[Tutorial] Installing Kubernetes Manually



[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat 
sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

or

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

or

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022



How an App on Your Smartwatch Could Help You Quit Smoking

Posted in News on Jan 02, 2025

Researchers at the University of Bristol have developed an innovative app for Android smartwatches to help smokers quit. The app detects specific hand movements associated with smoking and delivers supportive messages to the user, providing a gentle nudge to avoid lighting up



AliTech snippet featured on Google ☺️

Posted in News on Sep 06, 2020

AliTech snippet featured on Google ☺️



ACME now uses ZeroSSL, here is what you need to do for your CyberPanel

Posted in Technical Solutions on Jun 07, 2024

Learn how to set up ZeroSSL for your CyberPanel as ACME now requires email registration. Follow this step-by-step guide to ensure smooth SSL configuration.



[SOLVED / FIXED] LinkedIn Company Page Creation error : An error has occurred, please try again later. Learn more.

Posted on Jun 09, 2021

[FIXED] : LinkedIn Company Page Creation error : An error has occurred, please try again later. Learn more. [SOLUTION]: In order to create a Company Page in LinkedIn you will need to meet all the requirements below.



Chrome's 'Listen to this page' Now Lets You Hear Articles While Doing Other Tasks

Posted in News on Oct 21, 2024

Google Chrome has introduced an updated version of its "Listen to this page" feature, now allowing users to listen to web articles while multitasking. The new background playback feature ensures that audio continues even when switching apps or locking the phone, making it more convenient for busy users. This update, part of Chrome 130 for Android, includes enhanced controls, customizable voice options, and seamless integration with notifications for easy access. Perfect for professionals and users who prefer listening over reading, this feature boosts both accessibility and productivity.



WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024

WordPress cofounder Matt Mullenweg, along with Automattic, has moved to dismiss a lawsuit filed by WP Engine that alleges defamation, extortion, and trademark infringement. WP Engine’s claims arise from Mullenweg’s criticism of the company’s contributions to WordPress and his decision to restrict its access to WordPress.org resources. Mullenweg counters that WP Engine has no legal right to these resources, describing the company’s reliance on WordPress.org as a “risky decision” made without a backup plan. This high-stakes case has stirred concerns within the WordPress community about the implications for other developers and businesses relying on the platform’s open-source ecosystem.



Exploring OpenAI's New AI Models: o1-Preview and o1-Mini – A Leap Toward More Human-Like AI

Posted in News on Sep 13, 2024

OpenAI has just unveiled its highly anticipated models, o1-preview and o1-mini, marking a significant leap in AI technology. Known initially as "Strawberry," the o1-preview model is designed to mimic human-like reasoning by taking more time to process complex questions and deliver thoughtful answers. Alongside it, the o1-mini offers a faster, more cost-effective option for tasks requiring rapid problem-solving. This article delves into the features, performance, and potential applications of these groundbreaking models, exploring how they aim to redefine AI's role in academia, coding, and beyond



Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021

Ransomware attack forces web hosting provider Managed.com to take servers offline.



Comprehensive Guide to Choosing the Right Domain and Hosting Services for Startups

Posted in Uncategorized on Jul 01, 2024

In today’s digital landscape, choosing the right domain name and hosting services is crucial for startups aiming to establish a strong online presence. This comprehensive guide explores the importance of domain selection, optimal hosting solutions, and popular CMS platforms like WordPress, WooCommerce, Joomla, and more. Whether you're deploying NodeJS, Django, Ruby on Rails, React, or other frameworks, understanding these elements is essential for scalable growth and seamless user experiences.



Green Web Hosting: Eco-Friendly Solutions for a Sustainable Future

Posted in Uncategorized on Jul 22, 2024

Discover the benefits of green web hosting and how it can contribute to a more sustainable future. Green web hosting focuses on using energy-efficient technologies, renewable energy sources, and sustainable practices to minimize environmental impact. Learn why choosing an eco-friendly web host not only supports corporate social responsibility but also helps in reducing your carbon footprint. Explore how to select the right green web hosting provider and make a positive difference with your online presence.



