no swap
swapon -s # empty
1700 MB+
free -m
routing enabled
cp -pi /etc/sysctl.conf /etc/sysctl.conf.dist vi /etc/sysctl.conf net.ipv4.ip_forward = 1 sysctl -p
apt install ca-certificates curl gnupg1 # apt-transport-https curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key -o /etc/apt/keyrings/kubernetes-apt-keyring.key cat /etc/apt/keyrings/kubernetes-apt-keyring.key | gpg1 --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
ls -lF /etc/apt/sources.list.d/kubernetes.list # no exist cat > /etc/apt/sources.list.d/kubernetes.list <<EOF deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ / EOF
apt update apt install kubelet kubeadm kubectl apt-mark hold kubelet kubeadm kubectl systemctl enable --now kubelet apt install lsb-release curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
ls -lF /etc/apt/sources.list.d/docker.list # no exist cat > /etc/apt/sources.list.d/docker.list <<EOF deb [signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian `lsb_release -cs` stable EOF
apt update apt install containerd.io systemctl status containerd ls -lF /run/containerd/containerd.sock cd /etc/containerd/ mv -i config.toml config.toml.dist containerd config default > config.toml.default vi config.toml
[plugins] [plugins.“io.containerd.grpc.v1.cri”] [plugins.“io.containerd.grpc.v1.cri”.containerd] [plugins.“io.containerd.grpc.v1.cri”.containerd.runtimes] [plugins.“io.containerd.grpc.v1.cri”.containerd.runtimes.runc] [plugins.“io.containerd.grpc.v1.cri”.containerd.runtimes.runc.options] SystemdCgroup = true
systemctl restart containerd
cd ~/ vi kubeadm-config.yaml
kind: ClusterConfiguration apiVersion: kubeadm.k8s.io/v1beta4 kubernetesVersion: v1.31.2 --- kind: KubeletConfiguration apiVersion: kubelet.config.k8s.io/v1beta1 cgroupDriver: systemd
# not sure this is necessary, but it helps avoid some noise on the console at boot-time systemctl stop apparmor systemctl disable apparmor kubeadm init --config kubeadm-config.yaml systemctl status kubelet netstat -lntup | grep kube-apiserver
install an ebpf-capable network engine
– e.g. follow the Cilium instructions
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt)
CLI_ARCH=amd64
curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum
tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin/
rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
then deploy onto the cluster
export KUBECONFIG=/etc/kubernetes/admin.conf cilium install --version 1.16.3
export KUBECONFIG=/etc/kubernetes/admin.conf kubectl get namespaces
while running kubeadm init
[WARNING SystemVerification]: missing optional cgroups: hugetlb
==> you need a valid kernel for running k8s e.g.
ls -lhF /boot/vmlinuz-6.1.0-18-cloud-amd64 ls -lhF /boot/initrd.img-6.1.0-18-cloud-amd64 ls -ldhF /lib/modules/6.1.0-18-cloud-amd64/
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/
https://kubernetes.io/docs/setup/production-environment/container-runtimes/#cgroup-drivers
https://docs.docker.com/engine/install/debian/
https://kubernetes.io/docs/concepts/cluster-administration/addons/
https://kubernetes.io/docs/concepts/cluster-administration/addons/#networking-and-network-policy
https://silentlad.com/introduction-to-kwok-(kubernetes-without-kubelet)