Install Kubernetes

First, make sure that all of the nodes in the cluster have docker installed.

Disable the swap partition as it will cause errors in Kuberenetes:

sudo sed -i .bak 's/ swap /# swap/g' /etc/fstab
sudo sed -i.bak 's/\/swap\.img/#\/swap\.img/g' /etc/fstab
 
sudo swapoff -a  

Add Kubernetes' GPG key that they use to sign the packages and repository:

wget -qO - https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -

For Ubuntu prior to 18.04:

cat > /tmp/kubernetes.list << EOF
deb http://apt.kubernetes.io/ kubernetes-$(lsb_release -cs) main
EOF

For 18.04 (currently):

cat > /tmp/kubernetes.list << EOF
deb http://apt.kubernetes.io/ kubernetes-xenial main
EOF

Then

sudo mv /tmp/kubernetes.list /etc/apt/sources.list.d/
 
sudo apt update

Install Kubernetes

sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

On the “master” node, initialize Kubernetes:

sudo kubeadm init --pod-network-cidr=172.30.0.0/16 --apiserver-advertise-address=$(ip route get 8.8.8.8 | awk '{print $7; exit}')
 
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
 
kubectl taint nodes --all node-role.kubernetes.io/master-
 
cd /tmp
 
wget https://docs.projectcalico.org/v2.6/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml
 
sed -i 's/192.168.0.0\/16/172.30.0.0\/16/g'  calico.yaml
 
kubectl apply -f calico.yaml

On each “worker” node, you need to execute the last line of the output from the initialization of the “master” node. It will look similar to this:

kubeadm join --token <token> <master-ip>:6443 --discovery-token-ca-cert-hash sha256:<hash>

Once you have all of your nodes joined, you can validate with on the master node:

kubectl get nodes
 
kubectl get all --namespace kube-system

Install the Kubernetes Dashboard:

kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/grafana.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/heapster.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/influxdb/influxdb.yaml
kubectl apply -f https://raw.githubusercontent.com/kubernetes/heapster/master/deploy/kube-config/rbac/heapster-rbac.yaml
 
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/master/src/deploy/recommended/kubernetes-dashboard.yaml

I've been struggling with the latest versions of Kubernetes regarding RBAC… I really wish that they would do a “Getting Started using RBAC” tutorial instead of just having technical documentation which includes EVERY option without examples… anyway, until that is done, or I understand RBAC in the context of Kubernetes better, I'll simply allow the dashboard service account have the cluster-admin role:

cat << EOF | kubectl create -f -
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: ClusterRoleBinding
metadata:
  name: kubernetes-dashboard
  labels:
    k8s-app: kubernetes-dashboard
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kube-system
EOF

You can now access Dashboard at:

http://localhost:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/

When prompted, you can skip login.

Given that I don't hand out the Kubenetes config file to non-administrators, this is an acceptable risk in my environments…