[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

Microsoft Disappoints With Slower Cloud Revenue Forecast

Posted in News on Oct 31, 2024

Microsoft, a giant in the tech industry, recently posted quarterly earnings that exceeded market expectations, but its cloud revenue growth left investors less than impressed. The announcement highlighted a forecast for slower growth in Azure, Microsoft’s cloud computing platform, sparking concerns about the company’s ability to keep up with surging demand for AI services. This shift has implications not just for Microsoft’s revenue trajectory but also for its position in the competitive tech landscape. Here’s a closer look at what’s behind this surprising turn of events

OpenAI Just Announced New AI Features: Key Takeaways from DevDay

Posted in News on Oct 02, 2024

OpenAI has once again made headlines with a series of groundbreaking announcements at its recent developer event, DevDay. These updates promise to change the way developers and entrepreneurs build AI-powered products. Whether you're working on a new voice assistant or simply trying to optimize API usage, these new features will play a pivotal role in enhancing the performance and accessibility of AI technologies. In this article, we’ll break down everything you need to know about the new tools and capabilities OpenAI announced. From AI voice assistants to cutting-edge API updates, these innovations are setting the stage for the future of AI.

Breaking! NFTs Coming to Instagram-META-Facebook Mark Zuckerberg - 2022

Posted in News on Mar 24, 2022

NFTs Coming to Instagram Soon, Says META - Facebook CEO Mark Zuckerberg According to news reports, Zuckerberg said, “We’re working...

Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022

We are pleased to announce that Hosting by AliTech has won the CorporateVision's Global Business Award "Best Affordable Web Hosting Provider 2022 - Pakistan".

How an App on Your Smartwatch Could Help You Quit Smoking

Posted in News on Jan 02, 2025

Researchers at the University of Bristol have developed an innovative app for Android smartwatches to help smokers quit. The app detects specific hand movements associated with smoking and delivers supportive messages to the user, providing a gentle nudge to avoid lighting up

Is Microsoft Using Your Word Documents to Train AI?

Posted in News on Nov 27, 2024

Microsoft is facing allegations of using Word and Excel user data to train its AI models through a default-enabled feature called "Connected Experiences." While the company denies these claims, citing privacy safeguards, critics argue that the convoluted opt-out process and vague terms of service raise ethical concerns. This controversy highlights the tension between advancing AI technology and protecting user privacy, urging companies to adopt clearer policies and transparent communication.

Alibaba Cloud Completes 500 Petabyte Data Migration for Xiaohongshu

Posted in News on Nov 12, 2024

Explore the story behind China’s largest data migration as Alibaba Cloud completes a record-breaking 500-petabyte data migration for Xiaohongshu, China’s popular social media and lifestyle platform. Learn why this migration was necessary, how Alibaba Cloud handled complex challenges, and the lasting impact on both companies and China’s cloud industry. This in-depth article covers the technical, strategic, and future-focused aspects of this monumental project.

Amazon Workers Strike During Peak Holiday Season

Posted in News on Dec 20, 2024

Amazon workers, represented by the Teamsters union, launched a strike at multiple facilities during the peak holiday season, demanding better pay and working conditions. The walkout, which impacts delivery stations in cities like New York, Atlanta, and San Francisco, threatens delays for holiday packages as the company faces mounting pressure over labor practices

How to Protect Your Website from Malware and Viruses

Posted in News on Oct 07, 2024

In today's digital world, protecting your website from malware and viruses is crucial to maintaining its performance, security, and user trust. This guide covers essential strategies such as using strong passwords, enabling two-factor authentication, installing web application firewalls (WAF), and securing your site with SSL certificates. Regular updates, backups, and security audits are also key to preventing cyberattacks. Whether you're running a small blog or a large e-commerce site, these best practices will help you safeguard your website and keep it secure from malicious threats.

[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")

Posted on Jan 11, 2022

[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists") PROBLEM / ERROR: django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")

ValueError at / dictionary update sequence element #0 has length 1; 2 is required

Posted in Technical Solutions on Dec 20, 2021

ERROR: ValueError at / dictionary update sequence element #0 has length 1; 2 is required SOLUTION: This has a simple solution.

Hackers Hijacked Chrome Extensions to Inject Malicious Code

Posted in News on Dec 30, 2024

Hackers have hijacked at least 16 popular Chrome extensions, exposing over 600,000 users to potential data theft. The attack targeted known extensions through a phishing campaign, allowing attackers to inject malicious code that stole sensitive information such as cookies and session tokens. Cybersecurity experts have identified a wide range of affected extensions, including those related to AI tools, VPNs, and productivity. This breach highlights the vulnerability of browser extensions and the need for better security practices.

Gmail Users at Risk from AI-Powered Cyberattacks

Posted in News on Oct 14, 2024

In a rapidly evolving digital landscape, Gmail users are facing a new and alarming threat: AI-powered cyberattacks. These sophisticated scams leverage advanced technology to create realistic impersonations of Google support calls, tricking unsuspecting individuals into revealing personal information. This blog delves into the details of these AI-driven scams, sharing real-life accounts of victims and expert insights on how these tactics work. Through engaging narratives and practical advice, the blog aims to raise awareness about the importance of cybersecurity in the age of AI. Readers will learn how to identify suspicious communications, the significance of enabling robust security features, and essential steps to protect their accounts from phishing attempts. As cybercriminals continue to refine their techniques, staying informed and vigilant is more crucial than ever.

Comprehensive Guide to Choosing the Right Domain and Hosting Services for Startups

Posted in Uncategorized on Jul 01, 2024

In today’s digital landscape, choosing the right domain name and hosting services is crucial for startups aiming to establish a strong online presence. This comprehensive guide explores the importance of domain selection, optimal hosting solutions, and popular CMS platforms like WordPress, WooCommerce, Joomla, and more. Whether you're deploying NodeJS, Django, Ruby on Rails, React, or other frameworks, understanding these elements is essential for scalable growth and seamless user experiences.

Coursera is offering 9 free courses with Certificate on their 9th Birthday

Posted on Apr 15, 2021

Coursera is offering 9 free courses with Certificate on their 9th Birthday Earn a free certificate in one of 9 specially selected courses! This special offer* is available through April 30.

The Importance of Cybersecurity in the Modern World of Web Hosting and Domain Names

Posted in Uncategorized on Jul 15, 2024

In today's digital age, cybersecurity is vital for protecting web hosting and domain names from various threats such as malware, phishing attacks, and data breaches. This article explores the importance of cybersecurity, offering insights and actionable steps to safeguard your online presence.

The Impact of Server Location on Website Speed and SEO

Posted in Uncategorized on Jul 24, 2024

Choosing the right server location is crucial for optimizing website speed and improving SEO rankings. This article explores how server location affects load times, the benefits of using CDNs, and best practices for selecting the optimal server location to enhance both global and local website performance. Discover the impact of latency, data transfer rates, and regional targeting on your site's user experience and search engine visibility.

WordPress Hosting & Management

Posted on Nov 04, 2024

Choosing the right WordPress hosting service is one of the most critical decisions you’ll make when building a website. The hosting provider you select can impact your site’s speed, security, and reliability. With so many options available, understanding the different types of WordPress hosting can help you make an informed choice. This guide will delve into the various aspects of WordPress hosting and management, providing insights that can empower you to create a successful online presence.