Running your own Bare-Metal Kubernetes cluster

  1. 3 Raspberry Pi 4 boards (Raspberry Pi 2/3 will also work) $55 each— $172.95(shipping and taxes included)
  2. 3 SDHC memory cards(I used 64GB each, 8GB will do) — $21.98+Taxes
  3. 3 12-inch USB Type C USB cables for charging PI — $10
  4. One 5-port USB charger — $17
sudo apt updatesudo apt full-upgrade
allow-hotplug wlan0
iface wlan0 inet dhcp
wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf
wpa_passphrase SSID KEY >> /etc/wpa_supplicant/wpa_supplicant.conf_supplicant/wpa_supplicant.conf
127.0.1.1 masterpi masterpi
masterpi
# This will cause the set+update hostname module to not operate (if true)
preserve_hostname: true
# The modules that run in the 'init' stage
cloud_init_modules:
# - update_hostname
# - update_etc_hosts
# kubeadm init --pod-network-cidr=10.244.0.0/16
[addons] Applied essential addon: CoreDNS
[addons] Applied essential addon: kube-proxy
Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
You should now deploy a pod network to the cluster.
Run “kubectl apply -f [podnetwork].yaml” with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/
Then you can join any number of worker nodes by running the following on each as root:kubeadm join 192.168.1.190:6443 — token rgc3v3.57wawjohvov3uq86 \
— discovery-token-ca-cert-hash sha256:259269a2a40ecee85e8227b0d90cfc35e8f94826c412721e3fa460c70fe9c15d
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ kubectl get node
NAME STATUS ROLES AGE VERSION
masterpi Ready master 3m23s v1.19.2
HypriotOS/armv7: root@pinode-1 in ~
# kubeadm join 192.168.1.190:6443 --token rgc3v3.57wawjohvov3uq86 \
> --discovery-token-ca-cert-hash sha256:259269a2a40ecee85e8227b0d90cfc35e8f94826c412721e3fa460c70fe9c15d

[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: missing optional cgroups: hugetlb
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
HypriotOS/armv7: root@pinode-2 in ~
# kubeadm join 192.168.1.190:6443 --token rgc3v3.57wawjohvov3uq86 \
> --discovery-token-ca-cert-hash sha256:259269a2a40ecee85e8227b0d90cfc35e8f94826c412721e3fa460c70fe9c15d

[preflight] Running pre-flight checks
[WARNING IsDockerSystemdCheck]: detected "cgroupfs" as the Docker cgroup driver. The recommended driver is "systemd". Please follow the guide at https://kubernetes.io/docs/setup/cri/
[WARNING SystemVerification]: missing optional cgroups: hugetlb
[preflight] Reading configuration from the cluster...
[preflight] FYI: You can look at this config file with 'kubectl -n kube-system get cm kubeadm-config -oyaml'
[kubelet-start] Writing kubelet configuration to file "/var/lib/kubelet/config.yaml"
[kubelet-start] Writing kubelet environment file with flags to file "/var/lib/kubelet/kubeadm-flags.env"
[kubelet-start] Starting the kubelet
[kubelet-start] Waiting for the kubelet to perform the TLS Bootstrap...
This node has joined the cluster:
* Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
$ kubectl get node
NAME STATUS ROLES AGE VERSION
masterpi Ready master 6m53s v1.19.2
pinode-1 Ready <none> 92s v1.19.2
pinode-2 Ready <none> 83s v1.19.2
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl apply -f
https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
podsecuritypolicy.policy/psp.flannel.unprivileged created
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRole is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRole
clusterrole.rbac.authorization.k8s.io/flannel configured
Warning: rbac.authorization.k8s.io/v1beta1 ClusterRoleBinding is deprecated in v1.17+, unavailable in v1.22+; use rbac.authorization.k8s.io/v1 ClusterRoleBinding
clusterrolebinding.rbac.authorization.k8s.io/flannel unchanged
serviceaccount/flannel unchanged
configmap/kube-flannel-cfg configured
daemonset.apps/kube-flannel-ds created
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl get pods — all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-f9fd979d6–4qz2p 0/1 Running 0 9m33s
kube-system coredns-f9fd979d6-xkslk 0/1 Running 0 9m33s
kube-system etcd-masterpi 1/1 Running 0 9m39s
kube-system kube-apiserver-masterpi 1/1 Running 0 9m39s
kube-system kube-controller-manager-masterpi 1/1 Running 0 9m39s
kube-system kube-flannel-ds-4jqh5 1/1 Running 0 17s
kube-system kube-flannel-ds-7tm82 1/1 Running 0 17s
kube-system kube-flannel-ds-z8pr2 1/1 Running 0 17s
kube-system kube-proxy-ctchx 1/1 Running 0 4m29s
kube-system kube-proxy-n7nt6 1/1 Running 0 9m33s
kube-system kube-proxy-wzhxm 1/1 Running 0 4m19s
kube-system kube-scheduler-masterpi 1/1 Running 0 9m39s
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl create deployment nginx — image=nginx

deployment.apps/nginx created
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
nginx 1/1 1 1 40s
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl create service nodeport nginx — tcp=80:80

service/nginx created
$ kubectl get pod
NAME READY STATUS RESTARTS AGE
nginx-6799fc88d8–2959q 1/1 Running 0 80s
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl get service

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 14m
nginx NodePort 10.104.25.140 <none> 80:32348/TCP 61s
HypriotOS/armv7: pirate@masterpi in ~
$ kubectl describe service nginx
Name: nginx
Namespace: default
Labels: app=nginx
Annotations: <none>
Selector: app=nginx
Type: NodePort
IP: 10.104.25.140
Port: 80–80 80/TCP
TargetPort: 80/TCP
NodePort: 80–80 32348/TCP
Endpoints: 10.244.2.2:80
Session Affinity: None
External Traffic Policy: Cluster
Events: <none>
HypriotOS/armv7: pirate@masterpi in ~
$ curl http://192.168.1.191:32348/
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href=”http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href=”http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Predicting Heart Disease Using Django

Meeting… Tony Giaccone, Senior Software Engineer at The New York Times

Autoscaling Exadata Cloud at Customer / Exadata Cloud Service

Why the Dinosaurs will be extinct in next decade….

How should I learn Spring boot framework ?

Security Principles for REST APIs: 2022

REST API Security Principles

Mapping YugaByte DB Concepts to PostgreSQL and MongoDB

WEB DEVELOPMENT: BUCKLE DOWN

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Godfrey Menezes

Godfrey Menezes

More from Medium

Build RKE one node Cluster

Using VSCode with Portainer managed Kubernetes Clusters

Secure your services — Production like Kubernetes on Raspberry Pi

Kubernetes DNS caching gone wrong