Using Kubernetes on Ubuntu Linux

Last modified by matto on 2018/07/08 08:49


Note: 1. and 2. Apply for master and all workers

1. Install docker

sudo apt install

2. Install kubernetes

apt-get update && apt-get install -y apt-transport-https curl
curl -s | apt-key add -
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb kubernetes-xenial main
apt-get update && apt-get install -y kubelet kubeadm kubectl

rm -rf $HOME/.kube
mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

Initialize master

Following steps have to be executed on master only:


 sysctl net.bridge.bridge-nf-call-iptables=1

export KUBECONFIG=/etc/kubernetes/admin.conf

We need to install a CNI, we will use flannel CNI

Let's initialize kubernetes

kubeadm init --pod-network-cidr= --apiserver-advertise-address={your master IP} 

After that, you will get an info how other pods can join the network (sample):

(do not run, just copy to clipboard):
kubeadm join --token gxqr5t.4132n8s2yu36x --discovery-token-ca-cert-hash sha256:fb7558407f1234a9c76125b2344ac6f19d01720b8a901fff30a7095531807e

This is what you need to install on worker to be visible by the master.

Installing flannel CNI

kubectl apply -f


kubectl get pod --all-namespaces

All of them have to be in status "Running" and all available, e.g. 1/1 or 3/3 ..

Running docker image from private docker repositroy

docker login {your_private_repository_url}

cat ~/.docker/config.json

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>

Then, create file: {your-pod.yaml}

apiVersion: v1
kind: Pod
  name: {name fo your pod}
  - name: {container name}
    image: {your image URL in private docker repository}
  - name: regcred

Then, run it:

kubectl create -f {your-pod.yaml}

To check it:

kubectl get pods

it has to be in state Running

To see what's going on inside of the pod's console:

kubectl attach {name fo your pod}

Attaching to the shell of your container:

 kubectl exec -it {name fo your pod} sh

from within the container, you can try to do this:


you will quickly realize, that hostname is not resolved and you cannot access this address.

Accessing external network

When you run the pod, you will realize, that your pod cannot access anything else that what is within its own internal network.

You have to careful with this setting, but it is possible to allow outbound connections:

kubectl delete pod  {name fo your pod}

Wait for a moment until it's terminated, then:

edit {your-pod.yaml} and add the following lines

apiVersion: v1
kind: Pod
  name: {name fo your pod}
  - name: {container name}
    image: {your image URL in private docker repository}
  - name: regcred
  hostNetwork: true
  dnsPolicy: Default


Kubectl autocomplete

With autocomplete, you can simply just hit [tab] key and you will see a list of available commands.

To enable the autocomplete, just run:

 source <(kubectl completion bash)

Join additional nodes to your cluster

On master, run the following command:

kubeadm token create --print-join-command

It will print out something like:

kubeadm join --token 8m98hq.reaaz02g7xdfquyx --discovery-token-ca-cert-hash sha256:ac33444217d906884eb9a2a4ea017737c99bd1ec89a6fb805b0d590c12a783e6

Run this on the node you want to join the cluster

Verify then, if it's in list of nodes:

kubectl get nodes

Issue with kubernetes DNS:

when running this command:

kubectl get pods --namespace=kube-system -l k8s-app=kube-dns

kubernetes DNS has been crashing:

root@master:~# kubectl get pods --namespace=kube-system -l k8s-app=kube-dns
NAME                        READY     STATUS             RESTARTS   AGE
kube-dns-86f4d74b45-tr5jk   2/3       CrashLoopBackOff   1313       7d

This is what actually helped to restart the DNS:

systemctl stop kubelet
systemctl stop docker
iptables --flush
iptables -tnat --flush
systemctl start docker
systemctl start kubelet
kubectl delete pods -n kube-system -l k8s-app=kube-dns 


Created by matto on 2018/06/03 04:49 ©
Analytics Made Easy - StatCounter