[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

Top Cloud Service Providers in the World

Posted in Uncategorized on Sep 20, 2024

In today's digital age, cloud service providers are essential for businesses looking to enhance their IT infrastructure, improve scalability, and secure data. Leading platforms like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud dominate the market, each offering unique services and benefits tailored to various business needs. From AWS's extensive range of tools to Azure's seamless Microsoft integration and Google Cloud's powerful data analytics capabilities, organizations have ample options to choose from. This article explores the top cloud service providers, what they offer, and how to select the right one for your business.

LinkedIn's New AI Hiring Assistant: A Game-Changer for Recruiters?

Posted in Jobs, News on Oct 30, 2024

LinkedIn, the go-to social platform for professional networking, job hunting, and skill-building, has recently unveiled its latest venture into the world of artificial intelligence with a new tool called the “Hiring Assistant.” This powerful AI agent aims to revolutionize how companies find and hire talent by taking on repetitive recruitment tasks. But what exactly does the Hiring Assistant do, and how will it impact recruiters and candidates alike? Let's dive into the details of LinkedIn’s new AI-driven hiring solution.

Litespeed performance comparison

Posted in News on Sep 08, 2022

Our server supports Lite Speed webserver: With the power of LiteSpeed server your websites will have outclass performance see the difference. The benchmark shows the difference of Magneto performance on LiteSpeed server, Nginx & Apache.

Webcam Hacking and Stalking: Myth or Reality?

Posted in News on Dec 25, 2024

Webcam hacking is a growing concern in the digital world, with hackers exploiting vulnerabilities in webcams to gain unauthorized access to private spaces. But how real is this threat, and should you be worried? From phishing emails to malware and Trojan horse programs, hackers are using various techniques to breach webcams and invade individuals' privacy. With real-life cases of webcam hacking and stalking on the rise, it's essential to understand the risks and take precautions to protect your privacy and security.

Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #LiteSpeed

Posted on Dec 28, 2021

Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #SFARPak This tutorial explains steps by steps how to Install Django in CyberPanel. The CyberPanel works on the LiteSpeed server which has the fastest performance compared to other servers like Apache & NGINX.

[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL

Posted on Mar 27, 2022

[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL ERROR / PROBLEM: Starting the Python Shell in the terminal inside virtual environment.

How to Choose the Best Domain Name for Your Website

Posted in Uncategorized on Jul 09, 2024

Choosing a domain name is more than just picking a web address; it’s about creating your online identity. Your domain is the gateway to your website and plays a crucial role in how people perceive and remember your brand. It should be concise, relevant to your business, and easy to remember. In this guide, we’ll explore the key factors to consider when selecting a domain name, tips for making it memorable, and tools to help you find the perfect fit. Whether you’re starting a new venture or rebranding an existing one, choosing the right domain name is a pivotal step towards online success.

New XEC Covid Variant Spreads To 27 Countries: Here's What We Know So Far

Posted in News on Sep 18, 2024

The new Covid-19 variant, XEC, has been making waves since its initial discovery in Germany this June. A hybrid of the omicron subvariants KS.1.1 and KP.3.3, XEC has now been detected in 27 countries, with around 500 samples identified worldwide. This variant has shown a marked increase in transmissibility, leading scientists to monitor its spread closely. While symptoms of XEC resemble those of earlier variants—such as fever, sore throat, and body aches—existing vaccines are expected to provide strong protection against severe illness. With XEC potentially becoming the dominant strain this winter, staying updated with vaccinations and maintaining good hygiene practices are crucial for staying protected.

CES 2025: Everything You Need to Know About the Biggest Tech Show

Posted in News on Jan 03, 2025

CES 2025 is set to unveil groundbreaking innovations in technology, from AI advancements to the latest in electric vehicles and smart home devices. Industry leaders like Nvidia and AMD are expected to showcase their newest GPU technologies, while startups present revolutionary solutions for the future. This year, sustainability and AI-powered gadgets take center stage, offering a glimpse into the future of tech. Whether it's the next-gen display technologies, autonomous systems, or wellness trackers, CES 2025 promises to be a hub of excitement and new ideas that could redefine how we live and interact with technology.

Cheap Web Hosting in Pakistan: Your Ultimate Guide

Posted in Hosting Promotions on Jun 07, 2024

Looking for affordable web hosting solutions in Pakistan? Dive into our comprehensive guide to find the best options for your website without breaking the bank.

[SOLVED / FIXED] mysqlclient ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.

Posted on Jun 09, 2022

[SOLVED / FIXED] mysqlclient ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output.

Unlocking the Power of Cloud Web Hosting: A Comprehensive Guide

Posted in Uncategorized on Jun 24, 2024

Discover the benefits of cloud web hosting and how it can transform your online presence. Learn about the features, advantages, and top providers of cloud hosting, and find out how to get started with building your own website for free

AI-Generated Captions Come to Max via Google

Posted on Sep 25, 2024

Warner Bros. Discovery has partnered with Google to launch "Caption AI," an innovative tool that uses AI technology to automatically generate captions for unscripted programming on the Max streaming service. Built on Google’s Vertex AI platform, this collaboration aims to cut captioning costs by up to 50% and reduce production time by 80%. As the media industry increasingly embraces AI, this partnership highlights the potential of technology to streamline processes while maintaining quality and accuracy in content accessibility.

The Manifest Hails AliTech Solutions as one of the Most Reviewed IT Services Companies in Pakistan

Posted on Jun 09, 2022

The Manifest Hails AliTech Solutions as one of the Most Reviewed IT Services Companies in Pakistan A robust IT infrastructure is one of the key components of a company’s success in today’s digital landscape. Thankfully, there are companies like AliTech Solutions that can help you with your IT needs. We’ve been in the industry for a while now and our team has managed to help hundreds of clients achieve their goals through our services.

Green Web Hosting: Eco-Friendly Solutions for a Sustainable Future

Posted in Uncategorized on Jul 22, 2024

Discover the benefits of green web hosting and how it can contribute to a more sustainable future. Green web hosting focuses on using energy-efficient technologies, renewable energy sources, and sustainable practices to minimize environmental impact. Learn why choosing an eco-friendly web host not only supports corporate social responsibility but also helps in reducing your carbon footprint. Explore how to select the right green web hosting provider and make a positive difference with your online presence.

Infinix Launches Its First-Ever Foldable Phone, the Zero Flip

Posted in News on Sep 28, 2024

In the ever-evolving world of smartphones, the competition for innovative and cutting-edge technology has become fierce. Enter Infinix, a brand known for delivering value-packed devices at competitive prices. Recently, Infinix made headlines by launching its first-ever foldable phone, the Infinix Zero Flip, marking the company's debut into the foldable smartphone arena. At just $600, this phone offers a great balance of performance, features, and affordability. In this article, we'll break down everything you need to know about the Infinix Zero Flip—its specs, design, features, and why it's turning heads in the smartphone industry.