debian 10でk8s worker node をjoinするまでの作業メモ[containerd]

debian 10

boot from debian 10 ISO
<Installer GUI>

  • Lang English

  • location other - Asia - Japan

  • locale en_US.UTF-8

  • keymap Japanese

  • network conf eth0

  • hostname kubeworker3

  • root password

  • user account

disk partition

  • use entire disk (NO LVM)

  • delete swap and expand ext4

  • without swap , go back ? -> No

  • write changes ? -> Yes

  • mirror -> Japan deb.debian.org

  • proxy -> none

  • popularity-contest -> yes

Software

  • uncheck ALL
  • check ssh server
  • check standard system utilities

installation complete

after boot

from console
login as user

  • su -
  • apt install sudo vim
  • gpasswd -a username sudo
  • vi /etc/network/interfaces
iface eth0 inet static
address 192.168.10.x
netmask 255.255.255.0
gateway 192.168.10.1
dns-nameservers 192.168.10.1
  • reboot

ssh

  • ssh-copy-id 192.168.10.x

  • ssh 192.168.10.x

  • sudo apt install nfs-common

backport kernel

  • echo "deb http://deb.debian.org/debian buster-backports main contrib non-free" | sudo tee /etc/apt/sources.list.d/backports.list
  • sudo apt -t buster-backports install linux-image-amd64
  • sudo reboot

install containerd

https://kubernetes.io/ja/docs/setup/production-environment/container-runtimes/

  • sudo su -

  • apt install gnupg2

  • apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common

  • curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -

  • add-apt-repository
    "deb [arch=amd64] https://download.docker.com/linux/debian
    $(lsb_release -cs)
    stable"

  • apt-get update && apt-get install -y containerd.io

  • cat > /etc/modules-load.d/containerd.conf <<EOF
    overlay
    br_netfilter
    EOF

  • cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF
    net.bridge.bridge-nf-call-iptables = 1
    net.ipv4.ip_forward = 1
    net.bridge.bridge-nf-call-ip6tables = 1
    EOF

  • sysctl --system

  • mkdir -p /etc/containerd

  • containerd config default > /etc/containerd/config.toml

  • systemctl restart containerd

install kubeadm

  • sudo su -

  • cat < /etc/sysctl.d/k8s.conf
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
    EOF

  • sudo apt-get install -y iptables arptables ebtables

  • sudo update-alternatives --set iptables /usr/sbin/iptables-legacy

  • sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

  • sudo update-alternatives --set arptables /usr/sbin/arptables-legacy

  • sudo update-alternatives --set ebtables /usr/sbin/ebtables-legacy

  • sudo apt-get update && sudo apt-get install -y apt-transport-https curl

  • curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

  • cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list
    deb https://apt.kubernetes.io/ kubernetes-xenial main
    EOF

  • sudo apt-get update

  • sudo apt-get install -y kubelet kubeadm kubectl

  • sudo apt-mark hold kubelet kubeadm kubectl

  • reboot

join

  • kubeadm token create --print-join-command
  • kubeadm join 192.168.10.x:6443 --token aaaaa.2on657o4347ka7lp --discovery-token-ca-cert-hash sha256:efe45c57b63e7d19b41f6262e0bd2fb1bae5f0f80b002d9d9448adc8725a8cc1
comments powered by Disqus