[ macOS/ARM64 | Linux/AMD64 ]
This guide describes how to set up a production-like Kubernetes cluster on a local machine.
The purpose is primarily educational: to understand better how Kubernetes works under the hood, what it is made of and how its components fit together. For this reason we'll be doing everything from scratch, and we'll avoid using any "convenience" tools that hide all the interesting details from us. If you're looking for a quick recipe to have a working cluster as fast as possible, this guide is probably not for you (although you can also take a look at the TLDR version).
Table of Contents generated with DocToc
- Learning How to Run VMs with QEMU
- Preparing Environment for a VM Cluster
- Launching the VM Cluster
- Bootstrapping Kubernetes Security
- Installing Kubernetes Control Plane
- Spinning up Worker Nodes
- Installing Essential Cluster Services
- Simplifying Network Setup with Cilium (optional)
- TLDR Version of the Guide (auxiliary)
This guide is a result of its author's learning process, which was largely facilitated by Kelsey Hightower's Kubernetes the Hard Way. This guide is written in a similar spirit, with some of its parts loosely reusing commands and configurations from the original.
However, compared to the original Kubernetes the Hard Way, this guide:
- uses a local environment, as opposed to Google Cloud Platform (which is used at least in the first version of KTHW)
- is lengthier, and contains more "theoretical" knowledge and introductory material for various tools and subjects, including outside of Kubernetes itself
- describes a more complete deployment, including a storage provisioner and a service load balancer
- ships with a set of scripts for the "impatient"
This guide is intended for people which have used Kubernetes to some degree, but want to have a more in-depth knowledge of its inner workings. This may be beneficial in several ways:
- being able to make better, more informed design decisions for systems running on Kubernetes
- being able to troubleshoot problems with Kubernetes more effectively
- being able to support your own Kubernetes deployment
- some working knowledge of Kubernetes, i.e. knowing what a Pod or Service is, having used
kubectl
to deploy some simple workloads - familiarity with fundamental network protocols (IP, ARP, DNS, DHCP, etc.)
- general familiarity with Linux and shell scripting
This variant of the guide was prepared and tested on a laptop with Intel Core i7 CPU, running Ubuntu 22.04 (Jammy). It assumes usage of the following components:
apt
for package management (packages from Ubuntu repositories)systemd
for system initializationnetplan
for network configuration
However, dependence on these tools is not heavy, and it should be straightforward to translate their usage to other popular alternatives available in various Linux distributions.
Since we'll run several VMs at once, a decent amount of RAM is recommended. With default settings, the VMs take 20GB of memory in total. This is an amount that should let you comfortably run some workloads. However, it can be significantly reduced to around 8-10GB if necessary. The resulting installation may not be able to support any "real" application running in Kubernetes, but it should be more than enough for a bare-bones, educational deployment.
Use this script to install all the necessary software for this guide:
sudo apt install -y apt-transport-https ca-certificates
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key \
| sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' \
| sudo tee /etc/apt/sources.list.d/kubernetes.list
curl https://baltocdn.com/helm/signing.asc | sudo gpg --dearmor -o /usr/share/keyrings/helm.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" \
| sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt update
sudo apt install -y \
qemu-system-x86 curl genisoimage dnsmasq tmux golang-cfssl nfs-kernel-server kubectl helm
Note
If you're seeing an error message indicating that dnsmasq
could not start, do not worry.
This is expected at this point, and we'll deal with it properly
when the time comes.
In order to make this guide complete, we won't focus just on Kubernetes. We'll also look at some foundational stuff within Linux that makes containerization and Kubernetes possible. We'll also spend some time with general-purpose administrative tools useful for installing and maintaining our deployment.
These include:
qemu
and virtualization in generalcloud-init
dnsmasq
tmux
cfssl
- IPVS (
ipvsadm
andldirectord
) systemd
- a bit of
iptables
- basics of Linux containerization: namespaces and cgroups
Apart from Kubernetes core, our deployment will also include the following third party projects:
We'll create a cluster out of seven Linux virtual machines:
- three of them will serve as the Kubernetes control plane
- one VM will simulate a cloud/hardware load balancer for the Kubernetes API
- the remaining three VMs will serve as worker nodes
The host (macOS) machine will also require some setup:
- it will run the virtual network between the VMs and provide internet access
- it will simulate external mass storage (e.g. a disk array) for Kubernetes, using an NFS-exported directory