Sa Pham

Interested in Cloud Computing, Programming and Security.

Install Kubernetes using Kubeadm with calico network

10 Oct 2017 »

These are my notes about install kubernetes using kubeadm with calico network plugin.

It’s note, not a guide

  • Install Docker
apt install -y
  • Install Kubeadm
apt-get update && apt-get install -y apt-transport-https
curl -s | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb kubernetes-xenial main
apt-get update
apt-get install -y kubelet kubeadm kubectl
  • Init on Master node
kubeadm init --pod-network-cidr=
  • Apply network plugins
kubectl apply -f
  • Wait for dns ready
root@sapd-kube-1:~# kubectl get pod -n kube-system
NAME                                       READY     STATUS              RESTARTS   AGE
calico-etcd-jw045                          0/1       ContainerCreating   0          55s
calico-node-640v5                          0/2       ContainerCreating   0          54s
calico-policy-controller-336633499-jhtqc   0/1       Pending             0          54s
etcd-sapd-kube-1                           1/1       Running             0          40s
kube-apiserver-sapd-kube-1                 1/1       Running             0          22s
kube-controller-manager-sapd-kube-1        1/1       Running             0          41s
kube-dns-2425271678-hd0mh                  0/3       Pending             0          1m
kube-proxy-x32x9                           1/1       Running             0          1m
kube-scheduler-sapd-kube-1                 1/1       Running             0          26s
  • When ready, you can join a node, on my lab, It take 10 minutes to done.
root@sapd-kube-1:~# kubectl get pod -n kube-system
NAME                                       READY     STATUS    RESTARTS   AGE
calico-etcd-jw045                          1/1       Running   0          9m
calico-node-640v5                          2/2       Running   0          9m
calico-policy-controller-336633499-jhtqc   1/1       Running   0          9m
etcd-sapd-kube-1                           1/1       Running   0          9m
kube-apiserver-sapd-kube-1                 1/1       Running   0          9m
kube-controller-manager-sapd-kube-1        1/1       Running   0          9m
kube-dns-2425271678-hd0mh                  3/3       Running   0          10m
kube-proxy-x32x9                           1/1       Running   0          10m
kube-scheduler-sapd-kube-1                 1/1       Running   0          9m
  • Default kubernetes not schedule workload on master node

  • On other node, You can join now,

root@sapd-kube-2:~# kubeadm join --token 6d0bb9.efe2d2c83a6d7947
[kubeadm] WARNING: kubeadm is in beta, please do not use it for production clusters.
[preflight] Running pre-flight checks
[preflight] Starting the kubelet service
[discovery] Trying to connect to API Server ""
[discovery] Created cluster-info discovery client, requesting info from ""
[discovery] Cluster info signature and contents are valid, will use API Server ""
[discovery] Successfully established connection with API Server ""
[bootstrap] Detected server version: v1.7.7
[bootstrap] The server supports the Certificates API (
[csr] Created API client to obtain unique certificate for this node, generating keys and certificate signing request
[csr] Received signed certificate from the API server, generating KubeConfig...
[kubeconfig] Wrote KubeConfig file to disk: "/etc/kubernetes/kubelet.conf"

Node join complete:
* Certificate signing request sent to master and response
* Kubelet informed of new secure connection details.

Run 'kubectl get nodes' on the master to see this machine join.
  • Wait for node ready
root@sapd-kube-1:~# kubectl get node
NAME          STATUS     AGE       VERSION
sapd-kube-1   Ready      17m       v1.7.5
sapd-kube-2   NotReady   1m        v1.7.5
sapd-kube-3   NotReady   1m        v1.7.5