RHEL BasedRocky Linux

How To Install Kubernetes on Rocky Linux 10

Install Kubernetes on Rocky Linux 10

Installing Kubernetes on Rocky Linux 10 has become increasingly important as organizations seek robust, enterprise-grade container orchestration solutions. Rocky Linux 10, being the latest stable release of this CentOS successor, provides an excellent foundation for running Kubernetes clusters in production environments.

This comprehensive guide walks you through the complete process of setting up Kubernetes on Rocky Linux 10, covering everything from initial system preparation to cluster verification. Whether you’re a system administrator, DevOps engineer, or IT professional looking to deploy containerized applications, this tutorial provides the detailed instructions you need for a successful installation.

Kubernetes represents the gold standard for container orchestration, offering automated deployment, scaling, and management of containerized applications. Rocky Linux 10 delivers the stability and security features required for enterprise Kubernetes deployments, making this combination ideal for production workloads.

Prerequisites and System Requirements

Before diving into the installation process, ensure your Rocky Linux 10 system meets the necessary requirements for running Kubernetes effectively.

Hardware Requirements

Your Rocky Linux 10 system needs adequate resources to support Kubernetes operations. Minimum specifications include 2 CPU cores and 2 GB of RAM for basic functionality. However, production environments should provision at least 4 CPU cores and 8 GB of RAM for optimal performance.

Storage requirements vary based on your intended use case. Allocate minimum 20 GB of disk space for the operating system and Kubernetes components. Container images and persistent volumes will require additional storage capacity.

Network connectivity plays a crucial role in Kubernetes cluster communication. Ensure your nodes can communicate with each other and have internet access for downloading container images and updates.

Software Prerequisites

Verify your Rocky Linux 10 installation is current and properly configured. Execute sudo dnf update to ensure all system packages are up-to-date before proceeding with Kubernetes installation.

Root or sudo access is mandatory for installing and configuring Kubernetes components. Most installation steps require elevated privileges to modify system configurations and install packages.

Essential packages including curl, wget, and text editors should be available on your system. Install these prerequisites using: sudo dnf install -y curl wget nano vim.

Network and Security Planning

Firewall configuration requires careful planning to ensure Kubernetes components can communicate properly. Rocky Linux 10 uses firewalld by default, which you’ll need to configure or disable during installation.

SELinux considerations are important for maintaining security while allowing Kubernetes operations. You may need to configure SELinux policies or set it to permissive mode for initial testing.

Network topology planning determines whether you’re setting up a single-node cluster for development or a multi-node cluster for production use. Document your intended cluster architecture before beginning installation.

System Preparation and Configuration

Proper system preparation ensures a smooth Kubernetes installation and prevents common configuration issues.

Disable Swap and Configure Kernel Modules

Kubernetes requires swap to be disabled because it interferes with pod scheduling and resource management. The kubelet component fails to start when swap is enabled, making this step critical for successful installation.

Execute these commands to disable swap permanently:

sudo swapoff -a
sudo sed -i '/ swap / s/^/#/' /etc/fstab

The first command disables swap immediately, while the second command comments out swap entries in /etc/fstab to prevent swap from being re-enabled on reboot.

Loading required kernel modules ensures proper network functionality for Kubernetes. Create the configuration file:

sudo nano /etc/modules-load.d/k8s.conf

Add these essential modules:

overlay
br_netfilter

Load the modules immediately:

sudo modprobe overlay
sudo modprobe br_netfilter

Network and System Configuration

Configure sysctl parameters to enable proper networking for Kubernetes clusters. Create the sysctl configuration file:

sudo nano /etc/sysctl.d/99-k8s-cri.conf

Add these critical settings:

net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1

Apply the configuration changes:

sudo sysctl --system

IP forwarding configuration enables the kernel to route packets between network interfaces, which is essential for pod-to-pod communication across nodes.

