There is a point to this story, but it has temporarily escaped my mind...
Contact Me MyFaceBook MyLinkedIn MyGitHub MyTwitter

Install Kubernetes

First, make sure that all of the nodes in the cluster have docker installed.

Disable the swap partition as it will cause errors in Kuberenetes:

sudo sed -i .bak 's/ swap /# swap/g' /etc/fstab
sudo sed -i.bak 's/\/swap\.img/#\/swap\.img/g' /etc/fstab
sudo swapoff -a  

Add Kubernetes' GPG key that they use to sign the packages and repository:

wget -qO - | sudo apt-key add -

For Ubuntu prior to 18.04:

cat > /tmp/kubernetes.list << EOF
deb kubernetes-$(lsb_release -cs) main

For 18.04 (currently):

cat > /tmp/kubernetes.list << EOF
deb kubernetes-xenial main


sudo mv /tmp/kubernetes.list /etc/apt/sources.list.d/
sudo apt update

Install Kubernetes

sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

On the “master” node, initialize Kubernetes:

sudo kubeadm init --pod-network-cidr= --apiserver-advertise-address=$(ip route get | awk '{print $7; exit}')
mkdir -p $HOME/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl taint nodes --all
cd /tmp
sed -i 's/\/16/\/16/g'  calico.yaml
kubectl apply -f calico.yaml

On each “worker” node, you need to execute the last line of the output from the initialization of the “master” node. It will look similar to this:

kubeadm join --token <token> <master-ip>:6443 --discovery-token-ca-cert-hash sha256:<hash>

Once you have all of your nodes joined, you can validate with on the master node:

kubectl get nodes
kubectl get all --namespace kube-system

Install the Kubernetes Dashboard:

kubectl apply -f
kubectl apply -f
kubectl apply -f
kubectl apply -f
kubectl apply -f

I've been struggling with the latest versions of Kubernetes regarding RBAC… I really wish that they would do a “Getting Started using RBAC” tutorial instead of just having technical documentation which includes EVERY option without examples… anyway, until that is done, or I understand RBAC in the context of Kubernetes better, I'll simply allow the dashboard service account have the cluster-admin role:

cat << EOF | kubectl create -f -
kind: ClusterRoleBinding
  name: kubernetes-dashboard
    k8s-app: kubernetes-dashboard
  kind: ClusterRole
  name: cluster-admin
- kind: ServiceAccount
  name: kubernetes-dashboard
  namespace: kube-system

You can now access Dashboard at:


When prompted, you can skip login.

Given that I don't hand out the Kubenetes config file to non-administrators, this is an acceptable risk in my environments…

Copyright © 2022 by Julian Easterling. SOME RIGHTS RESERVED.
Privacy Policy              Terms of Use             

Creative Commons License
Except where otherwise noted, content on this site is
licensed under a Creative Common Attribution-Share Alike 4.0 International License.

All of the opinions expressed on this website are those of Julian Easterling and
do not represent the views of any of my current and previous clients or employers in any way.

If you notice an error on the site or content that has not been properly attributed, bring
it to my attention using the contact page and I will endeavor to fix it as soon as I can.

I accept no responsibility or liability for any damages incurred by following any of
my advice or by using any of the information on my site or of those sites that I link to.