Install Kubernetes v1.18.8 on CentOS: Ingress, Dashboard, Helm Guide

Preface

Kubernetes (k8s) is an open‑source container orchestration engine for automated deployment, scaling, and management of containerized applications. This article shares the installation of k8s v1.18.8, its dashboard, monitoring, service deployment, and Ingress‑Nginx load balancing practice.

VM Preparation

Host: Windows 10

Virtualization tool: Hyper‑V 10.0.19041.1

VM Linux OS: CentOS 8.5

Installed software: docker (v2.21.0) and docker‑compose (24.0.6)

IP and hostname mapping

192.168.123.100 master
192.168.123.101 worker01
192.168.123.102 worker02

Set static IP on CentOS 8.5

Edit vi /etc/sysconfig/network-scripts/ifcfg-eth0 to configure IP and gateway.

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=eth0
DEVICE=eth0
ONBOOT=yes
PREFIX=24
IPV6_PRIVACY=no
BOOTPROTO=static
IPADDR=192.168.123.100
GATEWAY=192.168.123.1

Check network connectivity

Test DNS resolution with curl http://mirrors.aliyun.com and verify /etc/resolv.conf contains a valid nameserver.

nameserver 192.168.123.1

Set hostname

View current hostname: hostnamectl Set hostname: hostnamectl set-hostname master (repeat for worker01 and worker02).

# hostnamectl --static
master
# hostnamectl set-hostname worker01
# hostnamectl set-hostname worker02

Ensure unique MAC addresses

PowerShell can display VM MAC addresses; Hyper‑V generates unique MACs automatically.

ip link show dev eth0

Ensure unique product_uuid

sudo cat /sys/class/dmi/id/product_uuid

If duplicated, modify via PowerShell after shutting down the VM.

Get-VM "k8s-master" | % { (gwmi -Namespace root\virtualization\v2 -Class msvm_computersystem -Filter ('ElementName="{0}"' -f $_.Name)).GetRelated('msvm_virtualsystemsettingdata') | select BIOSGUID }

Ensure unique machine ID

sudo cp /etc/machine-id /etc/machine-id.backup
sudo rm /etc/machine-id
sudo systemd-machine-id-setup
cat /etc/machine-id

Check port usage

ss -tuln | grep -E "6443|2379|2380|10250|10259|10257|30000-32767"

No ports are occupied.

Install K8S v1.18.8

Why use v1.18.8 in 2023? The company requires this version.

Node initialization

Target nodes: master, worker01, worker02

Disable firewall: systemctl stop firewalld && systemctl disable firewalld Disable swap: swapoff -a && sed -ri 's/.*swap.*/#&/' /etc/fstab Set SELinux to permissive:

setenforce 0 && sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

Enable bridge traffic for iptables:

cat > /etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

Add Alibaba Cloud yum repo for Kubernetes:

cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=0
repo_gpgcheck=0
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

Install kubeadm, kubelet, kubectl

yum install -y kubeadm-1.18.8 kubelet-1.18.8 kubectl-1.18.8 ipvsadm
systemctl enable --now kubelet

Verify installation:

kubelet --version
kubeadm version
kubectl version --client

Install container runtime

Docker 24.x is used (containerd as default runtime).

curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
rm -f /etc/yum.repos.d/CentOS-Linux-AppStream.repo /etc/yum.repos.d/CentOS-Linux-BaseOS.repo
dnf clean all
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce-3:24.0.0-1.el8 docker-ce-cli-1:24.0.6-1.el8 containerd.io docker-buildx-plugin docker-compose-plugin

Configure /etc/hosts on all nodes

cat >> /etc/hosts <<EOF
192.168.123.100 master
192.168.123.101 worker01
192.168.123.102 worker02
EOF

Initialize the cluster

kubeadm init \
  --apiserver-advertise-address=192.168.123.100 \
  --image-repository=registry.aliyuncs.com/google_containers \
  --kubernetes-version=v1.18.8 \
  --service-cidr=10.10.0.0/16 \
  --pod-network-cidr=10.244.0.0/16 \
  --ignore-preflight-errors=all

After successful init, copy the admin kubeconfig:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Result screenshot omitted.

