[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

[SOLVED / FIXED ] ModuleNotFoundError: No module named 'setuptools_rust'

Posted in Technical Solutions on Apr 09, 2022

[SOLVED / FIXED ] ModuleNotFoundError: No module named 'setuptools_rust' Error: While installing docker-compose the following error can come up: ModuleNotFoundError: No module named 'setuptools_rust'

[SOLVED / FIXED] LinkedIn Company Page Creation error : An error has occurred, please try again later. Learn more.

Posted on Jun 09, 2021

[FIXED] : LinkedIn Company Page Creation error : An error has occurred, please try again later. Learn more. [SOLUTION]: In order to create a Company Page in LinkedIn you will need to meet all the requirements below.

The Impact of Server Location on Website Speed and SEO

Posted in Uncategorized on Jul 24, 2024

Choosing the right server location is crucial for optimizing website speed and improving SEO rankings. This article explores how server location affects load times, the benefits of using CDNs, and best practices for selecting the optimal server location to enhance both global and local website performance. Discover the impact of latency, data transfer rates, and regional targeting on your site's user experience and search engine visibility.

11 Million Devices Infected with Botnet Malware Hosted in Google Play: A Detailed Overview

Posted in News on Sep 24, 2024

Recently, Necro malware has made headlines after infecting over 11 million devices through seemingly legitimate apps on Google Play, such as Wuta Camera and Max Browser. This malware utilizes advanced techniques like steganography, embedding malicious code within harmless-looking files to evade detection. Its modular design allows it to perform various malicious actions, including displaying intrusive ads and facilitating subscription fraud without users' knowledge. With the alarming resurgence of Necro, it’s crucial for users to remain vigilant, regularly update their security measures, and uninstall any suspicious applications to protect their devices from this sophisticated threat.

CyberPanel Docker Integration - Superb - 2022

Posted in Technical Solutions on Mar 04, 2022

CyberPanel Docker Integration | SFARPak #SFARPak If you like my work please subscribe, share & comment.

Domain Name: Your Gateway to Online Success

Posted in Uncategorized on Jul 03, 2024

A domain name is more than just an address on the internet; it's a crucial part of your online identity. This comprehensive guide covers everything you need to know about domain names, from choosing the right one to understanding its impact on your branding and SEO. Learn about different types of domains, how to register and protect them, and the future trends in the domain landscape. Discover the secrets to selecting a memorable and relevant domain name that will set you up for online success.

Khan Academy Brings AI Tutor 'Khanmigo' to Pakistan: Revolutionizing Education

Posted in News on Dec 27, 2024

Khan Academy Pakistan (KAP) has launched an innovative AI-powered tutor, Khanmigo, to revolutionize education in Pakistan. This cutting-edge tool aims to enhance student learning and provide crucial support to teachers. With personalized assistance for students and resources like automated lesson planning for teachers, Khanmigo is set to address Pakistan’s educational challenges. The tool is available in multiple languages, ensuring accessibility across diverse regions. By offering world-class, localized education, Khan Academy Pakistan is helping bridge gaps in literacy, numeracy, and access to quality education for millions of students across the country.

[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed

Posted in Technical Solutions on Jul 17, 2022

[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed

How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64

Posted in Technical Solutions on Jun 29, 2022

How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64

The Pros and Cons of Using a Free Web Hosting Service

Posted in Uncategorized on Jul 26, 2024

Choosing the right web hosting service is crucial for your online presence. Free web hosting might seem appealing, especially for startups and personal projects, but it's important to weigh its benefits and drawbacks. While cost-effective and user-friendly, free web hosting often comes with limitations in resources, performance, and security. Understanding these pros and cons can help you decide if free web hosting is the right choice for your website.

Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024

In recent cybersecurity news, the emergence of the "Sitting Ducks" attack has posed a significant threat to domain name owners, exposing vulnerabilities in the Domain Name System (DNS) that can lead to severe security breaches. This comprehensive guide will delve into the intricacies of these attacks, their impact, and effective strategies for prevention.

CES 2025: Everything You Need to Know About the Biggest Tech Show

Posted in News on Jan 03, 2025

CES 2025 is set to unveil groundbreaking innovations in technology, from AI advancements to the latest in electric vehicles and smart home devices. Industry leaders like Nvidia and AMD are expected to showcase their newest GPU technologies, while startups present revolutionary solutions for the future. This year, sustainability and AI-powered gadgets take center stage, offering a glimpse into the future of tech. Whether it's the next-gen display technologies, autonomous systems, or wellness trackers, CES 2025 promises to be a hub of excitement and new ideas that could redefine how we live and interact with technology.

Amazon Brings Generative AI-Powered Recaps to Prime Video

Posted in News on Nov 05, 2024

Amazon Prime Video has launched X-Ray Recaps, an AI-driven feature that gives viewers quick, spoiler-free summaries of TV episodes or entire seasons. Initially available for U.S. Fire TV users, the feature helps viewers catch up on plot points without revealing future events. Powered by Amazon's AI technology, including Amazon Bedrock and SageMaker, X-Ray Recaps expands on Prime Video’s X-Ray feature, which provides cast info and trivia, by offering precise, real-time plot recaps at any point during viewing.

YouTube is Now Letting Creators Remix Songs through AI Prompting

Posted in News on Nov 13, 2024

YouTube has introduced an innovative feature for select creators, allowing them to remix songs using AI technology. By simply describing the style or mood they envision, creators can generate unique 30-second soundtracks with reimagined elements, making it perfect for short-form content like YouTube Shorts. This feature, known as Dream Track, leverages AI to modify vocals from artists such as Charlie Puth and Demi Lovato, all while ensuring that the core essence of the original song is preserved. With this tool, YouTube is enhancing creative possibilities while maintaining copyright compliance through partnerships with music labels like Universal Music Group. As this technology evolves, it promises to transform music use on social media, giving creators fresh ways to connect with their audiences

Metro-Goldwyn-Mayer (MGM) Inks Cloud Computing Deal With Amazon in Search for "New Revenue Opportunities"

Posted in News on Feb 09, 2021

MGM (a private company) is set to move all of its content to Amazon’s cloud and use the tech giant’s software to modernize its media supply chain. Metro Goldwyn Mayer has signed a cloud computing agreement with Amazon Web Services to move its content and distribution efforts to the tech giant’s cloud. The James Bond studio is set to move all of its content to Amazon's cloud and use the tech giant's software to modernize its media supply chain.

OpenAI Bought the Web Domain Chat.com: Did OpenAI Just Spend More Than $10 Million on a URL?

Posted in News on Nov 07, 2024

OpenAI recently acquired Chat.com, which now redirects to ChatGPT, enhancing its brand visibility and accessibility. Previously owned by Dharmesh Shah, who bought it for $15.5 million, the domain likely sold to OpenAI for an even higher price. This strategic purchase underscores OpenAI’s commitment to making AI tools more accessible and reflects the growing importance of conversational AI in modern technology.

The Future of AI and Cloud Computing: A Global Perspective

Posted on Oct 03, 2024

Cloud computing and artificial intelligence (AI) are transforming the technological landscape at an unprecedented pace. These two forces have become vital for businesses aiming to scale, innovate, and stay competitive in a digital-first world. As major corporations like Microsoft, Google, and Oracle make significant investments in cloud infrastructure and AI capabilities, it's clear that these technologies will shape the future of industries worldwide. In this article, we'll dive deep into the latest developments in AI and cloud computing, with a focus on global investments, emerging technologies, and the impact on businesses across different regions.

Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024

Explore the differences between .org and .com domain extensions and decide which is best for your website. Understand their unique purposes, availability, and implications for your online presence.