Firewall and SELinux Configuration

Firewall configuration can be handled in two ways: complete disabling for simplicity or selective rule configuration for enhanced security.

To disable firewalld completely:

sudo systemctl stop firewalld
sudo systemctl disable firewalld

For production environments, configure specific firewall rules for required Kubernetes ports:

sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=2379-2380/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp
sudo firewall-cmd --permanent --add-port=10259/tcp
sudo firewall-cmd --permanent --add-port=10257/tcp
sudo firewall-cmd --reload

SELinux configuration typically requires setting SELinux to permissive mode for initial Kubernetes testing:

sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

Container Runtime Installation

Kubernetes requires a container runtime to manage container lifecycle operations. containerd is the recommended choice for Rocky Linux 10 installations.

Installing containerd

Add the Docker repository since it provides the most current containerd packages for Rocky Linux systems:

sudo dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo

This repository is fully compatible with Rocky Linux 10, despite being labeled for CentOS.

Install containerd.io package along with necessary dependencies:

sudo dnf makecache
sudo dnf install -y containerd.io

Configure containerd with SystemdCgroup for proper integration with systemd-based systems. First, backup the default configuration:

sudo mv /etc/containerd/config.toml /etc/containerd/config.toml.bak

Generate a new configuration file:

containerd config default | sudo tee /etc/containerd/config.toml

Edit the configuration file to enable SystemdCgroup:

sudo nano /etc/containerd/config.toml

Locate the SystemdCgroup field and change its value to true:

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
  SystemdCgroup = true

Enable and start containerd service:

sudo systemctl enable --now containerd
sudo systemctl status containerd

Alternative: CRI-O Installation

CRI-O provides an alternative container runtime specifically designed for Kubernetes. Install CRI-O from Rocky Linux repositories:

sudo dnf install -y cri-o
sudo systemctl enable --now crio

CRI-O offers lighter resource consumption compared to containerd but may have limited ecosystem support for some enterprise features.

Kubernetes Package Installation

Installing Kubernetes components requires adding the official Kubernetes repository and installing the essential tools.

Adding Kubernetes Repository

Create the Kubernetes repository configuration for Rocky Linux systems:

cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.32/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.32/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl
EOF

The repository configuration includes GPG key verification for package integrity and excludes Kubernetes packages from automatic updates.

Update the package cache to include the new repository:

sudo dnf makecache

Installing Kubernetes Components

Install kubeadm, kubelet, and kubectl using the DNF package manager:

sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

These three components provide the core Kubernetes functionality:

  • kubeadm: Bootstraps and manages Kubernetes clusters
  • kubelet: Runs on each node and manages pod lifecycle
  • kubectl: Command-line interface for cluster management

Enable the kubelet service to start automatically:

sudo systemctl enable kubelet

The kubelet service will fail to start initially until the cluster is initialized, which is normal behavior.

Pre-installation Image Download

Download required container images before initializing the cluster to avoid potential network issues during setup:

sudo kubeadm config images pull

This command downloads all necessary Kubernetes control plane images, including etcd, API server, controller manager, and scheduler components.

Kubernetes Cluster Initialization and Setup

The cluster initialization process creates the control plane and prepares your Rocky Linux 10 system for Kubernetes workloads.

Single-Node Cluster Setup

Initialize the control plane using kubeadm with appropriate network configuration:

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

The --pod-network-cidr parameter specifies the IP range for pod networking, which is required for most Container Network Interface (CNI) plugins.

Save the cluster join command displayed after successful initialization. This command is needed to add worker nodes to your cluster later.

Configure kubectl for regular user access:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Verify control plane status:

kubectl cluster-info
kubectl get nodes

Multi-Node Cluster Configuration

For multi-node clusters, prepare additional Rocky Linux 10 systems following the same prerequisites and container runtime installation steps.

