[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

Automated Backup to GoogleDrive - CyberPanel - HostingbyAliTech

Posted in About Hosting by AliTech, Technical Solutions on Jul 18, 2021

Automated Backup to GoogleDrive - CyberPanel All the Hosting by AliTech customers have access to GoogleDrive Backups, here is what you need..

Galaxy S10 Phones Bricked by Recent Update, Samsung Quickly Offers a Fix

Posted on Oct 04, 2024

The recent Samsung update has caused severe problems for many Galaxy S10 and Note 10 owners, leaving their devices bricked and forcing users to seek urgent solutions. The update, designed to improve functionality, has instead resulted in a widespread issue that has thrown affected phones into an endless boot loop. Fortunately, Samsung was quick to respond with a fix, but users are still grappling with the impact.

Google’s $2.7 Billion Move to Rehire AI Genius: Noam Shazeer's Return to the Search Giant

Posted in News on Sep 26, 2024

In the rapidly evolving landscape of Artificial Intelligence, Noam Shazeer's return to Google in a staggering $2.7 billion deal marks a significant turning point. Once a key player at Google, Shazeer left in frustration over the company's cautious approach to AI innovation. He co-founded Character.AI, which achieved remarkable success in creating conversational agents. However, as competition in AI intensified, Google recognized the value of Shazeer's expertise and technology, leading to a strategic acquisition aimed at revitalizing its AI capabilities. His role in developing Gemini, Google’s next-gen AI model, could redefine the company's position in the fiercely competitive AI market.

[SOLVED / FIXED ] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

Posted in Technical Solutions on Feb 01, 2021

[SOLVED] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

AliTech WordPress Hosting: Unmatched Performance for Your WordPress Sites 2024

Posted in About Hosting by AliTech on Aug 22, 2024

Explore the benefits of AliTech WordPress Hosting, designed for extreme performance and reliability. With SSD storage, instant provisioning, and guaranteed resources, AliTech offers tailored hosting solutions to meet the needs of any WordPress site. Whether you're starting with the Bronze plan or scaling up to Titanium, discover how AliTech provides the power and flexibility to keep your site running smoothly and efficiently.

Green Web Hosting: Eco-Friendly Solutions for a Sustainable Future

Posted in Uncategorized on Jul 22, 2024

Discover the benefits of green web hosting and how it can contribute to a more sustainable future. Green web hosting focuses on using energy-efficient technologies, renewable energy sources, and sustainable practices to minimize environmental impact. Learn why choosing an eco-friendly web host not only supports corporate social responsibility but also helps in reducing your carbon footprint. Explore how to select the right green web hosting provider and make a positive difference with your online presence.

How to Protect Your Website from Malware and Viruses

Posted in News on Oct 07, 2024

In today's digital world, protecting your website from malware and viruses is crucial to maintaining its performance, security, and user trust. This guide covers essential strategies such as using strong passwords, enabling two-factor authentication, installing web application firewalls (WAF), and securing your site with SSL certificates. Regular updates, backups, and security audits are also key to preventing cyberattacks. Whether you're running a small blog or a large e-commerce site, these best practices will help you safeguard your website and keep it secure from malicious threats.

How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64

Posted in Technical Solutions on Jun 29, 2022

How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64

Qualcomm's Snapdragon 8 Elite: A Game Changer in Mobile Processing

Posted in News on Oct 22, 2024

Qualcomm has unveiled its Snapdragon 8 Elite chip, marking a significant advancement in mobile technology. This new chip features the custom-designed Oryon CPU, built on a 3nm process node, which provides a 45% increase in performance compared to its predecessor, the Snapdragon 8 Gen 3, while consuming 27% less power. For gamers, the Snapdragon 8 Elite promises a 40% boost in gaming performance, enabling smoother graphics and faster response times. Enhanced AI capabilities mean improved photography and smarter app interactions, making low-light shots and real-time image processing much more effective. With new smartphones from brands like Samsung and OnePlus set to launch soon, the Snapdragon 8 Elite is set to redefine the mobile experience, offering users unprecedented power and efficiency.

