[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

ChatGPT Project Strawberry: What We Know About OpenAI’s Reasoning AI

Posted in News on Sep 12, 2024

As the world of AI continues to evolve, OpenAI remains at the forefront with exciting new developments. One of the most anticipated projects on the horizon is Project Strawberry—a groundbreaking AI model focused on enhanced reasoning capabilities. Set to launch soon, Project Strawberry aims to push the boundaries of what AI can achieve, particularly in handling complex tasks and multi-step problem solving. While we are still piecing together the full details, here’s everything we know so far about OpenAI’s latest innovation.

Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024

Find the best web hosting service for your website in 2024! Compare top hosting providers like HostGator, Bluehost, and DreamHost, and discover the benefits of cloud-powered hosting with Hosting by AliTech. Limited time offer: Get up to 33.3% off your hosting plan with Hosting by AliTech!

Where AliTech is located in Pakistan?

Posted in About Hosting by AliTech on Jan 15, 2021

AliTech is providing Future Tech Services, it is all about technology, Web Hosting, Cloud, Artificial Intelligence (AI). AliTech Services: Cloud Powered Hosting by AliTech Cloud Technology E-commerce E-mail Services Configuration Support Backup & Storage Services Security

AliTech Python Django Hosting: Unleash Extreme Performance for Your Web Projects

Posted in About Hosting by AliTech on Aug 21, 2024

Discover why AliTech's Python Django Hosting stands out for developers seeking extreme performance and reliability. With plans featuring SSD storage, instant provisioning, and guaranteed resources, AliTech provides the ideal environment for your Django applications. Whether you're starting with the Bronze plan or scaling up to Titanium, explore how AliTech’s hosting solutions offer unmatched speed, flexibility, and control to power your web projects.

The Ultimate Guide to Top Web Hosting Features in 2024

Posted in Uncategorized on Sep 19, 2024

In 2024, web hosting is about more than just storing your website; it's about providing a solid foundation for online success. To achieve this, consider key features such as speed and performance, security, scalability, and reliability. A fast website is crucial, with SSD storage, LiteSpeed or Nginx servers, and Content Delivery Networks (CDNs) playing vital roles. Security measures like SSL certificates, regular backups, and firewalls are also essential. Scalability options, user-friendly control panels, and reliable customer support further enhance your hosting experience.

Top 10 Tools to Boost Your Remote Work Productivity in 2024

Posted in Uncategorized on Jul 23, 2024

Discover the top 10 essential tools and apps that will transform your remote work experience. From streamlining project management with Asana and Trello to enhancing communication with Slack and Microsoft Teams, this guide covers everything you need to stay productive and connected. Explore cloud storage solutions like Google Drive and Dropbox, time tracking apps such as Toggl Track and Clockify, and focus tools like Freedom and Forest. Plus, find out how password managers, scheduling tools, and wellbeing apps can support your remote work journey. Elevate your productivity and make the most of your remote work setup with these top picks for 2024.

25 AI Tips to Boost Your Programming Productivity with ChatGPT

Posted in News on Nov 19, 2024

In today’s fast-paced programming environment, efficiency is key. With tools like ChatGPT, coding can become faster, smoother, and more effective. Think of AI as a trusty power tool in your development toolkit—it doesn’t build the project for you, but it makes the process much easier. Below, I’ll share 25 actionable tips to leverage ChatGPT and significantly enhance your programming productivity.

Hosting by AliTech listed in topmillion.net

Posted in About Hosting by AliTech, News on Feb 08, 2021

Top million domains by Alexa Hosting by AliTech listed in http://www.topmillion.net/domain-list-377

Elon Musk’s xAI Plans to Create Video Games with an AI-Driven Studio

Posted in News on Nov 28, 2024

Elon Musk is expanding xAI's focus by venturing into video game development, aiming to challenge industry norms he finds overly corporate and politically influenced. Leveraging generative AI, Musk envisions creating innovative, immersive games while reducing development costs and timelines. With a deep-rooted passion for gaming and access to significant AI resources, Musk's bold initiative seeks to redefine game development, though it faces challenges in competing with established studios and navigating the high costs of AAA production.

