Kubernetes on Redhat Enterprise Linux 8

Installation of Kubernetes Server

Nathan Obert
Blog
Kubernetes on Redhat Enterprise Linux 8

Introduction

We will install a Kubernetes on RHEL 8 with CRI-O, and Podman. We are using an r5.large on Amazon EC2 using Amazon’s provided Red Hat Enterprise Linux 8.

Installation

Install the updates on your fresh server from Amazon.

sudo dnf update -y
sudo dnf install net-tools -y

Setup DNS or atleast Hostname entries in your /etc/hosts file

sudo hostnamectl set-hostname k8.obert.dev
sudo init 6 
echo `/sbin/ifconfig eth0 | grep 'inet ' | awk {'print $2'}` ${HOSTNAME} | sudo tee -a /etc/hosts

Set selinux to permissive

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
sestatus

Disable swap

sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
free -m

Enable the kernel modules: overlay & br_netfilter

sudo modprobe overlay
sudo modprobe br_netfilter

Create script to load modules on every reboot

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF


sudo sysctl --system

Verify the 3 net commands in previous step are in output

rhel k8 image

Instal CRI-O, set the version to the current version first!

export VERSION=1.28
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/CentOS_8/devel:kubic:libcontainers:stable.repo
sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/CentOS_8/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo
sudo dnf repolist
sudo dnf makecache
sudo dnf install -y cri-o
sudo systemctl enable crio
sudo systemctl start crio
sudo systemctl status crio

cri-o installed:

rhel k8 image

Verify Kernel Modules are Loaded

lsmod | grep br_netfilter

rhel k8 image

Install Kubernetes

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF

sudo dnf repolist
sudo dnf makecache
sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
sudo systemctl enable --now kubelet
sudo kubeadm config images pull

At this point you need to decide which ip address you want to choose to use, as well as which Container Network Interface. We are choosing Calico with the default IP Range of 192.168.10.0/16. We are also assuming the control plan endpoint is this local machine’s hostname that we put in /etc/hosts

sudo kubeadm init --pod-network-cidr=192.168.10.0/16 --control-plane-endpoint ${HOSTNAME}
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
echo export KUBECONFIG=/etc/kubernetes/admin.conf | tee -a /root/.bashrc

Remote taints from Node so it can schedule containers on this Kubernetes node. (Note: the master taint is usually not necessary)

kubectl taint nodes --all node-role.kubernetes.io/master-
kubectl taint nodes --all node-role.kubernetes.io/control-plane-

Install Container Network Interface (CNI) - Calico. Note if you choose a different IP Range you will need to modify this Yaml file. If you used the default of 192.168.10/16, you will be happy. Also verify you are using the newest/stable calico.

kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.3/manifests/calico.yaml
ip addr | grep cni
kubectl get pods -n kube-system

There should be a new network interface named ‘cni0’ as well as the pods should be Running. (this might take a few minutes if you have a slow computer)

rhel k8 image

Inspect Kubernetes, its online!

rhel k8 image

On RHEL9 to create Container images we recommend Podman over Docker

sudo dnf group install -y "Container Management"
sudo dnf install -y podman-docker
sudo touch /etc/containers/nodocker
sudo dnf install -y podman-remote
sudo dnf install -y skopeo

Now you have a complete Kubernetes server on RHEL 8 with all the container tools!

If you are new to podman, skopeo, buildah, or want a refresher there is a great whitepaper at redhat. You can access it with a free Developer account at Redhat: RHEL 9 building running and managing containers PDF.