How to Set Up a High Availability (HA) Kubernetes Cluster with Kubeadm
Kubernetes (k8s) is a powerful orchestration tool that allows you to manage containerized applications across a cluster of nodes. Setting up a High Availability (HA) Kubernetes cluster ensures that your applications remain available even if one or more nodes fail. This comprehensive guide will walk you through the process of setting up a HA Kubernetes cluster using Kubeadm.
Table of Contents
- Introduction
- Prerequisites
- Step 1: Prepare Your Environment
- Step 2: Install Docker on All Nodes
- Step 3: Install Kubernetes Components on All Nodes
- Step 4: Set Up HAProxy and Keepalived
- Step 5: Initialize the Kubernetes Control Plane
- Step 6: Join Worker Nodes to the Cluster
- Step 7: Verify the Cluster
- Conclusion
Introduction
Setting up a HA Kubernetes cluster with Kubeadm involves configuring multiple control plane nodes, ensuring that the cluster can withstand the failure of one or more control planes. This guide provides step-by-step instructions to help you achieve a robust and resilient Kubernetes setup.
Prerequisites
Before you start, ensure you have the following:
- At least three machines (virtual or physical) running a supported version of Linux (e.g., Ubuntu 20.04).
- At least 2GB of RAM and 2 CPUs per machine.
- A user account with sudo privileges on all machines.
- Internet access for downloading packages and images.
Step 1: Prepare Your Environment
First, update and upgrade all your nodes:
bash
Copy code
sudo apt update
sudo apt upgrade -y
Disable swap on all nodes:
bash
Copy code
sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab
Enable required kernel modules and configure sysctl:
bash
Copy code
sudo modprobe overlay
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
Step 2: Install Docker on All Nodes
Install Docker, which Kubernetes uses as the default container runtime:
bash
Copy code
sudo apt update
sudo apt install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"
sudo apt update
sudo apt install -y docker-ce
sudo systemctl enable docker
sudo systemctl start docker
Step 3: Install Kubernetes Components on All Nodes
Install kubeadm
, kubelet
, and kubectl
:
bash
Copy code
sudo apt update
sudo apt install -y apt-transport-https ca-certificates curl
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
sudo add-apt-repository "deb http://apt.kubernetes.io/ kubernetes-xenial main"
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
Step 4: Set Up HAProxy and Keepalived
To ensure high availability of the control plane, set up HAProxy and Keepalived on a load balancer node.
Install HAProxy:
bash
Copy code
sudo apt install -y haproxy
Configure HAProxy to load balance traffic to the Kubernetes API servers. Edit /etc/haproxy/haproxy.cfg
:
bash
Copy code
frontend kubernetes-frontend
bind *:6443
option tcplog
mode tcp
default_backend kubernetes-backend
backend kubernetes-backend
mode tcp
balance roundrobin
server master1 <Master1_IP>:6443 check
server master2 <Master2_IP>:6443 check
server master3 <Master3_IP>:6443 check
Restart HAProxy:
bash
Copy code
sudo systemctl restart haproxy
Install Keepalived:
bash
Copy code
sudo apt install -y keepalived
Configure Keepalived for VIP (Virtual IP):
bash
Copy code
cat <<EOF | sudo tee /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface <network_interface>
virtual_router_id 51
priority 100
authentication {
auth_type PASS
auth_pass <password>
}
virtual_ipaddress {
<Virtual_IP>
}
}
EOF
Start Keepalived:
bash
Copy code
sudo systemctl enable keepalived
sudo systemctl start keepalived
Step 5: Initialize the Kubernetes Control Plane
On the first control plane node, initialize the cluster using kubeadm
:
bash
Copy code
sudo kubeadm init --control-plane-endpoint "<Virtual_IP>:6443" --upload-certs
Save the join command with the certificate key provided in the output. It will be used to join additional control plane nodes.
Set up your local kubectl
configuration:
bash
Copy code
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Install the CNI (Container Network Interface) plugin, for example, Calico:
bash
Copy code
kubectl apply -f https://docs.projectcalico.org/v3.14/manifests/calico.yaml
Step 6: Join Worker Nodes to the Cluster
Use the join command from the kubeadm init
output to join the worker nodes to the cluster:
bash
Copy code
sudo kubeadm join <Virtual_IP>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>
Step 7: Verify the Cluster
Ensure all nodes are joined and ready:
bash
Copy code
kubectl get nodes
You should see all control plane and worker nodes listed with the status Ready
.
Conclusion
Setting up a HA Kubernetes cluster with Kubeadm ensures your applications remain resilient and available. This guide provided step-by-step instructions to achieve a robust and scalable Kubernetes environment.
Compelling Summary: Setting up a HA Kubernetes cluster with Kubeadm ensures robust, resilient application management, offering a reliable environment even during failures.
References
- Kubernetes Official Documentation
- Kubeadm Official Documentation
- HAProxy Documentation
- Keepalived Documentation
By following these steps, you will have a fully functional and highly available Kubernetes cluster capable of handling production workloads.