New setup ubuntu24, v 1.32:
Go to the EC2 Dashboard.
Locate Security Groups:
In the left menu under Network & Security, click on Security Groups.
Create a New Security Group:
Click on Create Security Group.
Provide the following details:
Name: (e.g., Kubernetes-Cluster-SG)
Description: A brief description for the security group (mandatory)
VPC: Select the appropriate VPC for your instances (default is acceptable)
Add Rules to the Security Group:
Allow SSH Traffic (Port 22):
Type: SSH
Port Range: 22
Source: 0.0.0.0/0 (Anywhere) or your specific IP
Allow Kubernetes API Traffic (Port 6443):
Type: Custom TCP
Port Range: 6443
Source: 0.0.0.0/0 (Anywhere) or specific IP ranges
Save the Rules:
Click on Create Security Group to save the settings.
Step 2: Select the Security Group While Creating Instances
When launching EC2 instances:
Under Configure Security Group, select the existing security group (Kubernetes-Cluster-SG)
Note: Security group settings can be updated later as needed.
Execute on Both "Master" & "Worker" Nodes
Disable Swap: Required for Kubernetes to function correctly.
sudo swapoff -a
Load Necessary Kernel Modules: Required for Kubernetes networking.
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
Set Sysctl Parameters: Helps with networking.
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
lsmod | grep br_netfilter
lsmod | grep overlay
领英推è
Install Containerd:
sudo apt-get update
sudo apt-get install -y ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo \"$VERSION_CODENAME\") stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install -y containerd.io
containerd config default | sed -e 's/SystemdCgroup = false/SystemdCgroup = true/' -e 's/sandbox_image = "registry.k8s.io\/pause:3.6"/sandbox_image = "registry.k8s.io\/pause:3.9"/' | sudo tee /etc/containerd/config.toml
sudo systemctl restart containerd
sudo systemctl status containerd
Install Kubernetes Components:
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Execute ONLY on the "Master" Node
Initialize the Cluster:
sudo kubeadm init
Set Up Local kubeconfig:
mkdir -p "$HOME"/.kube
sudo cp -i /etc/kubernetes/admin.conf "$HOME"/.kube/config
sudo chown "$(id -u)":"$(id -g)" "$HOME"/.kube/config
Install a Network Plugin (Calico):
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/calico.yaml
Generate Join Command:
kubeadm token create --print-join-command
Copy this generated token for next command.
kubeadm token create --print-join-command
Copy this generated token On worker node1/node2 with sudo {if any mistake run: sudo kubeadm reset pre-flight checks } .
Verify Cluster Connection
On Master Node:
kubectl get nodes
Check the status of nodes in the cluster:
ubuntu@ip-172-31-8-118:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
master Ready control-plane 25m v1.32.2
node1 Ready <none> 11s v1.32.2
node2 Ready <none> 15m v1.32.2