# Bootstrapping the Kubernetes Worker Nodes In this lab you will bootstrap three Kubernetes worker nodes. The following components will be installed on each node: [runc](https://github.com/opencontainers/runc), [container networking plugins](https://github.com/containernetworking/cni), [containerd](https://github.com/containerd/containerd), [kubelet](https://kubernetes.io/docs/admin/kubelet), and [kube-proxy](https://kubernetes.io/docs/concepts/cluster-administration/proxies). ## Prerequisites The commands in this lab must be run on each worker instance: `worker-0`, `worker-1`, and `worker-2`. Login to each worker instance using the `gcloud` command. Example: ``` gcloud compute ssh worker-0 ``` ### Running commands in parallel with tmux [tmux](https://github.com/tmux/tmux/wiki) can be used to run commands on multiple compute instances at the same time. See the [Running commands in parallel with tmux](01-prerequisites.md#running-commands-in-parallel-with-tmux) section in the Prerequisites lab. ## Provisioning a Kubernetes Worker Node Install the OS dependencies: ``` { sudo apt-get update sudo apt-get -y install socat conntrack ipset } ``` > The socat binary enables support for the `kubectl port-forward` command. ### Disable Swap By default the kubelet will fail to start if [swap](https://help.ubuntu.com/community/SwapFaq) is enabled. It is [recommended](https://github.com/kubernetes/kubernetes/issues/7294) that swap be disabled to ensure Kubernetes can provide proper resource allocation and quality of service. Verify if swap is enabled: ``` sudo swapon --show ``` If output is empty then swap is not enabled. If swap is enabled run the following command to disable swap immediately: ``` sudo swapoff -a ``` > To ensure swap remains off after reboot consult your Linux distro documentation. ### Download and Install Worker Binaries ``` wget -q --show-progress --https-only --timestamping \ https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.18.0/crictl-v1.18.0-linux-amd64.tar.gz \ https://github.com/opencontainers/runc/releases/download/v1.0.0-rc91/runc.amd64 \ https://github.com/containernetworking/plugins/releases/download/v0.8.6/cni-plugins-linux-amd64-v0.8.6.tgz \ https://github.com/containerd/containerd/releases/download/v1.3.6/containerd-1.3.6-linux-amd64.tar.gz \ https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubectl \ https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kube-proxy \ https://storage.googleapis.com/kubernetes-release/release/v1.18.6/bin/linux/amd64/kubelet ``` Create the installation directories: ``` sudo mkdir -p \ /etc/cni/net.d \ /opt/cni/bin \ /var/lib/kubelet \ /var/lib/kube-proxy \ /var/lib/kubernetes \ /var/run/kubernetes ``` Install the worker binaries: ``` { mkdir containerd tar -xvf crictl-v1.18.0-linux-amd64.tar.gz tar -xvf containerd-1.3.6-linux-amd64.tar.gz -C containerd sudo tar -xvf cni-plugins-linux-amd64-v0.8.6.tgz -C /opt/cni/bin/ sudo mv runc.amd64 runc chmod +x crictl kubectl kube-proxy kubelet runc sudo mv crictl kubectl kube-proxy kubelet runc /usr/local/bin/ sudo mv containerd/bin/* /bin/ } ``` ### Configure CNI Networking Retrieve the Pod CIDR range for the current compute instance: ``` POD_CIDR=$(curl -s -H "Metadata-Flavor: Google" \ http://metadata.google.internal/computeMetadata/v1/instance/attributes/pod-cidr) ``` Create the `bridge` network configuration file: ``` cat < The `resolvConf` configuration is used to avoid loops when using CoreDNS for service discovery on systems running `systemd-resolved`. Create the `kubelet.service` systemd unit file: ``` cat < Remember to run the above commands on each worker node: `worker-0`, `worker-1`, and `worker-2`. ## Verification > The compute instances created in this tutorial will not have permission to complete this section. **Run the following commands from the same machine used to create the compute instances**. List the registered Kubernetes nodes: ``` gcloud compute ssh controller-0 \ --command "kubectl get nodes --kubeconfig admin.kubeconfig" ``` > output ``` NAME STATUS ROLES AGE VERSION worker-0 Ready 24s v1.18.6 worker-1 Ready 24s v1.18.6 worker-2 Ready 24s v1.18.6 ``` Next: [Configuring kubectl for Remote Access](10-configuring-kubectl.md)