debian 10でk8s worker node をjoinするまでの作業メモ[containerd]

debian 10

boot from debian 10 ISO

<Installer GUI>

Lang English

location other - Asia - Japan

locale en_US.UTF-8

keymap Japanese

network conf eth0

hostname kubeworker3

root password

user account

disk partition

use entire disk (NO LVM)

delete swap and expand ext4

without swap , go back ? -> No

write changes ? -> Yes

mirror -> Japan deb.debian.org

proxy -> none

popularity-contest -> yes

Software

  • uncheck ALL
  • check ssh server
  • check standard system utilities

installation complete

after boot

from console

login as user

  • su -
  • apt install sudo vim
  • gpasswd -a username sudo
  • vi /etc/network/interfaces
`iface eth0 inet static
address 192.168.10.x
netmask 255.255.255.0
gateway 192.168.10.1
dns-nameservers 192.168.10.1
  • reboot

ssh

ssh-copy-id 192.168.10.x

ssh 192.168.10.x

sudo apt install nfs-common

backport kernel

  • echo “deb http://deb.debian.org/debian buster-backports main contrib non-free” | sudo tee /etc/apt/sources.list.d/backports.list
  • sudo apt -t buster-backports install linux-image-amd64
  • sudo reboot

install containerd

https://kubernetes.io/ja/docs/setup/production-environment/container-runtimes/

sudo su -

apt install gnupg2

apt-get update && apt-get install -y apt-transport-https ca-certificates curl software-properties-common

curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -

add-apt-repository

“deb [arch=amd64] https://download.docker.com/linux/debian

$(lsb_release -cs)

stable”

apt-get update && apt-get install -y containerd.io

cat > /etc/modules-load.d/containerd.conf «EOF

overlay

br_netfilter

EOF

cat > /etc/sysctl.d/99-kubernetes-cri.conf «EOF

net.bridge.bridge-nf-call-iptables = 1

net.ipv4.ip_forward = 1

net.bridge.bridge-nf-call-ip6tables = 1

EOF

sysctl –system

mkdir -p /etc/containerd

containerd config default > /etc/containerd/config.toml

systemctl restart containerd

install kubeadm

sudo su -

cat «EOF > /etc/sysctl.d/k8s.conf

net.bridge.bridge-nf-call-ip6tables = 1

net.bridge.bridge-nf-call-iptables = 1

EOF

sudo apt-get install -y iptables arptables ebtables

sudo update-alternatives –set iptables /usr/sbin/iptables-legacy

sudo update-alternatives –set ip6tables /usr/sbin/ip6tables-legacy

sudo update-alternatives –set arptables /usr/sbin/arptables-legacy

sudo update-alternatives –set ebtables /usr/sbin/ebtables-legacy

sudo apt-get update && sudo apt-get install -y apt-transport-https curl

curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

cat «EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list

deb https://apt.kubernetes.io/ kubernetes-xenial main

EOF

sudo apt-get update

sudo apt-get install -y kubelet kubeadm kubectl

sudo apt-mark hold kubelet kubeadm kubectl

reboot

join

  • kubeadm token create –print-join-command
  • kubeadm join 192.168.10.x:6443 –token aaaaa.2on657o4347ka7lp –discovery-token-ca-cert-hash sha256:efe45c57b63e7d19b41f6262e0bd2fb1bae5f0f80b002d9d9448adc8725a8cc1