How To Install Kubernetes on Rocky Linux 10
Installing Kubernetes on Rocky Linux 10 has become increasingly important as organizations seek robust, enterprise-grade container orchestration solutions. Rocky Linux 10, being the latest stable release of this CentOS successor, provides an excellent foundation for running Kubernetes clusters in production environments.
This comprehensive guide walks you through the complete process of setting up Kubernetes on Rocky Linux 10, covering everything from initial system preparation to cluster verification. Whether you’re a system administrator, DevOps engineer, or IT professional looking to deploy containerized applications, this tutorial provides the detailed instructions you need for a successful installation.
Kubernetes represents the gold standard for container orchestration, offering automated deployment, scaling, and management of containerized applications. Rocky Linux 10 delivers the stability and security features required for enterprise Kubernetes deployments, making this combination ideal for production workloads.
Prerequisites and System Requirements
Before diving into the installation process, ensure your Rocky Linux 10 system meets the necessary requirements for running Kubernetes effectively.
Hardware Requirements
Your Rocky Linux 10 system needs adequate resources to support Kubernetes operations. Minimum specifications include 2 CPU cores and 2 GB of RAM for basic functionality. However, production environments should provision at least 4 CPU cores and 8 GB of RAM for optimal performance.
Storage requirements vary based on your intended use case. Allocate minimum 20 GB of disk space for the operating system and Kubernetes components. Container images and persistent volumes will require additional storage capacity.
Network connectivity plays a crucial role in Kubernetes cluster communication. Ensure your nodes can communicate with each other and have internet access for downloading container images and updates.
Software Prerequisites
Verify your Rocky Linux 10 installation is current and properly configured. Execute sudo dnf update
to ensure all system packages are up-to-date before proceeding with Kubernetes installation.
Root or sudo access is mandatory for installing and configuring Kubernetes components. Most installation steps require elevated privileges to modify system configurations and install packages.
Essential packages including curl, wget, and text editors should be available on your system. Install these prerequisites using: sudo dnf install -y curl wget nano vim
.
Network and Security Planning
Firewall configuration requires careful planning to ensure Kubernetes components can communicate properly. Rocky Linux 10 uses firewalld by default, which you’ll need to configure or disable during installation.
SELinux considerations are important for maintaining security while allowing Kubernetes operations. You may need to configure SELinux policies or set it to permissive mode for initial testing.
Network topology planning determines whether you’re setting up a single-node cluster for development or a multi-node cluster for production use. Document your intended cluster architecture before beginning installation.
System Preparation and Configuration
Proper system preparation ensures a smooth Kubernetes installation and prevents common configuration issues.
Disable Swap and Configure Kernel Modules
Kubernetes requires swap to be disabled because it interferes with pod scheduling and resource management. The kubelet component fails to start when swap is enabled, making this step critical for successful installation.
Execute these commands to disable swap permanently:
sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab
The first command disables swap immediately, while the second command comments out swap entries in /etc/fstab
to prevent swap from being re-enabled on reboot.
Loading required kernel modules ensures proper network functionality for Kubernetes. Create the configuration file:
sudo nano /etc/modules-load.d/k8s.conf
Add these essential modules:
overlay
br_netfilter
Load the modules immediately:
sudo modprobe overlay
sudo modprobe br_netfilter
Network and System Configuration
Configure sysctl parameters to enable proper networking for Kubernetes clusters. Create the sysctl configuration file:
sudo nano /etc/sysctl.d/99-k8s-cri.conf
Add these critical settings:
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
Apply the configuration changes:
sudo sysctl --system
IP forwarding configuration enables the kernel to route packets between network interfaces, which is essential for pod-to-pod communication across nodes.
Firewall and SELinux Configuration
Firewall configuration can be handled in two ways: complete disabling for simplicity or selective rule configuration for enhanced security.
To disable firewalld completely:
sudo systemctl stop firewalld
sudo systemctl disable firewalld
For production environments, configure specific firewall rules for required Kubernetes ports:
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=2379-2380/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --permanent --add-port=10259/tcp
sudo firewall-cmd --permanent --add-port=10257/tcp
sudo firewall-cmd --reload
SELinux configuration typically requires setting SELinux to permissive mode for initial Kubernetes testing:
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
Container Runtime Installation
Kubernetes requires a container runtime to manage container lifecycle operations. containerd is the recommended choice for Rocky Linux 10 installations.
Installing containerd
Add the Docker repository since it provides the most current containerd packages for Rocky Linux systems:
sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
This repository is fully compatible with Rocky Linux 10, despite being labeled for CentOS.
Install containerd.io package along with necessary dependencies:
sudo dnf makecache
sudo dnf install -y containerd.io
Configure containerd with SystemdCgroup for proper integration with systemd-based systems. First, backup the default configuration:
sudo mv /etc/containerd/config.toml /etc/containerd/config.toml.bak
Generate a new configuration file:
containerd config default | sudo tee /etc/containerd/config.toml
Edit the configuration file to enable SystemdCgroup:
sudo nano /etc/containerd/config.toml
Locate the SystemdCgroup
field and change its value to true
:
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true
Enable and start containerd service:
sudo systemctl enable --now containerd
sudo systemctl status containerd
Alternative: CRI-O Installation
CRI-O provides an alternative container runtime specifically designed for Kubernetes. Install CRI-O from Rocky Linux repositories:
sudo dnf install -y cri-o
sudo systemctl enable --now crio
CRI-O offers lighter resource consumption compared to containerd but may have limited ecosystem support for some enterprise features.
Kubernetes Package Installation
Installing Kubernetes components requires adding the official Kubernetes repository and installing the essential tools.
