Provisioning Kubernetes cluster by kubeadm

Kubeadm is a new tool that is part of the Kubernetes distribution of 1.4.0. It allows you to install and set up a Kubernetes cluster. One of the most frequent criticisms of Kubernetes is that it’s difficult to install. kubeadm makes this much easier, so I strongly suggest you give it a try.

Pre-requisites for creating a cluster:

  • One or more machines running the compatible OS (ex: Ubuntu)
  • 2-GB or more of RAM per machine
  • 2-CPU or more for Master

Network connectivity among all machines in the cluster


  • Install a single master Kubernetes cluster.
  • Install a Pod network on the cluster so that your Pods can communicate.

Beginners can set up the pre-requisites in their own machine by creating virtual machines (VMs) in a virtual box, or they can also use multiple machines for creating clusters.


Install these requirements in each node:

  • Docker
    $ sudo apt-get update
    $ sudo apt-get install -y
  • Kubeadm, Kubelet, Kubectl
    $ sudo apt-get update && sudo apt-get install -y apt-transport-https curl
    $ sudo -i
    $ curl -s | apt-key add -
    $ cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
    $ deb kubernetes-xenial main
    $ EOF
    $ exit
    $ sudo apt-get update
    $ sudo apt-get install -y kubelet kubeadm kubectl

Master Node:

The master is the machine where the control plane components run, including etcd (the cluster database) and the API server (which the kubectl CLI communicates with).

Master Node

Master Node

Before running kubeadm init in master node, first choose a pod network add-on and verify whether it requires any arguments to be passed for kubeadm initialization. Depending on which third-party provider you choose, you might need to set the --pod-network-cidr argument with kubeadm init <args>.

Configure the cgroup Driver used by kubelet

$ sudo sed -i "s/cgroup-driver=systemd/cgroup-driver=cgroupfs/g" /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

Restart kubelet

$ sudo systemctl daemon-reload
$ sudo systemctl restart kubelet


$ sudo kubeadm init --apiserver-advertise-address=<master-private-ip> --apiserver-cert-extra-sans= --pod-network-cidr
$ sudo mkdir -p $HOME/.kube
$ sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
$ sudo chown $(id -u):$(id -g) $HOME/.kube/config
$ sudo sysctl net.bridge.bridge-nf-call-iptables=1
$ sudo KUBECONFIG=/etc/kubernetes/admin.conf
$ kubectl apply -f

After you finish running kubeadm init in master node, it provides the token, master-ip, sha and hash as follows:

$ kubeadm join --token <token> <master-ip>:<master-port> --discovery-token-ca-cert-hash sha256:<hash>

If you do not have the token, you can obtain it by running the following command on the master node:

$ kubeadm token list

By default, tokens expire after 24 hours. If you are joining a node to the cluster after the current token has expired, you can create a new token using the following command:

$ kubeadm token create

For reference, you can view this document:

Worker nodes:

A worker node in Kubernetes was previously known as a minion. A node may be a VM or a physical machine, depending on the cluster. Each node has the services necessary to run pods and is managed by the master components.

Joining worker nodes:

To add nodes to your cluster, do the following for each machine:

  • SSH to the machine
  • Become root (e.g. sudo su -)
  • Run the command that was returned by kubeadm init. For example:
$ kubeadm join — token <token> <master-ip>:<master-port> — discovery-token-ca-cert-hash sha256:<hash>

Now you are all set and can list the nodes from the master by running

$ kubectl get nodes

This article was first published on Aug 23, 2018 on OpenEBS's Medium Account

Kiran Mova
Kiran Mova is a Passionate Technologist with 17 years of extensive experience working for product companies like Cisco, Lucent, Novell. Kiran has led efforts in performance engineering, simplifying the products in terms of usability, operation and deployment complexities, introducing multi-tenancy and enabling SAAS services in domains like IP/Optical Networks, Storage and Access Management. At MayaData, Kiran leads overall architecture and is responsible for architecting, solution design and customer adoption of OpenEBS and related software. Kiran evangelizes open culture and open source execution models and is a lead maintainer and contributor to the OpenEBS project Passionate about Storage Orchestration. Contributor and Maintainer OpenEBS projects. Chief Architect MayaData Inc. Open Source Dreamer
Akhil Mohan
Building Mayadata one commit at a time.
Uma Mukkara
Umasankar Mukkara (Uma) has over 20 years of experience as a hands-on developer, architecting scalable products and building innovative teams. Uma led product development in the early days of MayaData (CloudByte). He has led multiple innovations in multi-tenant storage and has contributed to more than 10 patents. Prior to CloudByte, he has contributed significantly to the development of Access Management solutions and has a sound understanding of cloud storage and security architecture. Uma also spends significant time in building chaos engineering practices in OpenEBS development eco-system, community engagement, and partner eco-system development. Uma holds a Masters degree in Telecommunications and software engineering from Illinois Institute of Technology, Chicago and a bachelor’s degree in Communications from S.V.University, Tirupati, India. Contributor at, Co-founder& COO@MayaData