DevOps · K8s · Volleyball · Travel  •  DevOps · K8s · Volleyball · Travel  •  DevOps · K8s · Volleyball · Travel
Explore NY Stream

Install Kubernetes on CentOS 7 with kubeadm: Step by Step

— ny_wk

Install Kubernetes on CentOS 7 with kubeadm: Step by Step

Setting up a single-master, multi-node Kubernetes cluster with kubeadm is the standard way to get a real cluster for learning, QA, or development. This works on VMs (VirtualBox, VMware, Nutanix) and cloud instances alike. Run everything as root unless noted, and do the prep on every node first.

Prerequisites (on all nodes)

  • Set hostnames for master and workers, and make sure they resolve — add entries to /etc/hosts if you have no DNS.
  • Disable swap: swapoff -a and remove the swap line from /etc/fstab (kubelet refuses to start with swap on).
  • Open the firewall ports or disable it for testing: API server 6443, etcd 2379-2380, kubelet 10250, NodePort range 30000-32767; workers need 10250 + the NodePort range.
  • Load kernel modules + sysctl: enable br_netfilter and set net.bridge.bridge-nf-call-iptables=1 so pod networking works.

Step 1 — Install a container runtime + kube tools

Install Docker (or containerd), then add the Kubernetes repo and install the trio on every node:

yum install -y kubelet kubeadm kubectlsystemctl enable --now kubelet

Step 2 — Initialize the master

On the master only:

kubeadm init --pod-network-cidr=10.244.0.0/16

(The CIDR must match your chosen network plugin — this one fits Flannel.) When it finishes, it prints a kubeadm join command — save it for the workers.

Step 3 — Set up kubectl access

As your user on the master:

mkdir -p $HOME/.kube && cp /etc/kubernetes/admin.conf $HOME/.kube/config && chown $(id -u):$(id -g) $HOME/.kube/config

Step 4 — Install a pod network (CNI)

Nodes stay NotReady until you add a network plugin. Apply one (e.g., Flannel or Calico):

kubectl apply -f <cni-manifest-url>

Within a minute the master should report Ready.

Step 5 — Join the worker nodes

On each worker, run the saved join command:

kubeadm join <master-ip>:6443 --token <token> --discovery-token-ca-cert-hash sha256:<hash>

Back on the master, kubectl get nodes should list every node as Ready.

Key takeaways

  • Prep every node: hostnames, swap off, firewall ports, bridge sysctl.
  • kubeadm init sets up the master and prints the join command.
  • Copy admin.conf to ~/.kube/config for kubectl.
  • Apply a CNI plugin (nodes are NotReady until you do), then join workers.

Frequently asked questions

Why must I disable swap?

The kubelet by default refuses to run with swap enabled, to keep memory accounting predictable.

My nodes are stuck NotReady — why?

You haven't installed a pod network (CNI) yet. Apply Flannel/Calico and they go Ready.

Where do I get the join token again?

On the master: kubeadm token create --print-join-command regenerates it.

Does the pod-network-cidr matter?

Yes — it must match what your CNI expects (e.g., 10.244.0.0/16 for Flannel).

Prep, kubeadm init, add a CNI, join the workers — that's a working CentOS 7 Kubernetes cluster from scratch.