

need to copy the admin.com content that

14:56

is the admin cubeconfig file to your

14:58

local dot Cube folder I assume you have

15:01

cubesatel utility installed in your

15:02

Workstation

15:04

you can either copy the admin.com file

15:06

content or use sap to copy the file to

15:09

your workstation first open the

15:10

admin.com file present in the slash HC

15:13

slash kubernetes folder

15:20

here you can see the API server public

15:22

endpoint and the certificate and token

15:24

details that are required to

15:26

authenticate against the API server this

15:28

config has full admin access to the

15:30

cluster

15:31

now I will copy the whole admin.com file

15:33

contents to the clipboard

15:35

in my workstation I will open the config

15:37

file under dot Cube folder

15:42

now paste admin.com content to this file

15:45

and save it

15:50

if I execute cubicle commands now it

15:52

will interact with my Cube EDM cluster

15:54

using the details present in the config

15:56

file

16:00

I hope this tutorial was helpful if you

16:02

face any issues with the setup or need

16:04

any clarification you can drop a comment

16:06

also check the cubeadm documentation

16:08

link I have added in the description for

16:11

the latest updates in the setup in the

16:13

next video we will look at the important

16:14

kubernetes cluster configurations every

16:16

devops engineer should know

16:18

thank you and see you in the next video