AliTech snippet featured on Google ☺️

Posted in News on Sep 06, 2020

AliTech snippet featured on Google ☺️

Apple Is Developing a Doorbell That Unlocks With Your Face, Report Says

Posted in News on Dec 24, 2024

Apple is reportedly developing a revolutionary smart doorbell with Face ID, allowing it to unlock your door by recognizing your face. This innovative device is expected to integrate seamlessly with Apple's growing smart home ecosystem, including upcoming security cameras and a new smart home hub. With a potential release date in late 2025, Apple aims to challenge Amazon and Google in the smart home market by prioritizing privacy and user experience.

[SOLVED / FIXED] DataError: (1406, "Data too long for column 'name' at row 1")

Posted in Technical Solutions on Sep 14, 2022

DataError: (1406, "Data too long for column 'name' at row 1") Error: DataError: (1406, "Data too long for column 'name' at row 1") Problem Statement: When creating a Slug in Django Model with Slugify this error populates. Solution:

Ultimate Guide to Web Hosting and Domain Services: Everything You Need to Know

Posted in Uncategorized on Jun 28, 2024

Discover the ultimate guide to web hosting and domain services. Learn about domain name registration, secure WordPress hosting, dedicated Windows server hosting, and more. Find the best web hosting providers and services for your business needs

Automated Backup to GoogleDrive - CyberPanel - HostingbyAliTech

Posted in About Hosting by AliTech, Technical Solutions on Jul 18, 2021

Automated Backup to GoogleDrive - CyberPanel All the Hosting by AliTech customers have access to GoogleDrive Backups, here is what you need..

FishXProxy Researchers Discovered a New Phishing Kit on the Dark Web

Posted in Uncategorized on Jul 31, 2024

In today's digital age, phishing remains a prominent cybersecurity threat, where attackers impersonate trusted entities to steal sensitive information from unsuspecting individuals. This form of cybercrime can take various shapes, including phishing emails, smishing text messages, and vishing phone calls. Each method aims to deceive victims into divulging personal or financial details. Identity theft, a severe consequence of phishing, involves the unauthorized use of someone’s personal data, leading to potential financial loss and other serious repercussions. To safeguard against these threats, it is essential to ensure that online transactions and communications are conducted on secure platforms, identifiable by "https" in the URL and a padlock icon. Staying informed about these threats and practicing good security habits are key to protecting yourself in the digital world.

Domain Name: Your Gateway to Online Success

Posted in Uncategorized on Jul 03, 2024

A domain name is more than just an address on the internet; it's a crucial part of your online identity. This comprehensive guide covers everything you need to know about domain names, from choosing the right one to understanding its impact on your branding and SEO. Learn about different types of domains, how to register and protect them, and the future trends in the domain landscape. Discover the secrets to selecting a memorable and relevant domain name that will set you up for online success.

[SOLVED / FIXED] | Can't type in search bar Windows 10

Posted in Technical Solutions on Apr 01, 2021

[SOLVED / FIXED] | Cant type in search bar windows 10. Issue: When you type into search box in Windows 10 it doesn't write. Also similar issue when you type in Windows 10 settings you can't write.

Google Gemini’s Memory Feature: Personalizing AI Interactions

Posted in News on Nov 21, 2024

Google Gemini's new memory feature takes AI personalization to the next level. By allowing users to input specific preferences and details, Gemini tailors its responses to better suit individual needs. Whether it's adjusting to dietary requirements or prioritizing professional interests, this feature offers a more relevant and engaging experience. Unlike other AI systems, Gemini gives users full control over what information is remembered, ensuring privacy and transparency. Available to subscribers of the Google One AI Premium plan, this feature is set to redefine how we interact with AI chatbots.