Bootstrapping a Cluster with kubeadm
In this lesson you’ll learn about kubeadm, a tool for bootstrapping best practices Kubernetes clusters from existing infrastructure.
Scott Lowe is an architect in the Cloud Native Apps Business Unit, having rejoined VMware as part of the Heptio acquisition.View Profile
- Creating a single control-plane cluster with kubeadm
- Installing kubeadm
- Creating highly-available clusters with kubeadm
- Read Transcript
Good afternoon, everyone. My name is Scott Lowe, and I work on Kubernetes in the Cloud Native Apps Business Unit at VMware. Today I’d like to talk to you about bootstrapping or establishing a Kubernetes cluster using Kubeadm, a tool created by the Kubernetes community, that’s designed to create best practices conformant Kubernetes clusters quickly and easily.
Today we’re going to walk through what you see on your screen in the browser here. That is the process for creating a two-node Kubernetes cluster, one control plane node and one worker node.
Now, in fact, let’s go ahead and kick off that process, and then I’ll come back to this webpage to show you some of the other things that Kubeadm is capable of doing.
So let’s switch to our terminal. Here in the terminal. Let’s start out by establishing an SSH session to the AWS EC2 instance where we’re going to run Kubeadm today.
And so we’re going to run Sudo, which is required by Kubeadm, are going to run a knit, and then I know that my CNI plugin does require this particular flag, which I could have encoded in a configuration file. I’ll show you one of those in a moment. But for the purposes of this demonstration, let’s just do it here. And I’ll press enter and it’s going to go off and do what it’s going to do. So let’s switch back to the browser talking about Kubeadm and you can see it’s capable of doing a lot of things and that’s because Kubeadm was designed as a building block. Now you’ll need to bring your own infrastructure. Kubeadm doesn’t create infrastructure for you, and you’ll need to make sure that any operating system instances that you’re going to use already have all the necessary packages installed, so it doesn’t do that for you as well.
Both of those things of course, can be easily automated using tools like Terraform or Ansible. But that’s part of the methodology or the mindset behind Kubeadm is that it’s a building block designed to be combined with other tools and other techniques that customers regularly use. You see from looking at this list down the side, we can do lots of other things with Kubeadm. we can for example, not only create a single node control playing clusters like what we’re doing here, but we can also create highly available clusters with Kubeadm. And the Kubeadm supports both stacked control plane configurations, and as you can see here, where etcd is running on the control plane nodes, or you can run with dedicated etcd nodes, and the control plane components running on separate systems like here. So it’s a very flexible, very powerful tool.
A lot of it is captured in configuration files, which I’ll show you in a moment, but first we want to drop back to our terminal so we can see that the first node that we kicked off has already finished. So you can see here we run our command, it’s finished, it’s gone through all of its stages, done all the things that it needs to do. So we’re just going to copy these commands here to enable us to access the cluster that we just created. And all we’re simply doing is creating a directory to store the cube config files. And then we’re copying a cube config file generated by Kubeadm into that directory. But because Kubeadm was run with Sudo access, which is required, the command, or the file in question, the cube config file in question is owned by Root, we have to copy it and then change the ownership. So now that we’ve done that, let’s run getNodes.
And you can see that we see the master here, the control plane node, it’s up and running. It’s running version 1.15.2, so not the latest version, but sufficient for this demonstration. Shows not ready, and that’s simply because we haven’t installed the CNI. And so I can go ahead and install the CNI. We’re just using Calico here. While Calico does what it needs to do in the background, we’re going to come back up and capture the output of Kubeadm in the form of the join command that we will use to join our worker node.
If you forget to capture this output, I’ll have a link in the resources section of this video that will point to a blog post I wrote that describes how to recalculate all this information, how to get the token and the certificate hash and so on and so forth. All right, let’s run our getNodes command again. We’ll see that this show’s ready. It does, great. Let’s drop out of this session. We’re going to log into our worker node and once we get the SSH session for our worker node, we will Sudo and run the Kubeadm join command. It will be very fast and you will see that it’s joined the node. Great. All right, let’s go back over to our control plane node and we’re going to run that getNodes command again.
And you will see that we now have both nodes and we are less than five minutes into this process. So here you can see in less than five minutes, we used Kubeadm to create a two node conformant Kubernetes cluster, one control play node one worker node. It’s fully capable of supporting workloads so you could go ahead and run deployments and DaemonSets and expose pods using services and use ingress controllers. All the things that Kubernetes is capable of doing, you can do on this node, or this cluster rather, that you just bootstrapped using Kubernetes. So Kubeadm, very powerful and very fast, makes it super easy to be able to bootstrap clusters.
Now flipping back over to our browser, we talked about being able to bootstrap not just a single control plane node, but also being able to do highly available clusters as you can see here. And you can also use it to create an SED cluster. So you can use Kubeadm to establish an external etcd cluster that can then be used by Kubernetes as the etcd cluster behind the control plane. So lots of flexibility, lots of power here.
I want us to flip over now to an editor and show you an example of a configuration file. So here is a configuration file that I wrote. This configuration file is designed to be used by Kubeadm and this is for setting up a Kubernetes cluster that has integration into AWS. So it’s configuring the AWS cloud provider. I have a few articles on my blog about this that also have copies of these configuration files. But you can see we’re specifying all the information that Kubeadm needs to do a very custom configuration of Kubernetes here to appropriately add the extra flags that are needed on the API server and the controller manager.
You can see under the networking pod sub-net section, I’ve specified that value that I previously put on the command line as pod network cidr, we’ve specified that here. And so all we would have to do to use this configuration file is simply run Kubeadm init–config and then the name of this file and then Kubeadm would go off and establish the cluster with the custom configuration that we’re showing here in this configuration file. So lots of power, lots of flexibility here, but also very easy to use for simple configurations.
Again, I want to point out that we were able to use Kubeadm to establish a two node cluster in less than five minutes. So in this video I’ve shown you how to use Kubeadm to quickly and easily establish a two node Kubernetes cluster. Yes, this cluster is not highly available, but it is fully conformant and fully functional. And also showing you how you can use Kubeadm in conjunction with configuration files to establish highly available clusters if that’s what you are intending to do.
Kubeadm is a powerful building block that can be easily integrated with provisioning systems like Terraform configuration management tools like Ansible or others, or simple scripts that you can use to help automate the process of bootstrapping Kubernetes clusters. I hope that showing you how to use Kubeadm to bootstrap a cluster has been helpful. Thanks for watching.
Have questions about the material in this lesson?
We’ve got answers!
Post your questions in the Kubernetes community Slack. Questions about this lesson are best suited for the #kubeadm channel.
Not yet a part of the Kubernetes Slack community? Join the discussion here.
Have feedback about this course or lesson? We want to hear it!
Send your thoughts to KubeAcademy@VMware.com.
Bootstrapping a Cluster with kubeadm
Bootstrapping Using Cluster API Part 1: Concepts, Components, and Terminology
Bootstrapping Using Cluster API Part 2: Creating a Cluster on AWS with Cluster API
Authenticating Kubernetes Clusters
Kubernetes RBAC Concepts