Preparing Infrastructure for Kubernetes Installation
Introduction
This tutorial guides you through preparing the underlying infrastructure for installing a Kubernetes cluster. It covers essential steps like configuring hostnames, disabling swap, setting up a container runtime (Docker or containerd), and opening necessary firewall ports. Prior knowledge of basic Linux administration, networking concepts, and SSH is assumed.
Task 1: Hostname Configuration
Proper hostname configuration is crucial for Kubernetes node identification and internal communication.
-
Set Static Hostnames: Ensure each node has a unique and resolvable hostname. This is typically done via
/etc/hostnameand/etc/hosts.NODE_TYPE // bashsudo hostnamectl set-hostname <your-node-name>Replace<your-node-name>with the desired hostname for the node. This command requiressudoprivileges. -
Verify Hostname Resolution: Confirm that all nodes can resolve each other’s hostnames. Edit
/etc/hostson each node to include entries for all other nodes if DNS is not configured.NODE_TYPE // bashsudo vi /etc/hostsAdd lines similar to the following (adjust IP addresses and hostnames accordingly):
NODE_TYPE // text192.168.1.10 node1.example.com node1 192.168.1.11 node2.example.com node2 192.168.1.12 node3.example.com node3Ensure the/etc/hostsfile is consistent across all nodes. Inconsistent entries can lead to communication issues within the Kubernetes cluster. -
Test Hostname Resolution: Use
pingorsshto verify that the hostnames resolve correctly.NODE_TYPE // bashping node2.example.comExpected Output:
NODE_TYPE // outputPING node2.example.com (192.168.1.11) 56(84) bytes of data. 64 bytes from node2.example.com (192.168.1.11): icmp_seq=1 ttl=64 time=0.500 ms ...
Task 2: Disabling Swap
Kubernetes requires swap to be disabled for optimal performance and stability.
-
Disable Swap: Turn off swap immediately.
NODE_TYPE // bashsudo swapoff -aThis command temporarily disables swap. It does not persist across reboots. -
Permanently Disable Swap: Edit
/etc/fstabto prevent swap from being enabled on boot.NODE_TYPE // bashsudo vi /etc/fstabComment out or remove any lines that refer to swap partitions or files. For example:
NODE_TYPE // text# /dev/mapper/vg0-swap swap swap defaults 0 0 #/swapfile none swap sw 0 0 -
Verify Swap is Disabled: Check the swap status.
NODE_TYPE // bashfree -hExpected output should show
Swap: 0B. If swap is still enabled, double-check/etc/fstaband reboot the system.NODE_TYPE // outputtotal used free shared buff/cache available Mem: 7.7Gi 553Mi 6.2Gi 12Mi 985Mi 7.0Gi Swap: 0B 0B 0B
Task 3: Container Runtime Installation (Docker or Containerd)
Kubernetes uses a container runtime to manage containers. Docker and containerd are the most commonly used runtimes. This example uses containerd.
-
Install containerd: Follow the official containerd installation instructions for your operating system. This example assumes a Debian-based system.
NODE_TYPE // bashsudo apt-get update sudo apt-get install -y containerdRefer to the official containerd documentation for the most up-to-date installation instructions for your specific operating system: https://containerd.io/docs/getting-started/ -
Configure containerd: Create the default containerd configuration file.
NODE_TYPE // bashsudo mkdir -p /etc/containerd sudo containerd config default | sudo tee /etc/containerd/config.toml -
Enable Systemd Cgroup: Edit
/etc/containerd/config.tomland setSystemdCgroup = trueunder the[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]section.NODE_TYPE // bashsudo vi /etc/containerd/config.tomlNODE_TYPE // toml[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options] SystemdCgroup = trueUsing systemd cgroup manager is highly recommended for Kubernetes. Not doing so can cause issues with resource management. -
Restart containerd: Restart the containerd service to apply the changes.
NODE_TYPE // bashsudo systemctl restart containerd -
Verify containerd Status: Ensure that containerd is running and enabled.
NODE_TYPE // bashsudo systemctl status containerdExpected Output (status should be “active (running)”):
NODE_TYPE // output● containerd.service - containerd container runtime Loaded: loaded (/lib/systemd/system/containerd.service; enabled; vendor preset: enabled) Active: active (running) since Thu 2026-04-09 14:00:00 UTC; 10s ago Docs: https://containerd.io Main PID: 1234 (containerd) Tasks: 42 Memory: 100.0M CPU: 2.500s CGroup: /system.slice/containerd.service ...
Task 4: Firewall Configuration
Kubernetes requires certain ports to be open for communication between nodes and the control plane. Configure your firewall to allow the necessary traffic.
-
Identify Required Ports: Consult the Kubernetes documentation for the specific ports required for your deployment scenario. Some common ports include:
- Control Plane Nodes:
- 6443: Kubernetes API server
- 2379-2380: etcd server client API
- 10250: Kubelet API
- 10251: kube-scheduler
- 10252: kube-controller-manager
- Worker Nodes:
- 10250: Kubelet API
- 30000-32767: NodePort Services
- Control Plane Nodes:
-
Open Firewall Ports: Use
ufw,firewalld, or your preferred firewall management tool to open the required ports. This example usesufw.NODE_TYPE // bashsudo ufw allow 6443 sudo ufw allow 2379:2380 sudo ufw allow 10250 sudo ufw allow 10251 sudo ufw allow 10252 sudo ufw allow 30000:32767 sudo ufw enableAdjust the port ranges and protocols based on your specific Kubernetes configuration. Consult your operating system’s documentation for firewall management. -
Verify Firewall Rules: Check the active firewall rules to ensure the ports are open.
NODE_TYPE // bashsudo ufw statusExample output:
NODE_TYPE // outputStatus: active To Action From -- ------ ---- 6443 ALLOW Anywhere 2379:2380 ALLOW Anywhere 10250 ALLOW Anywhere 10251 ALLOW Anywhere 10252 ALLOW Anywhere 30000:32767 ALLOW Anywhere
Task 5: Kernel Parameter Configuration (Optional, but Recommended)
Tuning kernel parameters can improve the performance and stability of your Kubernetes cluster.
-
Configure Kernel Parameters: Modify
/etc/sysctl.confto set specific kernel parameters.NODE_TYPE // bashsudo vi /etc/sysctl.confAdd the following lines (or adjust values as needed):
NODE_TYPE // textnet.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 vm.max_map_count = 262144These parameters are crucial for enabling network functionalities in Kubernetes, especially when using network plugins like Calico or Flannel. -
Apply Kernel Parameters: Apply the changes without rebooting.
NODE_TYPE // bashsudo sysctl -p -
Verify Kernel Parameters: Check that the parameters have been applied correctly.
NODE_TYPE // bashsysctl net.bridge.bridge-nf-call-iptables sysctl net.ipv4.ip_forward sysctl vm.max_map_countExpected Output:
NODE_TYPE // outputnet.bridge.bridge-nf-call-iptables = 1 net.ipv4.ip_forward = 1 vm.max_map_count = 262144
Conclusion
You have successfully prepared the underlying infrastructure for a Kubernetes cluster. This includes configuring hostnames, disabling swap, setting up a container runtime, and opening the necessary firewall ports. These steps are essential for ensuring a stable and performant Kubernetes environment. Proceed to install Kubernetes components such as kubeadm, kubelet, and kubectl to set up your cluster.