[Tutorial] Installing Kubernetes Manually

1. Letting iptables see bridged traffic

cat

sudo sysctl --system

2. Allow Required Firewall Ports

sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9000 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT 6 -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

sudo iptables -I INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9090 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9796 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8001 -j ACCEPT
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2376 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 2379:2380 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6443 -j ACCEPT  
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 6783:6784 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 9099:9100 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 179 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 30000:32767 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 10250:10258 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p udp --dport 53 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5000 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5080 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 5432 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8443 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 8472 -j ACCEPT 
sudo iptables -I INPUT -m state --state NEW -p tcp --dport 45014 -j ACCEPT 
sudo netfilter-persistent save

3. Installing runtime or Docker Engine

Update the apt package index and install packages to allow apt to use a repository over HTTPS:

sudo apt-get update

sudo apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

Add Docker’s official GPG key:

 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

Use the following command to set up the stable repository.

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
  $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

Install Docker Engine

sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-compose-plugin

4. Configure systemd driver

create or edit /etc/docker/daemon.json

{
  "exec-opts": ["native.cgroupdriver=systemd"]
}

restart docker service

sudo systemctl restart docker

5. Installing kubeadm, kubelet and kubectl

Update the apt package index and install packages needed to use the Kubernetes apt repository:

sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl

Download the Google Cloud public signing key:

sudo curl -fsSLo /usr/share/keyrings/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg

Add the Kubernetes apt repository:

echo "deb [signed-by=/usr/share/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list

Update apt package index, install kubelet, kubeadm and kubectl, and pin their version:

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

CERTKEY=$(kubeadm certs certificate-key)
echo $CERTKEY

Run this ONLY on Control Plane

sudo kubeadm init --apiserver-cert-extra-sans=your.FQDN.COM,your.external.IP --pod-network-cidr=10.32.0.0/12 --control-plane-endpoint=your.FQDN.COM --upload-certs --certificate-key=$CERTKEY

kubeadm init

You can now join any number of the control-plane node running the following command on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \
--control-plane --certificate-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The above command will be generated after control plane has successfully initiallized.

To add Worker Nodes

Then you can join any number of worker nodes by running the following on each as root:

kubeadm join your.FQDN.COM:6443 --token XXXXXXXXXXXXXXXXXXXXXXX \
--discovery-token-ca-cert-hash sha256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Use below to reset any Master / Control Plane, or worker nodes

## remove cluster
sudo kubeadm reset
sudo rm -rf /etc/kubernetes
sudo rm -rf /etc/cni/net.d
sudo rm -rf /var/lib/kubelet
sudo rm -rf /var/lib/etcd
sudo rm -rf $HOME/.kube

Relevant FAQs:

What is Kubernetes is used for?

Kubernetes, often abbreviated as “K8s”, orchestrates containerized applications to run on a cluster of hosts. The K8s system automates the deployment and management of cloud native applications using on-premises infrastructure or public cloud platforms. [2]

What is Kubernetes and Docker?

In a nutshell, Docker is a suite of software development tools for creating, sharing and running individual containers; Kubernetes is a system for operating containerized applications at scale. Think of containers as standardized packaging for microservices with all the needed application code and dependencies inside. [3]

What's the difference between Docker and Kubernetes?

The difference between the two is that Docker is about packaging containerized applications on a single node and Kubernetes is meant to run them across a cluster. Since these packages accomplish different things, they are often used in tandem. Of course, Docker and Kubernetes can be used independently. [4]

Is Kubernetes free?

Pure open source Kubernetes is free and can be downloaded from its repository on GitHub. Administrators must build and deploy the Kubernetes release to a local system or cluster -- or to a system or cluster in a public cloud, such as AWS, Google Cloud or Microsoft Azure. [5]

Why is Kubernetes called K8s?

By the way, if you're wondering where the name “Kubernetes” came from, it is a Greek word, meaning helmsman or pilot. The abbreviation K8s is derived by replacing the eight letters of “ubernete” with the digit 8. [6]

References:

[1] https://faun.pub/free-ha-multi-architecture-kubernetes-cluster-from-oracle-c66b8ce7cc37

[2] https://www.vmware.com/topics/glossary/content/kubernetes.html

[3] https://www.dynatrace.com/news/blog/kubernetes-vs-docker/

[4] https://containerjournal.com/editorial-calendar/best-of-2021/whats-the-difference-between-docker-and-kubernetes/

[5] https://www.techtarget.com/searchitoperations/answer/Is-Kubernetes-free-as-an-open-source-software

[6] https://www.bmc.com/blogs/what-is-kubernetes/

[7] https://engineer.org.pk/2024/06/05/waste-management-ai/

Posted in Technical Solutions on May 01, 2022

NASA Offers $3 Million Prize to Help Solve a Huge Problem in Moon Missions

Posted in News on Oct 18, 2024

NASA is gearing up for long-term missions on the Moon, but a significant challenge has surfaced—how to handle the waste produced in space. To address this, NASA is offering up to $3 million to those who can help solve this growing problem. The LunaRecycle Challenge aims to develop innovative waste management solutions that can reduce solid waste and enhance the sustainability of lunar missions.

Elon Musk’s xAI Plans to Create Video Games with an AI-Driven Studio

Posted in News on Nov 28, 2024

Elon Musk is expanding xAI's focus by venturing into video game development, aiming to challenge industry norms he finds overly corporate and politically influenced. Leveraging generative AI, Musk envisions creating innovative, immersive games while reducing development costs and timelines. With a deep-rooted passion for gaming and access to significant AI resources, Musk's bold initiative seeks to redefine game development, though it faces challenges in competing with established studios and navigating the high costs of AAA production.

[SOLVED / FIXED ] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

Posted in Technical Solutions on Feb 01, 2021

[SOLVED] Mixing of GROUP columns (MIN(),MAX(),COUNT(),…) with no GROUP columns is illegal if there is no GROUP BY clause. Error in Maria DB

How to Install Python Django 4.0 on Windows 10 or Windows 11

Posted on Jan 20, 2022

How to Install Python Django 4.0 on Windows 10 or Windows 11 This tutorial explains how to Install Django on Windows 10 or Windows 11.

Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022

We are pleased to announce that Hosting by AliTech has won the CorporateVision's Global Business Award "Best Affordable Web Hosting Provider 2022 - Pakistan".

[SOLVED / FIXED] node is not recognised as internal command

Posted in Technical Solutions on Jul 13, 2022

[SOLVED / FIXED] node is not recognised as internal command

UAE to grant citizenship to expat investors and professionals

Posted in News on Jan 30, 2021

UAE to grant citizenship to expat investors and professionals including engineers, doctors, artists "The UAE cabinet, local Emiri courts & executive councils will nominate those eligible for the citizenship under clear criteria set for each category. The law allows receivers of the UAE passport to keep their existing citizenship."

World of Quantum Computing and Its Effects on Web Hosting and Domain Names

Posted in Uncategorized on Jul 11, 2024

Quantum computing is no longer a concept confined to the realm of theoretical physics; it has entered the mainstream, promising to revolutionize various industries. Among these, web hosting and domain name management stand to benefit significantly from the advancements in quantum computing. Quantum computers can process large datasets more efficiently, enabling faster data retrieval and processing. This can significantly reduce the time it takes to load websites, improving the overall user experience. Moreover, quantum encryption techniques offer enhanced protection, ensuring that sensitive data transmitted over the internet remains secure from cyber threats. As quantum computing continues to evolve, it is set to transform web hosting and domain management, making them more efficient, secure, and reliable.

[SOLVED / FIXED] Django attempt to write a readonly database OpenLiteSpeed & CyberPanel

Posted in Technical Solutions on Jun 12, 2021

[SOLVED] Django attempt to write a readonly database OpenLiteSpeed & CyberPanel

[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed

Posted in Technical Solutions on Jul 17, 2022

[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed

OpenAI Bought the Web Domain Chat.com: Did OpenAI Just Spend More Than $10 Million on a URL?

Posted in News on Nov 07, 2024

OpenAI recently acquired Chat.com, which now redirects to ChatGPT, enhancing its brand visibility and accessibility. Previously owned by Dharmesh Shah, who bought it for $15.5 million, the domain likely sold to OpenAI for an even higher price. This strategic purchase underscores OpenAI’s commitment to making AI tools more accessible and reflects the growing importance of conversational AI in modern technology.

Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024

Find the best web hosting service for your website in 2024! Compare top hosting providers like HostGator, Bluehost, and DreamHost, and discover the benefits of cloud-powered hosting with Hosting by AliTech. Limited time offer: Get up to 33.3% off your hosting plan with Hosting by AliTech!

11 Million Devices Infected with Botnet Malware Hosted in Google Play: A Detailed Overview

Posted in News on Sep 24, 2024

Recently, Necro malware has made headlines after infecting over 11 million devices through seemingly legitimate apps on Google Play, such as Wuta Camera and Max Browser. This malware utilizes advanced techniques like steganography, embedding malicious code within harmless-looking files to evade detection. Its modular design allows it to perform various malicious actions, including displaying intrusive ads and facilitating subscription fraud without users' knowledge. With the alarming resurgence of Necro, it’s crucial for users to remain vigilant, regularly update their security measures, and uninstall any suspicious applications to protect their devices from this sophisticated threat.

The Pros and Cons of Using a Free Web Hosting Service

Posted in Uncategorized on Jul 26, 2024

Choosing the right web hosting service is crucial for your online presence. Free web hosting might seem appealing, especially for startups and personal projects, but it's important to weigh its benefits and drawbacks. While cost-effective and user-friendly, free web hosting often comes with limitations in resources, performance, and security. Understanding these pros and cons can help you decide if free web hosting is the right choice for your website.

Apple Is Developing a Doorbell That Unlocks With Your Face, Report Says

Posted in News on Dec 24, 2024

Apple is reportedly developing a revolutionary smart doorbell with Face ID, allowing it to unlock your door by recognizing your face. This innovative device is expected to integrate seamlessly with Apple's growing smart home ecosystem, including upcoming security cameras and a new smart home hub. With a potential release date in late 2025, Apple aims to challenge Amazon and Google in the smart home market by prioritizing privacy and user experience.

Galaxy S10 Phones Bricked by Recent Update, Samsung Quickly Offers a Fix

Posted on Oct 04, 2024

The recent Samsung update has caused severe problems for many Galaxy S10 and Note 10 owners, leaving their devices bricked and forcing users to seek urgent solutions. The update, designed to improve functionality, has instead resulted in a widespread issue that has thrown affected phones into an endless boot loop. Fortunately, Samsung was quick to respond with a fix, but users are still grappling with the impact.

Hosting by AliTech listed in topmillion.net

Posted in About Hosting by AliTech, News on Feb 08, 2021

Top million domains by Alexa Hosting by AliTech listed in http://www.topmillion.net/domain-list-377

Meta Connect 2024: A Deep Dive into Meta's New AI Features and Llama 3.2

Posted in News on Sep 27, 2024

Meta Connect 2024 unveiled a suite of groundbreaking AI features that are set to reshape user experiences across Meta's apps. At the heart of these innovations is Llama 3.2, Meta’s latest large language model with multimodal capabilities, allowing it to process both text and images. This model powers everything from intuitive image editing to real-time voice interactions and seamless translation. Additionally, Meta's AI Studio lets users create lifelike chatbots, while the introduction of AI-powered voice assistants and real-time dubbing highlights Meta's commitment to pushing the boundaries of artificial intelligence