Bare Metal Kubernetes Series - Part 3: Bootstrapping the cluster

There are different kinds of tools to start your cluster, we will be using kubeadm which is part of the core kubernetes project. It's as vanilla as it gets and thereby allows us to learn kubernetes in it's purest form (yes I am a purist at heart).

If you followed the earlier parts of the series, all of your nodes will have kubeadm installed.

Prerequisites for high availibilty

As everything else we also want kubernetes itself to be high available - to not have a single point of failure. So that even if a kuberentes manager node goes down (a node that contains configuration and interfaces for accessing kubernetes), we still can use everything without a problem.

Normally if you only have a single manager node, it's IP address will be used for any kubernetes related requests. When using multiple manager nodes we still need single endpoint - a single IP at which we can reach a core kubernetes API that is hooked into our cluster (specifically our etcd database).

YAML files

Yaml is a data markup like XML or JSON, mainly used by docker and kubernetes. Its nothing really fancy, however here are some things you want to know:

  • blocks and lists are identified by indentation. The indentation can be flexible at some points but still has to follow concise rules
  • sometimes you can write strings without the "", but writing them won't ever hurt
  • generally speaking yaml isn't very polished or clean, get a proper text editor that adds visual lines for the identation (like sublime text).

Config and choosing IP ranges

The kubeadm configuration file looks like this:

  IPv6DualStack: true
kind: ClusterConfiguration
controlPlaneEndpoint: ""
  • featureGates - not all of kubernetes features are enabled by default (like IPv6), here we list the optional features we want our cluster to have
  • podSubnet - here we specify the IPv4 and IPv6 subnet kubernetes is allowed to choose addresses for our pods from
  • serviceSubnet - same like podSubnet but for services
  • controlPlaneEndpoint - remember how earlier we said that our cluster needs a single address to reach itself? this is the address (the same that is specified in the keepalive configuration)

The listed address ranges the cluster uses can and should be private ranges, this way the nodes of your cluster are only visisble within your network, increasing security. You can freely choose them from reserved address ranges.

My local machines are in the subnet.

Remember keepalived from the previous part?

In my Preseed Project you will find a simple script that installs keepalived and creates some basic configuration files. Before running it, adjust the configuration inside the script to your needs.


Now head over to my Kubernetes Cluster Setup repo and follow the readme.

Next up

Series Overview

Tobias Hübner