Tips for Changing Python Django Superuser Password

Posted in Technical Solutions on Jun 07, 2024

Tips for Changing Python Django Superuser Password

Exploring OpenAI's New AI Models: o1-Preview and o1-Mini – A Leap Toward More Human-Like AI

Posted in News on Sep 13, 2024

OpenAI has just unveiled its highly anticipated models, o1-preview and o1-mini, marking a significant leap in AI technology. Known initially as "Strawberry," the o1-preview model is designed to mimic human-like reasoning by taking more time to process complex questions and deliver thoughtful answers. Alongside it, the o1-mini offers a faster, more cost-effective option for tasks requiring rapid problem-solving. This article delves into the features, performance, and potential applications of these groundbreaking models, exploring how they aim to redefine AI's role in academia, coding, and beyond

New Samsung Update Warning for Millions of Galaxy Owners: Check Your Phone Now

Posted in News on Oct 28, 2024

Samsung Galaxy owners are facing increased security risks due to delayed software updates and newly discovered vulnerabilities. October's security patch addressed some critical threats, particularly for devices using Exynos processors, but a new vulnerability in Qualcomm chipsets has emerged. Galaxy users should urgently update their devices to protect personal data from unauthorized access. In this blog, learn about Samsung's latest security concerns, including Amnesty International's warnings on targeted attacks and CISA's latest updates. Staying proactive with software updates is essential to keep your device secure in today’s digital landscape.

Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021

Ransomware attack forces web hosting provider Managed.com to take servers offline.

Mastering WooCommerce SEO: A Complete Guide to Optimize Your Online Store

Posted on Dec 05, 2024

Discover the ultimate guide to WooCommerce SEO and learn how to optimize your online store for better visibility, increased traffic, and higher sales with proven strategies and tools

Everything You Need to Know About Meta Connect 2024

Posted in News on Sep 23, 2024

Meta Connect 2024, happening from September 25 to 26, promises to be a groundbreaking event in the world of augmented and virtual reality. Attendees can expect exciting announcements, including the anticipated Quest 3S headset, which aims to offer a more affordable VR experience, and the innovative Orion AR glasses designed for seamless augmented reality interactions. In addition to hardware, the conference will highlight advancements in artificial intelligence, potentially unveiling an upgraded version of the Llama language model to enhance user experiences across Meta’s platforms. With live-streamed keynotes and developer sessions, Meta Connect 2024 is set to shape the future of technology and the metaverse, making it a must-watch event for enthusiasts and developers alike.

[SOLVED / FIXED] Django Rest Framework - Missing Static Directory

Posted in Technical Solutions on Jun 27, 2022

Used these static and media settings in settings.py STATIC_ROOT = os.path.join(BASE_DIR, 'public/static') STATIC_URL = '/static/' MEDIA_ROOT = os.path.join(BASE_DIR, 'public/media') MEDIA_URL = '/media/' and python manage.py collectstatic

World of Quantum Computing and Its Effects on Web Hosting and Domain Names

Posted in Uncategorized on Jul 11, 2024

Quantum computing is no longer a concept confined to the realm of theoretical physics; it has entered the mainstream, promising to revolutionize various industries. Among these, web hosting and domain name management stand to benefit significantly from the advancements in quantum computing. Quantum computers can process large datasets more efficiently, enabling faster data retrieval and processing. This can significantly reduce the time it takes to load websites, improving the overall user experience. Moreover, quantum encryption techniques offer enhanced protection, ensuring that sensitive data transmitted over the internet remains secure from cyber threats. As quantum computing continues to evolve, it is set to transform web hosting and domain management, making them more efficient, secure, and reliable.

80% of Software Engineers Could Lose Jobs to AI if They Don’t Upskill, Gartner Analysts Warn

Posted in News on Oct 15, 2024

Artificial Intelligence (AI) is reshaping the software engineering landscape, with Gartner predicting that 80% of software engineers will need to upskill by 2027 to stay relevant. AI tools are automating repetitive tasks, allowing engineers to focus on more creative work. However, as AI becomes more advanced, it will take over many coding tasks, making it essential for engineers to learn new skills in AI, machine learning, and data engineering. Those who adapt will thrive, while those who don’t risk being left behind in this rapidly changing industry.

[SOLVED / FIXED ] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

Posted in Technical Solutions on Feb 01, 2021 and updated on Jul 28, 2021

[SOLVED / FIXED ] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

Posted in Technical Solutions on Feb 01, 2021

[SOLVED / FIXED ] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

Posted in Technical Solutions on Feb 01, 2021

Comments

Please sign in to comment!

[Tutorial] Installing Kubernetes Manually