BestHub
Sign in
Cloud Native 21 min read

Step-by-Step Guide to Building a Kubernetes Cluster on CentOS 7

This comprehensive tutorial walks through preparing a CentOS 7 host, configuring hostnames, disabling swap and firewalls, installing Docker and Kubernetes components with kubeadm, setting up the master and worker nodes, deploying the flannel network plugin, testing with nginx, and installing the Kubernetes dashboard, all with detailed commands and troubleshooting tips.

360 Tech Engineering
360 Tech Engineering
360 Tech Engineering
Step-by-Step Guide to Building a Kubernetes Cluster on CentOS 7

Environment requirements

A compatible Linux host (Debian or Red Hat based).

2 GB+ RAM per machine.

2 CPUs or more.

Full network connectivity between all machines.

Unique hostname, MAC address, and product_uuid for each node.

Required ports open (see linked documentation).

Swap must be disabled for kubelet to work.

System environment (2 CPU, 4 GB RAM): CentOS 7. Master node IP: 10.229.1.168, node1 IP: 10.229.3.251. All operations are performed as root.

Change hostnames

# master node set hostname
hostnamectl set-hostname k8s-master
# node1 set hostname
hostnamectl set-hostname k8s-node1
# add hosts entries
cat >>/etc/hosts <<EOF
10.229.1.168 k8s-master
10.229.3.251 k8s-node1
EOF

Disable firewall, SELinux, and swap on all nodes

# disable firewall
systemctl status firewalld && systemctl stop firewalld && systemctl disable firewalld
# disable SELinux permanently
sed -i 's/enforcing/disabled/' /etc/selinux/config
setenforce 0
# disable swap temporarily and permanently
swapoff -a
vim /etc/fstab   # remove or comment out the swap line

Pass bridge IPv4 traffic to iptables

# create sysctl config
cat >/etc/sysctl.d/k8s.conf <<EOF
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
sysctl --system

Use Alibaba Cloud yum repository for Kubernetes

# create repo file
cat > /etc/yum.repos.d/kubernetes.repo <<EOF
[kubernetes]
name=Kubernetes
baseurl=https://mirrors.aliyun.com/kubernetes/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://mirrors.aliyun.com/kubernetes/yum/doc/yum-key.gpg https://mirrors.aliyun.com/kubernetes/yum/doc/rpm-package-key.gpg
EOF

Install Docker and Kubernetes binaries

# install Docker
yum -y install docker
systemctl enable docker && systemctl start docker
docker -v
# configure Docker registry mirror
cat > /etc/docker/daemon.json <<EOF
{
  "registry-mirrors": ["https://qnaf9aj5.mirror.aliyuncs.com"]
}
EOF
systemctl restart docker
# install kubeadm, kubelet, kubectl
yum install -y kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet

Master node installation

# initialize the control plane (may need to pull images manually)
kubeadm init --pod-network-cidr 10.244.0.0/16 --kubernetes-version latest
# list required images
kubeadm config images list
# if images fail to pull, pull them manually and retag
docker pull registry.aliyuncs.com/google_containers/kube-apiserver:v1.22.1 && \
... (additional docker pull commands) ...
# retag images to official names
docker tag registry.aliyuncs.com/google_containers/kube-apiserver:v1.22.1 k8s.gcr.io/kube-apiserver:v1.22.1 && \
... (additional docker tag commands) ...
# remove the temporary images
docker rmi registry.aliyuncs.com/google_containers/kube-apiserver:v1.22.1 ...
# verify images
docker images
# re‑run init if needed
kubeadm init --pod-network-cidr 10.244.0.0/16 --kubernetes-version latest

After successful init, run as a regular user:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Or as root: export KUBECONFIG=/etc/kubernetes/admin.conf Check node status (will show NotReady until a network plugin is installed). kubectl get nodes Worker node (node1) installation

# pull required images on node1
docker pull registry.aliyuncs.com/google_containers/kube-proxy:v1.22.1 && \
... (additional pulls) ...
# join the cluster
kubeadm join 172.16.1.197:6443 --token ebi9py.oz4hmt72yk1wlvoe \
  --discovery-token-ca-cert-hash sha256:9990f921f6c66423fc097f81f2c4d5f2b851dc906cbce966db99de73dbce793b

If the join fails due to missing kubeconfig, copy it from the master:

scp root@k8s-master:/etc/kubernetes/admin.conf /etc/kubernetes/admin.conf
export KUBECONFIG=/etc/kubernetes/admin.conf

Install flannel network plugin

# download flannel manifest
wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# apply the manifest
kubectl apply -f kube-flannel.yml
# verify pods
kubectl get pods -n kube-system -o wide

If images cannot be pulled, manually download and load the flannel image:

# download flannel docker image
wget https://github.com/flannel-io/flannel/releases/download/v0.14.0/flanneld-v0.14.0-amd64.docker
# load into Docker and retag
docker load < flanneld-v0.14.0-amd64.docker && \
 docker tag quay.io/coreos/flannel:v0.14.0-amd64 quay.io/coreos/flannel:v0.14.0 && \
 docker rmi quay.io/coreos/flannel:v0.14.0-amd64
# reinstall
kubectl delete -f kube-flannel.yml
kubectl apply -f kube-flannel.yml

Cluster health checks

# component status
kubectl get cs
# configmaps
kubectl get configmap -n kube-system
# certificate expiration
kubeadm certs check-expiration
# generate join token
kubeadm token create --print-join-command

Cluster testing – nginx deployment

# create deployment and expose
kubectl create deployment nginx-deploy --image=nginx
kubectl expose deployment nginx-deploy --port=80 --type=NodePort
# get service details
kubectl get pod,svc
# test with curl
curl 172.16.0.188:32353

Install Kubernetes Dashboard

# apply dashboard manifest
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.3.1/aio/deploy/recommended.yaml
# expose via NodePort 30001
kubectl patch svc kubernetes-dashboard -n kubernetes-dashboard -p '{"spec":{"type":"NodePort","ports":[{"port":443,"targetPort":8443,"nodePort":30001}]}}'
# create admin user
cat > dashboard-adminuser.yaml <<EOF
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard
EOF
kubectl apply -f dashboard-adminuser.yaml
# retrieve token
kubectl -n kubernetes-dashboard describe secret $(kubectl -n kubernetes-dashboard get secret | grep admin-user | awk '{print $1}')

Access the dashboard at https://10.229.1.168:30001 (ignore the browser warning by typing thisisunsafe), log in with the retrieved token, and explore the UI.

Reference links:

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/

https://blog.csdn.net/flying_monkey_1/article/details/118701275

https://blog.csdn.net/weixin_40039683/article/details/112886735

https://github.com/kubernetes/dashboard/releases

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

KubernetesDashboardCentOSFlannelkubeadm
360 Tech Engineering
Written by

360 Tech Engineering

Official tech channel of 360, building the most professional technology aggregation platform for the brand.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment