Install Kubernetes on Red Hat Enterprise Linux (RHEL 8) with CRI-O
This tutorial will show you how to install Kubernetes on Red Hat Enterprise Linux (RHEL 8) using CRI-O as the container runtime and Calico for the Pod network add-on.
Overview of steps
First we will prepare the RHEL server for Kubernetes by disabling Swap, configuring the network, firewall, SELinux and installing CRI-O. Then we will install kubeadm and Kubernetes. Finally, we will use kubeadm to create a single node cluster and deploy the Calico Pod network add-on.
Step 1: Disable Swap
As of writing, Kubernetes requires that Swap is disabled on the Linux server. This is so that the kubelet process can reliably schedule memory to the pods. To disable swap, run the following command:
sudo swapoff -a
To make the change permanent, you will need to edit the fstab file.
Open /etc/fstab, remove the line containing swap and then save the file.
This will prevent swap from being enabled the next time the system boots.
Step 2: Configure the Network
Assign a static IP address to your RHEL server (or configure your DHCP server to reserve an IP) then add this address to your hosts file. For example, I have assigned a static IP address of 10.1.1.11 to my host.
Make sure the hostname of your machine resolves to the static IP by putting an entry in the /etc/hosts file. For example:
Install iproute-tc with the following command:
sudo dnf install -y iproute-tc
Configure iptables to see bridged traffic.
# Create the .conf file to load the modules at bootup
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
sudo modprobe overlay
sudo modprobe br_netfilter
# Set up required sysctl params, these persist across reboots.
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
sudo sysctl --system
Step 3: Open Firewall Ports
Run the following commands to open the required ports on the firewall.
You can check to see if the pods have started with the following watch command:
watch kubectl get pods -n calico-system
Wait until each pod has the STATUS of Running then terminate the watch utility.
Check to see if the node is ready with the following command:
kubectl get nodes -o wide
You should see an output like the following:
NAME STATUS ROLES AGE VERSION INTERNAL-IP EXTERNAL-IP OS-IMAGE KERNEL-VERSION CONTAINER-RUNTIME
rhel01 Ready control-plane,master 4m40s v1.21.2 10.1.1.11 <none> Red Hat Enterprise Linux 8.4 (Ootpa) 4.18.0-305.3.1.el8_4.x86_64 cri-o://1.21.1
You now have a single-host Kubernetes cluster running on Red Hat Enterprise Linux 8. We used CRI-O as a lightweight alternative to the Docker container runtime and we used Calico for the Pod network. You’re now ready to deploy some pods or join some worker nodes to the cluster.