Skip to content

Instantly share code, notes, and snippets.

@Choongkyu

Choongkyu/install-kubernetes-archlinux.md

Forked from StephenSorriaux/install-kubernetes-archlinux.md
Created February 22, 2020 23:22
Show Gist options
  • Save Choongkyu/3f18a99e5a23ce294b78db3741d97ab7 to your computer and use it in GitHub Desktop.
Save Choongkyu/3f18a99e5a23ce294b78db3741d97ab7 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @StephenSorriaux StephenSorriaux created this gist Oct 25, 2018.
    145 changes: 145 additions & 0 deletions install-kubernetes-archlinux.md
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,145 @@
    # Installing Kubernetes on ArchLinux
    ## Packages
    ```
    pacman -S curl docker ebtables ethtool wget unzip
    ```

    Also `cfssl` is needed but available on AUR, using `pacaur`
    ```
    pacaur -S cfssl
    ```

    ## Configuring Docker

    Add `--iptables=false` and `--ip-masq=false` parameters to the dockerd daemon in the docker systemd service (`/usr/lib/systemd/system/docker.service`).

    Allow bridged IPV4 traffic to iptables' chains using:
    ```
    sysctl net.bridge.bridge-nf-call-iptables=1
    ```

    If Docker was previsously used, clean the iptables rules using:
    ```
    iptables -F
    iptables -t nat -F
    ```
    Start or restart Docker. `systemctl enable docker && systemctl restart docker`

    ## Installing CNI
    ```
    export CNI_VERSION="v0.6.0"
    mkdir -p /opt/cni/bin
    curl -L "https://github.com/containernetworking/plugins/releases/download/${CNI_VERSION}/cni-plugins-amd64-${CNI_VERSION}.tgz" | tar -C /opt/cni/bin -xz
    ```

    ## Installing CRI
    ```
    export CRICTL_VERSION="v1.11.1"
    mkdir -p /opt/bin
    curl -L "https://github.com/kubernetes-incubator/cri-tools/releases/download/${CRICTL_VERSION}/crictl-${CRICTL_VERSION}-linux-amd64.tar.gz" | tar -C /opt/bin -xz
    ```

    ## Installing kubeadm, kubelet, kubectl

    ```
    RELEASE="$(curl -sSL https://dl.k8s.io/release/stable.txt)"
    mkdir -p /opt/bin
    cd /opt/bin
    curl -L --remote-name-all https://storage.googleapis.com/kubernetes-release/release/${RELEASE}/bin/linux/amd64/{kubeadm,kubelet,kubectl}
    chmod +x {kubeadm,kubelet,kubectl}
    curl -sSL "https://raw.githubusercontent.com/kubernetes/kubernetes/${RELEASE}/build/debs/kubelet.service" | sed "s:/usr/bin:/opt/bin:g" > /etc/systemd/system/kubelet.service
    mkdir -p /etc/systemd/system/kubelet.service.d
    curl -sSL "https://raw.githubusercontent.com/kubernetes/kubernetes/${RELEASE}/build/debs/10-kubeadm.conf" | sed "s:/usr/bin:/opt/bin:g" > /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
    systemctl enable kubelet && systemctl start kubelet
    ```

    ## Creating the cluster

    ```
    kubeadm init --pod-network-cidr=10.244.0.0/16
    mkdir -p $HOME/.kube
    sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
    sudo chown $(id -u):$(id -g) $HOME/.kube/config
    ```

    At this point you should be able to use
    ```
    $ kubectl get no
    NAME STATUS ROLES AGE VERSION
    stephen-arch-linux Ready master 31m v1.12.1
    ```

    ## Adding Flannel

    ```
    kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml
    ```

    Once Flannel is up, your cluster is up and running.

    ## Making the master schedulable

    ```
    kubectl taint nodes --all node-role.kubernetes.io/master-
    ```

    ## Accessing your k8s services from outside the cluster

    Install an Ingress controller, for instance the NGINX Ingress Controller:
    ```
    kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/mandatory.yaml
    ```
    Dont forget the k8s service:
    ```
    kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/master/deploy/provider/baremetal/service-nodeport.yaml
    ```
    Using the [`Ingress` object](https://kubernetes.io/docs/concepts/services-networking/ingress/) you will be able to access your services.


    ## Using local volume as PersistentVolumeClaim

    Create a storageClass (this object is not namespaced):

    ```
    ---
    kind: StorageClass
    apiVersion: storage.k8s.io/v1
    metadata:
    name: local-storage
    provisioner: kubernetes.io/no-provisioner
    volumeBindingMode: WaitForFirstConsumer
    ```

    Make it the default one:
    ```
    kubectl annotate storageclass local-storage storageclass.kubernetes.io/is-default-class=true
    ```
    For each PersistentVolumeClaim, you will need to manually create a PersistentVolume:
    ```
    ---
    apiVersion: v1
    kind: PersistentVolume
    metadata:
    name: local-pv
    spec:
    capacity:
    storage: 10Gi
    accessModes:
    - ReadWriteOnce
    persistentVolumeReclaimPolicy: Retain
    storageClassName: local-storage
    local:
    path: /etc/kubernetes/local
    nodeAffinity:
    required:
    nodeSelectorTerms:
    - matchExpressions:
    - key: beta.kubernetes.io/os
    operator: In
    values:
    - linux
    ```
    Be sure that the spec.local.path exists on the host.