Kubernetes Node Prerequisites Guide

This guide covers the detailed prerequisites for preparing machines to serve as Kubernetes nodes, whether as control plane (master) nodes or worker nodes.

Hardware Requirements

Minimum Requirements

Control Plane Nodes:

• 2 CPU cores
• 4 GB RAM
• 50 GB storage (SSD recommended)

Worker Nodes:

• 2 CPU cores
• 2 GB RAM
• 20 GB storage

Production Recommendations

Control Plane Nodes:

• 4+ CPU cores
• 8+ GB RAM
• 100+ GB SSD storage
• Redundant power and networking

Worker Nodes: (scale based on workload requirements)

• 4+ CPU cores
• 8+ GB RAM
• 100+ GB storage
• Consider dedicated storage for container images

Operating System Setup

Recommended Operating Systems

• Ubuntu Server 20.04 LTS or 22.04 LTS (preferred)
• CentOS/RHEL 8+
• Debian 11+

Base OS Installation Guidelines

# After OS installation, ensure system is updated
sudo apt update && sudo apt upgrade -y   # For Ubuntu/Debian
# or
sudo yum update -y                       # For CentOS/RHEL

User Configuration

Create a non-root user with sudo privileges:

# Create user
sudo adduser kube-admin

# Add to sudo group
sudo usermod -aG sudo kube-admin

# Switch to the new user
su - kube-admin

Network Configuration

Hostname Setup

Each node must have a unique hostname:

# Set hostname
sudo hostnamectl set-hostname k8s-master01  # for control plane
# or
sudo hostnamectl set-hostname k8s-worker01  # for worker

# Verify
hostname

Static IP Configuration

Configure static IP addresses to prevent networking issues:

Ubuntu/Debian - Edit /etc/netplan/01-netcfg.yaml:

network:
  version: 2
  renderer: networkd
  ethernets:
    ens33: # Your interface name may differ
      addresses:
        - 192.168.1.101/24 # Your IP/subnet
      gateway4: 192.168.1.1 # Your gateway
      nameservers:
        addresses: [8.8.8.8, 8.8.4.4]

Apply the configuration:

sudo netplan apply

Required Open Ports

Ensure these ports are open on your firewall:

Control Plane Nodes:

# Required for Kubernetes API server
sudo ufw allow 6443/tcp

# etcd server client API
sudo ufw allow 2379:2380/tcp

# Kubelet API, kube-scheduler, kube-controller-manager
sudo ufw allow 10250/tcp
sudo ufw allow 10259/tcp
sudo ufw allow 10257/tcp

# Optional: NodePort Services
sudo ufw allow 30000:32767/tcp

Worker Nodes:

# Kubelet API
sudo ufw allow 10250/tcp

# NodePort Services
sudo ufw allow 30000:32767/tcp

System Configuration

Disable Swap (Critical)

Kubernetes requires swap to be disabled:

# Disable swap immediately
sudo swapoff -a

# Disable swap permanently by commenting out swap entries
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

# Verify swap is disabled
free -h  # Swap should show 0B

Configure Kernel Modules

Load required kernel modules:

# Create configuration file
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

# Load modules
sudo modprobe overlay
sudo modprobe br_netfilter

# Verify modules are loaded
lsmod | grep overlay
lsmod | grep br_netfilter

Configure Kernel Parameters

Set required sysctl parameters:

# Create sysctl configuration
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

# Apply settings
sudo sysctl --system

# Verify settings
sysctl net.bridge.bridge-nf-call-iptables net.bridge.bridge-nf-call-ip6tables net.ipv4.ip_forward

Configure /etc/hosts

Update the hosts file for internal cluster communication:

sudo tee -a /etc/hosts <<EOF
192.168.1.101 k8s-master01
192.168.1.102 k8s-worker01
192.168.1.103 k8s-worker02
EOF

Time Synchronization

Ensure time is synchronized across all nodes:

# Install NTP
sudo apt install -y ntp  # Ubuntu/Debian
# or
sudo yum install -y ntp  # CentOS/RHEL

# Enable and start the service
sudo systemctl enable ntp
sudo systemctl start ntp

# Check time synchronization status
ntpq -p

Container Runtime Prerequisites

Install and Configure containerd

# Install required packages
sudo apt install -y apt-transport-https ca-certificates curl gnupg lsb-release

# Add Docker's official GPG key
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

# Add Docker repository
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

# Install containerd
sudo apt update
sudo apt install -y containerd.io

# Configure containerd to use systemd as cgroup driver
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
sudo sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml

# Restart containerd
sudo systemctl restart containerd
sudo systemctl enable containerd

System Verification

Run these checks to verify your system is ready for Kubernetes:

# Verify CPU and memory
lscpu
free -h

# Verify unique system IDs
sudo cat /sys/class/dmi/id/product_uuid
ip link

# Verify kernel modules
lsmod | grep overlay
lsmod | grep br_netfilter

# Verify firewall status
sudo ufw status  # Ubuntu
# or
sudo firewall-cmd --list-all  # CentOS/RHEL

# Verify swap is disabled
free -h | grep -i swap

# Verify system time
date

Final Checklist

Before proceeding with Kubernetes installation, confirm:

✅ System meets or exceeds minimum hardware requirements
✅ Operating system is up-to-date
✅ Each node has a unique hostname and static IP
✅ Required network ports are open
✅ Swap is disabled
✅ Required kernel modules are loaded
✅ Kernel parameters are set correctly
✅ Hosts file is configured with all node IPs
✅ Time is synchronized across all nodes
✅ Container runtime is installed and properly configured

Next Steps

Once all prerequisites are met, proceed to Kubernetes Installation Guide to set up your Kubernetes cluster.

References

• Kubernetes Documentation - Before You Begin
• Container Runtimes
• Ports and Protocols