Install flannel network plugin

kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml --insecure-skip-tls-verify

Join worker nodes

kubeadm join 192.168.123.100:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>

If the token expires, regenerate with kubeadm token create --print-join-command.

Install Kubernetes Dashboard v2.0.3

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.3/aio/deploy/recommended.yaml

Create admin ServiceAccount and ClusterRoleBinding:

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin
  namespace: kubernetes-dashboard
EOF

cat <<EOF | kubectl apply -f -
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin
  namespace: kubernetes-dashboard
EOF

Retrieve login token:

kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-token | awk '{print $1}')

Expose Dashboard via NodePort:

kubectl patch svc kubernetes-dashboard -n kubernetes-dashboard -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30001}]}}'

Access with https://192.168.123.102:30001/ using the token.

Install Metrics Server v0.3.7

kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/download/v0.3.7/components.yaml

Modify the deployment to use Alibaba Cloud registry and add insecure TLS flag:

spec:
  containers:
  - name: metrics-server
    image: registry.aliyuncs.com/google_containers/metrics-server:v0.3.7
    command:
    - /metrics-server
    - --kubelet-insecure-tls
    - --kubelet-preferred-address-types=InternalDNS,InternalIP,ExternalDNS,ExternalIP,Hostname

Deploy:

cd /app/k8s/
kubectl apply -f metrics-server-0.3.7/deploy/1.8+/

Verify with kubectl top node and kubectl top pod -A.

Install Helm v3.13.1

curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

Verify version and add repositories as needed.

Deploy services on the K8S cluster

Common commands

Deploy: kubectl apply -f <filename>.yml List ReplicaSets: kubectl get replicasets Describe Deployment: kubectl describe deployments my-nginx List Services:

kubectl get services my-nginx-service

Deploy a simple Nginx service

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  replicas: 2
  selector:
    matchLabels:
      app: my-nginx
  template:
    metadata:
      labels:
        app: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx:latest
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-nginx-service
spec:
  selector:
    app: my-nginx
  type: NodePort
  ports:
  - protocol: TCP
    port: 80
    targetPort: 80
    nodePort: 30080

Apply with kubectl apply -f nginx.yml and access via node IP and port 30080.

Install Ingress‑Nginx v3.41

Preparation

helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
kubectl create namespace ingress-nginx

Installation

helm install ingress-nginx ingress-nginx/ingress-nginx \
  --namespace ingress-nginx \
  --version 3.41.0 \
  --set controller.image.repository=registry.aliyuncs.com/google_containers/nginx-ingress-controller

If the image cannot be pulled, uninstall and reinstall with the above image repository.

Configure for LAN usage

Set dnsPolicy: ClusterFirstWithHostNet Enable hostNetwork: true in the ingress-nginx-controller deployment.

Create an Ingress resource

apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: ingress-nginx-test
  namespace: default
spec:
  rules:
  - host: nginx.k8stest.com
    http:
      paths:
      - backend:
          serviceName: my-nginx-service
          servicePort: 80

Add 192.168.123.102 nginx.k8stest.com to the hosts file on client machines and flush DNS cache. Access the service via the domain name; requests are load‑balanced across the Nginx pods.

Troubleshooting notes

Yum failures due to DNS can be fixed by setting a valid nameserver in /etc/resolv.conf (e.g., nameserver 192.168.123.1).

When using Alibaba Cloud mirrors, ensure image references use registry.aliyuncs.com/google_containers/….

Helm install of ingress‑nginx may fail if the image cannot be pulled; specify the image repository as shown above.

After completing all steps, a functional Kubernetes v1.18.8 cluster with networking, monitoring, dashboard, Helm, and Ingress is ready for use.