Adding Kubernetes Repository
Create the Kubernetes repository configuration for Rocky Linux systems:
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.32/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.32/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl
EOF
The repository configuration includes GPG key verification for package integrity and excludes Kubernetes packages from automatic updates.
Update the package cache to include the new repository:
sudo dnf makecache
Installing Kubernetes Components
Install kubeadm, kubelet, and kubectl using the DNF package manager:
sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
These three components provide the core Kubernetes functionality:
- kubeadm: Bootstraps and manages Kubernetes clusters
- kubelet: Runs on each node and manages pod lifecycle
- kubectl: Command-line interface for cluster management
Enable the kubelet service to start automatically:
sudo systemctl enable kubelet
The kubelet service will fail to start initially until the cluster is initialized, which is normal behavior.
Pre-installation Image Download
Download required container images before initializing the cluster to avoid potential network issues during setup:
sudo kubeadm config images pull
This command downloads all necessary Kubernetes control plane images, including etcd, API server, controller manager, and scheduler components.
Kubernetes Cluster Initialization and Setup
The cluster initialization process creates the control plane and prepares your Rocky Linux 10 system for Kubernetes workloads.
Single-Node Cluster Setup
Initialize the control plane using kubeadm with appropriate network configuration:
sudo kubeadm init --pod-network-cidr=10.244.0.0/16
The --pod-network-cidr
parameter specifies the IP range for pod networking, which is required for most Container Network Interface (CNI) plugins.
Save the cluster join command displayed after successful initialization. This command is needed to add worker nodes to your cluster later.
Configure kubectl for regular user access:
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Verify control plane status:
kubectl cluster-info
kubectl get nodes
Multi-Node Cluster Configuration
For multi-node clusters, prepare additional Rocky Linux 10 systems following the same prerequisites and container runtime installation steps.
Execute the kubeadm join command on worker nodes using the command saved from the control plane initialization:
sudo kubeadm join <control-plane-ip>:6443 --token <token> --discovery-token-ca-cert-hash <hash>
Verify node connectivity from the control plane:
kubectl get nodes
All nodes should appear in the output, though they may show “NotReady” status until the network plugin is installed.
Network Plugin Installation
Container networking requires a CNI plugin to enable pod-to-pod communication across the cluster.
Installing Flannel CNI Plugin
Flannel provides a simple overlay network solution that works well with the pod network CIDR specified during cluster initialization.
Download and apply Flannel manifests:
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml
Verify network plugin installation:
kubectl get pods -n kube-flannel
kubectl get nodes
Nodes should transition to “Ready” status once Flannel is successfully deployed.
Alternative Network Solutions
Calico offers advanced networking features including network policies:
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/calico.yaml
Weave Net provides automatic network discovery and encryption:
kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml
Choose the network plugin based on your specific requirements for features like network policies, encryption, and performance characteristics.
Verification and Testing
Thorough testing ensures your Kubernetes cluster is functioning properly and ready for workload deployment.
Cluster Health Verification
Check cluster information:
kubectl cluster-info
kubectl get componentstatuses
Verify node status and readiness:
kubectl get nodes -o wide
kubectl describe nodes
Examine system pods in the kube-system namespace:
kubectl get pods -n kube-system
All system pods should be in “Running” status for a healthy cluster.
Deployment Testing
Create a test deployment to verify pod scheduling and networking:
kubectl create deployment nginx-test --image=nginx:latest
kubectl get deployments
kubectl get pods
Test service creation and exposure:
kubectl expose deployment nginx-test --port=80 --type=NodePort
kubectl get services
Access the service using the assigned NodePort to confirm network connectivity.
Troubleshooting Common Issues
Understanding common installation problems helps resolve issues quickly and maintain cluster stability.
Installation Problems
Repository and package conflicts may occur if conflicting repositories are configured. Remove conflicting repositories and reinstall packages:
sudo dnf remove -y kubelet kubeadm kubectl
sudo dnf clean all
sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
Container runtime issues often stem from configuration problems. Verify containerd is running and properly configured:
sudo systemctl status containerd
sudo ctr version
Network configuration problems can prevent cluster initialization. Verify kernel modules are loaded and sysctl parameters are applied:
lsmod | grep br_netfilter
sysctl net.bridge.bridge-nf-call-iptables
Cluster Operation Issues
Node joining failures typically result from network connectivity or token expiration. Generate a new token:
kubeadm token create --print-join-command
Pod scheduling problems may indicate resource constraints or node taints. Check node capacity and remove unnecessary taints:
kubectl describe nodes
kubectl taint nodes --all node-role.kubernetes.io/control-plane-
Network connectivity issues between pods suggest CNI plugin problems. Restart the network plugin:
kubectl delete pods -n kube-flannel --all
Best Practices and Production Considerations
Following established best practices ensures your Kubernetes cluster remains secure, performant, and maintainable.
Use namespaces to organize workloads and implement resource quotas:
kubectl create namespace production
kubectl create namespace development
Implement resource limits to prevent resource exhaustion:
apiVersion: v1
kind: ResourceQuota
metadata:
name: compute-quota
namespace: production
spec:
hard:
requests.cpu: "4"
requests.memory: 8Gi
limits.cpu: "8"
limits.memory: 16Gi
Regular maintenance includes updating Kubernetes components and monitoring cluster health. Plan upgrade schedules and maintain backup procedures for critical data.
Monitor cluster performance using tools like Prometheus and Grafana to identify potential issues before they impact workloads.
Congratulations! You have successfully installed Kubernetes. Thanks for using this tutorial for installing Kubernetes on your Rocky Linux 10 system. For additional help or useful information, we recommend you check the official Kubernetes website.