Execute the kubeadm join command on worker nodes using the command saved from the control plane initialization:

sudo kubeadm join <control-plane-ip>:6443 --token <token> --discovery-token-ca-cert-hash <hash>

Verify node connectivity from the control plane:

kubectl get nodes

All nodes should appear in the output, though they may show “NotReady” status until the network plugin is installed.

Network Plugin Installation

Container networking requires a CNI plugin to enable pod-to-pod communication across the cluster.

Installing Flannel CNI Plugin

Flannel provides a simple overlay network solution that works well with the pod network CIDR specified during cluster initialization.

Download and apply Flannel manifests:

kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml

Verify network plugin installation:

kubectl get pods -n kube-flannel
kubectl get nodes

Nodes should transition to “Ready” status once Flannel is successfully deployed.

Alternative Network Solutions

Calico offers advanced networking features including network policies:

kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.0/manifests/calico.yaml

Weave Net provides automatic network discovery and encryption:

kubectl apply -f https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml

Choose the network plugin based on your specific requirements for features like network policies, encryption, and performance characteristics.

Verification and Testing

Thorough testing ensures your Kubernetes cluster is functioning properly and ready for workload deployment.

Cluster Health Verification

Check cluster information:

kubectl cluster-info
kubectl get componentstatuses

Verify node status and readiness:

kubectl get nodes -o wide
kubectl describe nodes

Examine system pods in the kube-system namespace:

kubectl get pods -n kube-system

All system pods should be in “Running” status for a healthy cluster.

Deployment Testing

Create a test deployment to verify pod scheduling and networking:

kubectl create deployment nginx-test --image=nginx:latest
kubectl get deployments
kubectl get pods

Test service creation and exposure:

kubectl expose deployment nginx-test --port=80 --type=NodePort
kubectl get services

Access the service using the assigned NodePort to confirm network connectivity.

Troubleshooting Common Issues

Understanding common installation problems helps resolve issues quickly and maintain cluster stability.

Installation Problems

Repository and package conflicts may occur if conflicting repositories are configured. Remove conflicting repositories and reinstall packages:

sudo dnf remove -y kubelet kubeadm kubectl
sudo dnf clean all
sudo dnf install -y kubelet kubeadm kubectl --disableexcludes=kubernetes

Container runtime issues often stem from configuration problems. Verify containerd is running and properly configured:

sudo systemctl status containerd
sudo ctr version

Network configuration problems can prevent cluster initialization. Verify kernel modules are loaded and sysctl parameters are applied:

lsmod | grep br_netfilter
sysctl net.bridge.bridge-nf-call-iptables

Cluster Operation Issues

Node joining failures typically result from network connectivity or token expiration. Generate a new token:

kubeadm token create --print-join-command

Pod scheduling problems may indicate resource constraints or node taints. Check node capacity and remove unnecessary taints:

kubectl describe nodes
kubectl taint nodes --all node-role.kubernetes.io/control-plane-

Network connectivity issues between pods suggest CNI plugin problems. Restart the network plugin:

kubectl delete pods -n kube-flannel --all

Best Practices and Production Considerations

Following established best practices ensures your Kubernetes cluster remains secure, performant, and maintainable.

Use namespaces to organize workloads and implement resource quotas:

kubectl create namespace production
kubectl create namespace development

Implement resource limits to prevent resource exhaustion:

apiVersion: v1
kind: ResourceQuota
metadata:
  name: compute-quota
  namespace: production
spec:
  hard:
    requests.cpu: "4"
    requests.memory: 8Gi
    limits.cpu: "8"
    limits.memory: 16Gi

Regular maintenance includes updating Kubernetes components and monitoring cluster health. Plan upgrade schedules and maintain backup procedures for critical data.

Monitor cluster performance using tools like Prometheus and Grafana to identify potential issues before they impact workloads.

Congratulations! You have successfully installed Kubernetes. Thanks for using this tutorial for installing Kubernetes on your Rocky Linux 10 system. For additional help or useful information, we recommend you check the official Kubernetes website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button