WhatsApp Beta Users Face Green Screen Issue: Here’s How to Solve the Problem

Posted in Technical Solutions on Nov 11, 2024

WhatsApp beta users on Android are currently facing a frustrating green screen issue that makes their devices unresponsive when trying to open a chat. This bug is specifically affecting those on beta version 2.24.24.5, causing the screen to turn solid green and preventing access to messages. Fortunately, there are several solutions to this problem, from force-closing the app to switching back to the stable version. Discover how you can resolve this issue and get your WhatsApp back to normal.



Does your hosting provider has this performance?

Posted in News on Sep 12, 2020

Does your hosting provider has this performance? If no... you need to move now 🙂 https://hosting.alitech.uk



Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #LiteSpeed

Posted on Dec 28, 2021

Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #SFARPak This tutorial explains steps by steps how to Install Django in CyberPanel. The CyberPanel works on the LiteSpeed server which has the fastest performance compared to other servers like Apache & NGINX.



Tips For Minimizing Website Downtime

Posted in Technical Solutions on Jul 02, 2024

Learn effective strategies to minimize website downtime and ensure continuous online presence.



Automated Backup to GoogleDrive - CyberPanel - HostingbyAliTech

Posted in About Hosting by AliTech, Technical Solutions on Jul 18, 2021

Automated Backup to GoogleDrive - CyberPanel All the Hosting by AliTech customers have access to GoogleDrive Backups, here is what you need..



OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024

The recent update to OpenAI’s ChatGPT app for macOS introduces a transformative feature designed to enhance multitasking efficiency. This blog delves into the details of this update, exploring how it can streamline your workflow and improve overall productivity.



Firewall in Pakistan: Restricting Online Freedom and Access 2024

Posted in News on Aug 19, 2024

Pakistan's government is set to implement a nationwide firewall, sparking concerns about internet censorship and restrictions on online dissent. The firewall will monitor and control internet usage, targeting social media platforms and regulating VPNs. With a history of internet restrictions, this move raises questions about the future of free expression and democratic engagement in Pakistan. Key Points: Pakistan's national firewall will control access to social media platforms and monitor online activities The firewall aims to track and control internet usage, including VPNs Lack of transparency surrounding the project's scope and implications International concerns about the impact on freedom of expression and democratic principles Experts warn of potential risks to online privacy and security Read the full article to learn more about Pakistan's national firewall and its implications for internet freedom.



[SOLVED/FIXED] Python Django - crbug non-JS module files deprecated.

Posted in Technical Solutions on Feb 28, 2022

[SOLVED/FIXED] Python Django - crbug/1173575, non-JS module files deprecated. ERROR: ERR_TOO_MANY_REDIRECTS SOLUTION:




Other Blogs


How an App on Your Smartwatch Could Help You Quit Smoking

Posted in News on Jan 02, 2025 and updated on Jan 02, 2025

AliTech snippet featured on Google ☺️

Posted in News on Sep 06, 2020 and updated on Oct 23, 2020

Chrome's 'Listen to this page' Now Lets You Hear Articles While Doing Other Tasks

Posted in News on Oct 21, 2024 and updated on Oct 21, 2024

WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024 and updated on Nov 01, 2024

Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021 and updated on Mar 30, 2022

Green Web Hosting: Eco-Friendly Solutions for a Sustainable Future

Posted in Uncategorized on Jul 22, 2024 and updated on Jul 22, 2024

Does your hosting provider has this performance?

Posted in News on Sep 12, 2020 and updated on Oct 23, 2020

Tips For Minimizing Website Downtime

Posted in Technical Solutions on Jul 02, 2024 and updated on Jul 02, 2024

OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024 and updated on Aug 08, 2024

Firewall in Pakistan: Restricting Online Freedom and Access 2024

Posted in News on Aug 19, 2024 and updated on Aug 19, 2024







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons