From previous chapter, we were talking about the infrastructure which we’re gonna build. In this chapter, let’s install & setup a k8s cluster, with 2 nodes!

We will start with the Master server first

For this Lab, I’m gonna use Virtual machines to simulate servers. I’m using macOS Catalina 10.15.2, VMWare Fusion Pro 11.5.1, with 3 Ubuntu 18.04 VMs (2 CPUs, 1GB RAM, bridged network):

  • kube: master (IP:
  • kube1: node 1 (IP:
  • kube2: node 2 (IP:

Before everything, note that:

  • Kubernetes won’t run if swap enabled
  • Kubernetes master-nodes communication will require some ports opened
  • Kubernetes could face some problems with SELINUX

Alright, let’s start with the Master VM.

$ sudo su
  • Disable swap
$ swapoff -a

Also don’t forget to disable swap on reboot, by edit /etc/fstab file

  • (Optional) Set hostname
$ hostnamectl set-hostname kube
  • (Optional) Set static IP

Edit file /etc/netplan/50-cloud-init.yaml to set static IP

    renderer: networkd
            dhcp4: no
            addresses: []
                addresses: [,]
    version: 2
  • Update apt
$ apt update
  • Install Docker
$ apt install

Auto start Docker

$ systemctl enable docker

Start Docker

$ systemctl start docker
  • Install Kubeadm
$ curl -s | apt-key add

$ apt-add-repository "deb kubernetes-xenial main"

$ apt install kubeadm
  • Init Kubeadm
$ kubeadm init --pod-network-cidr=

After Kubeadm inited, it will give you a command with token to run it on Node servers:

kubeadm join --token xxx --discovery-token-ca-cert-hash xxx

Create k8s config place

$ mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
  • Create Virtual network

We’re gonna use flannel for Virtual network

$ kubectl apply -f
  • (Optional) Create Docker registry

For this Lab, we’re gonna setup a local insecure Docker registry to store our built images.

$ docker run -d -p 5000:5000 --name registry registry:2

For some funny security reasons, Docker doesn’t want to connect to an insecure registry.

To allow Docker to use insecure registry, you need to:

Edit file /etc/docker/daemon.json

        "insecure-registries" : [""]

Edit file /etc/default/docker


Restart Docker

$ service docker restart

(Remember is our Master server’s IP)

  • Install metrics server
$ cd /etc
$ git clone
$ cd metrics-server/

Edit file /etc/metrics-server/deploy/1.8+/metrics-server-deployment.yaml

      - name: metrics-server
          - --cert-dir=/tmp
          - --secure-port=4443
          - /metrics-server
          - --metric-resolution=5s
          - --kubelet-insecure-tls
          - --kubelet-preferred-address-types=InternalIP

Great, you have a working Master server now.

…To be continued

Next chapter