Setting up new node!
• Mark Eschbach
In an effort to reduce thermal load on my AC and increase efficiency I am aiming to replace a control plane node. If life this probably had been done yesterday :-D. Anyway, I got a Hunsn RJ03 device to replace an aging Athlon FX chip from 2012.
Ubuntu Server 22.04.1 is installed. Now time to get it to be a member of the control plane!
Ideally I would find a decent configuration management system. Honestly I have used many professionally however they just never feel right. Love something like Terraform but for machine configuration management and better syntax.
Installing containerd
In my forgetfulness I totally forgot how I did it a few months ago. Ah! Followed Option #2 of the officall install guide which is using Docker’s apt repo to get it done.
sudo apt-get install \
ca-certificates \
curl \
gnupg \
lsb-release
sudo mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install containerd.io
echo configure ContainerD
containerd config default | sudo tee /etc/containerd/config.toml
sudo sed -i 's/SystemdCgroup\w=\wfalse/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
echo Install KubeAdm and associated k8s bins
echo see https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/
sudo apt-get install -y apt-transport-https
sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg
echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubeadm=1.24.2-00 kubectl=1.24.2-00 kubelet=1.24.2-00
echo disable swap
sudo swapoff -a
sudo sed -i '/\tswap\t/ s/^\(.*\)$/#\1/g' /etc/fstab
sudo rm /swap.img
echo enable packet forwarding
modprobe br-netfilter
echo "br-netfilter" | sudo tee -a /etc/modules-load.d/modules.conf
sudo tee /etc/sysctl.d/99-k8s.conf <<EOF
net.bridge.bridge-nf-call-iptables=1
net.ipv4.ip_forward=1
net.bridge.bridge-nf-call-ip6tables=0
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6=1
EOF
sudo sysctl --system
From here I ran kubeadm init phase upload-certs --upload-certs
and sudo kubeadm token create --print-join-command
on the bootstrap node. Taking the output of token create
and appending --control-plane --certificate-key {key}
.
Node took a few minutes to come online, then had the following taints:
node-role.kubernetes.io/master:NoSchedule
node-role.kubernetes.io/control-plane:NoSchedule
And the node is up and running!
Things I punted on
- Enabling
blkio
cgroups. This looked in depth and really I need this across the entire stack anyway.