Prepare underlying infrastructure for installing a Kubernetes cluster
5 minutes
5 Questions
Preparing the underlying infrastructure is the critical first step in the CKA curriculum for deploying a Kubernetes cluster using tools like kubeadm. Whether using bare metal or virtual machines, the operating system—typically a Linux distribution like Ubuntu or CentOS—must be configured to meet sp…Preparing the underlying infrastructure is the critical first step in the CKA curriculum for deploying a Kubernetes cluster using tools like kubeadm. Whether using bare metal or virtual machines, the operating system—typically a Linux distribution like Ubuntu or CentOS—must be configured to meet specific requirements before installation begins.
First, networking is paramount. Each node requires a unique hostname, MAC address, and product_uuid to distinguish it within the cluster. Static IP addresses are recommended to maintain stability. You must configure firewall rules to allow traffic on specific ports: the Control Plane requires TCP 6443 (API Server), 2379-2380 (etcd), and 10250 (Kubelet), while Worker Nodes need TCP 10250 and the NodePort range (30000-32767). Additionally, full network connectivity between all nodes is required.
System-level configurations are equally important. You must disable swap memory (`swapoff -a` and edit `/etc/fstab`) because the kubelet is not designed to handle swap situations. Furthermore, you must load necessary kernel modules such as `overlay` and `br_netfilter`. Correspondingly, update `sysctl` settings to enable `net.ipv4.ip_forward` and ensure bridged traffic is passed to iptables (`net.bridge.bridge-nf-call-iptables = 1`), which is vital for Pod networking.
Finally, you must install a CRI-compliant container runtime (such as containerd or CRI-O) on every node. It is crucial to configure the container runtime to use the `systemd` cgroup driver to match the kubelet's default configuration. Neglecting these preparation steps typically results in immediate pre-flight check failures during the bootstrapping phase.
Prepare Underlying Infrastructure for Installing a Kubernetes Cluster
What is Infrastructure Preparation? Preparing the underlying infrastructure involves configuring the physical or virtual machines (nodes) that will form the Kubernetes cluster. Before running installation tools like kubeadm, the Linux operating system must be tuned to support container orchestration. This includes setting up network connectivity, configuring kernel modules, installing a container runtime, and ensuring system security settings allow Kubernetes components to communicate.
Why is it Important? Kubernetes interacts deeply with the kernel of the host operating system. If the infrastructure is not correctly prepared, the cluster installation will fail, or the cluster will be unstable. For example, if swap memory is enabled, the kubelet service will refuse to start. If the correct firewall ports are closed, the Control Plane cannot manage the Worker Nodes.
How it Works (Key Requirements) To prepare a node for a Kubernetes cluster, you must typically perform the following steps: 1. Disable Swap: Kubernetes requires swap to be disabled to handle memory allocation correctly. You must run swapoff -a and edit /etc/fstab to make it permanent. 2. Enable Kernel Modules: Modules like overlay and br_netfilter must be loaded to support the container networking model. 3. Configure Network Bridging: You must ensure that net.bridge.bridge-nf-call-iptables is set to 1 in the sysctl config so that iptables can see bridged traffic. 4. Unique Identifiers: Every node must have a unique MAC address and product_uuid. 5. Install a Container Runtime: You must install a CRI-compliant runtime (like containerd, CRI-O, or Docker Engine with cri-dockerd) before installing Kubernetes components. 6. Open Ports: Specific ports must be open (e.g., 6443 for the API server, 10250 for Kubelet).
How to Answer Questions on the CKA Exam In the CKA exam, you are unlikely to be asked to provision a VM from scratch. Instead, you will likely face a scenario where a node is "broken" or a new node needs to be joined to the cluster but fails.
Step-by-Step Troubleshooting Strategy: 1. Check Kubelet Status: If a node isn't ready, run systemctl status kubelet. If it is failed, check the logs. 2. Verify Swap: Run free -h. If swap is showing generic values > 0, run swapoff -a and restart the kubelet. 3. Check Runtime: Ensure the container runtime (usually containerd) is running via systemctl status containerd. 4. Check Sysctl: If networking is failing, check if bridging is allowed by looking at /etc/sysctl.d/k8s.conf or running sysctl --system.
Exam Tips: Answering Questions on Infrastructure Preparation 1. Memorize the Swap Command: The most common reason a fresh installation fails in a lab environment is active swap memory. Remember swapoff -a. 2. Know where to find the docs: Bookmark the "Installing kubeadm" page in the Kubernetes documentation. It contains the exact modprobe and sysctl commands needed to set up the prerequisites. Do not try to memorize the specific IP forwarding syntax; just know where to copy-paste it from. 3. Containerd Configuration: If you install containerd, remember that the default configuration file often disables the CRI plugin. You may need to generate a default config using containerd config default > /etc/containerd/config.toml and ensure SystemdCgroup = true is set. 4. Connectivity: If nodes cannot join, check if the firewall is blocking port 6443 on the master node.