To deploy a fault-tolerant cluster based on Kubernetes, consider the example of preliminary setup using the *.k8s.internal cluster and computers with corresponding IP addresses:
Main node:
k8s-master1.k8s.internal - <IP address master1>.
Work nodes:
k8s-worker1.k8s.internal - <IP address worker1>.
k8s-worker2.k8s.internal - <IP address worker2>.
k8s-worker3.k8s.internal - <IP address worker3>.
k8s-worker4.k8s.internal - <IP address worker4>.
IMPORTANT. To avoid the split-brain error, the number of main nodes should be uneven.
To execute preliminary cluster setup in Astra Linux OS, execute the operations on each cluster node:
Install additional packages apt-transport-https, curl, ca-certificates, gnupg-agent, software-properties-common, open-iscsi:
sudo apt-get update
sudo apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
open-iscsi \
software-properties-common
Add a Docker repository key:
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
echo "deb [arch=amd64] https://download.docker.com/linux/debian buster stable" | sudo tee /etc/apt/sources.list.d/docker.list
Install the Containerd containerization environment:
sudo apt-get update
sudo apt-get install containerd.io -y
Install the Kubernetes repository:
mkdir /etc/apt/keyrings/
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
Download and install the conntrack package for kubeadm:
wget http://ftp.de.debian.org/debian/pool/main/c/conntrack-tools/conntrack_1.4.5-2_amd64.deb
dpkg -i conntrack_1.4.5-2_amd64.deb
Update the list of repositories and install Kubernetes components:
apt-get update
apt-get install -y kubelet kubeadm kubectl
Enable the cri plugin in the containerization service (daemon). To do this, comment the string in the /etc/containerd/config.toml file:
#disabled_plugins = ["cri"]
Enable IPv4 package forwarding in the kernel:
echo '1' > /proc/sys/net/ipv4/ip_forward
sudo sh -c 'echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf'
Add additional modules for iptables:
modprobe br_netfilter
sudo sh -c 'echo "br_netfilter" >> /etc/modules-load.d/br_netfilter.conf'
After executing the operations the preliminary setup of the cluster is finished.
Next, install the Helm package manager on each node and initialize the Kubernetes cluster.
To install the Helm package manager on each main node:
curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3
chmod 700 get_helm.sh
./get_helm.sh
NOTE. Use the Helm package manager 3.5 or later.
See also:
Preparation and Deployment of Fault-Tolerant Cluster Based on Kubernetes | Initializing Kubernetes Cluster