{"id":2606,"date":"2022-12-14T17:58:05","date_gmt":"2022-12-14T16:58:05","guid":{"rendered":"https:\/\/stls.eu\/blog\/?p=2606"},"modified":"2024-09-28T22:44:06","modified_gmt":"2024-09-28T20:44:06","slug":"install-kubernetes-on-debian-11-bullseye","status":"publish","type":"post","link":"https:\/\/stls.eu\/blog\/2022\/12\/14\/install-kubernetes-on-debian-11-bullseye\/","title":{"rendered":"install Kubernetes on Debian 11 Bullseye"},"content":{"rendered":"\n<ul class=\"wp-block-list\">\n<li>prepare Hosts [all nodes]\n<ul class=\"wp-block-list\">\n<li>disable swap<br>swapoff -a<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>add cluster DNS to \/etc\/hosts\n<ul class=\"wp-block-list\">\n<li>e.g. onprem.cloud<br>echo &#8220;127.0.0.1 onprem.cloud&#8221; >> \/etc\/hosts<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">apt install -y curl gpg<br># edit \/etc\/sysctl.conf<br>#   net.ipv4.ip_forward=1<br>#   net.bridge.bridge-nf-call-iptables=1<br>sysctl -w net.ipv4.ip_forward=1<br>sysctl -w net.bridge.bridge-nf-call-iptables=1<br># edit \/etc\/modules<br>#   br_netfilter<br>modprobe br_netfilter<br>export KUBECONFIG=\/etc\/kubernetes\/admin.conf<br>echo \"export KUBECONFIG=\/etc\/kubernetes\/admin.conf\" &gt;&gt; \/root\/.bashrc<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>install Container Runtime CRI-O (https:\/\/cri-o.io\/) [all nodes]<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">export OS=Debian_11\nexport VERSION=1.25\necho \"deb https:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable\/$OS\/ \/\" &gt; \/etc\/apt\/sources.list.d\/devel:kubic:libcontainers:stable.list\necho \"deb http:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable:\/cri-o:\/$VERSION\/$OS\/ \/\" &gt; \/etc\/apt\/sources.list.d\/devel:kubic:libcontainers:stable:cri-o:$VERSION.list\n\ncurl -L https:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable:\/cri-o:\/$VERSION\/$OS\/Release.key | apt-key add -\ncurl -L https:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable\/$OS\/Release.key | apt-key add -\n\napt update\napt install -y cri-o cri-o-runc\nsystemctl enable crio.service\nsystemctl start crio.service<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>install K8s (https:\/\/kubernetes.io\/docs\/setup\/production-environment\/tools\/kubeadm\/install-kubeadm\/) [all nodes]<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">apt install -y apt-transport-https ca-certificates curl\nmkdir \/etc\/apt\/keyrings\ncurl -fsSL https:\/\/packages.cloud.google.com\/apt\/doc\/apt-key.gpg | gpg --dearmor | dd status=none of=\/etc\/apt\/keyrings\/kubernetes-archive-keyring.gpg\necho \"deb [signed-by=\/etc\/apt\/keyrings\/kubernetes-archive-keyring.gpg] https:\/\/apt.kubernetes.io\/ kubernetes-xenial main\" | tee \/etc\/apt\/sources.list.d\/kubernetes.list\napt update\napt install -y kubelet kubeadm kubectl\napt-mark hold kubelet kubeadm kubectl<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>install CNI Cillium (https:\/\/docs.cilium.io\/en\/stable\/gettingstarted\/k8s-install-default\/) [all nodes]<\/li>\n<\/ul>\n\n\n\n<pre id=\"codecell9\" class=\"wp-block-preformatted\">CILIUM_CLI_VERSION=$(curl -s https:\/\/raw.githubusercontent.com\/cilium\/cilium-cli\/master\/stable.txt)\nCLI_ARCH=amd64\nif [ \"$(uname -m)\" = \"aarch64\" ]; then CLI_ARCH=arm64; fi\ncurl -L --fail --remote-name-all https:\/\/github.com\/cilium\/cilium-cli\/releases\/download\/${CILIUM_CLI_VERSION}\/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}\nsha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum\ntar xzvfC cilium-linux-${CLI_ARCH}.tar.gz \/usr\/local\/bin\nrm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}<\/pre>\n\n\n\n<p>Create Cluster [control plane]<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">kubeadm init --control-plane-endpoint=onprem.cloud --v=5 --pod-network-cidr=10.244.0.0\/16\n# wait for node to get 'ready'\nwatch --color 'kubectl get nodes'\n\ncilium install\ncilium status<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Join Nodes [worker nodes]<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">kubeadm token create --print-join-command<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>reset K8s Node<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">kubeadm reset<\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>expose K8s Port<br><\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>iptables -t nat -A PREROUTING -d 10.10.10.172\/24 -i eno1 -p tcp --dport 6443 -j DNAT --to-destination 192.168.122.234:6443<br>iptables -I FORWARD -p tcp -d 192.168.122.234\/24 --dport 6443 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT<\/code><\/pre>\n\n\n\n<ul class=\"wp-block-list\">\n<li>test Cluster<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl create namespace test\nkubectl config set-context --current --namespace=test\nkubectl create deployment whoami --image=traefik\/whoami:latest\n#kubectl expose deployment whoami --name whoami-service --port 80 --target-port=30080 --type NodePort\nkubectl create service nodeport whoami --node-port=30080 --tcp=80:80<\/pre>\n\n\n\n<p><a href=\"https:\/\/kubernetes.io\/de\/docs\/reference\/kubectl\/cheatsheet\/\">https:\/\/kubernetes.io\/de\/docs\/reference\/kubectl\/cheatsheet\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>apt install -y curl gpg# edit \/etc\/sysctl.conf# net.ipv4.ip_forward=1# net.bridge.bridge-nf-call-iptables=1sysctl -w net.ipv4.ip_forward=1sysctl -w net.bridge.bridge-nf-call-iptables=1# edit \/etc\/modules# br_netfiltermodprobe br_netfilterexport KUBECONFIG=\/etc\/kubernetes\/admin.confecho &#8220;export KUBECONFIG=\/etc\/kubernetes\/admin.conf&#8221; &gt;&gt; \/root\/.bashrc export OS=Debian_11 export VERSION=1.25 echo &#8220;deb https:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable\/$OS\/ \/&#8221; &gt; \/etc\/apt\/sources.list.d\/devel:kubic:libcontainers:stable.list echo &#8220;deb http:\/\/download.opensuse.org\/repositories\/devel:\/kubic:\/libcontainers:\/stable:\/cri-o:\/$VERSION\/$OS\/ \/&#8221; &gt; \/etc\/apt\/sources.list.d\/devel:kubic:libcontainers:stable:cri-o:$VERSION.list curl -L &hellip; <a href=\"https:\/\/stls.eu\/blog\/2022\/12\/14\/install-kubernetes-on-debian-11-bullseye\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20,121],"tags":[],"class_list":["post-2606","post","type-post","status-publish","format-standard","hentry","category-debian","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/posts\/2606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/comments?post=2606"}],"version-history":[{"count":45,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/posts\/2606\/revisions"}],"predecessor-version":[{"id":2729,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/posts\/2606\/revisions\/2729"}],"wp:attachment":[{"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/media?parent=2606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/categories?post=2606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/stls.eu\/blog\/wp-json\/wp\/v2\/tags?post=2606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}