Appearance
Lab Setup: Ubuntu 24.04 Cluster
Building a cluster from scratch gives you the deepest understanding of the components. This script automates the tedious "Prerequisites" phase so you can focus on the Kubeadm join process.
1. The "Prepare Node" Script
Run this on ALL nodes (Master and Workers). It installs Containerd, Kubeadm, and Kubelet.
Filename: setup-k8s-ubuntu24.sh
bash
#!/bin/bash
set -e
# 1. Disable Swap
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# 2. Kernel Modules
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
sudo modprobe overlay
sudo modprobe br_netfilter
# 3. Sysctl Params
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
# 4. Install Containerd
sudo apt-get update
sudo apt-get install -y ca-certificates curl gnupg
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg
echo \
"deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
"$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install -y containerd.io
# 5. Configure Containerd Cgroup Driver
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml >/dev/null
# Set SystemdCgroup = true
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml
sudo systemctl restart containerd
# 6. Install Kubeadm, Kubelet, Kubectl (v1.30)
# Note: Adjust version v1.30 to latest needed
sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.30/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl2. Initialize Master (Run on Master ONLY)
bash
sudo kubeadm init --pod-network-cidr=10.244.0.0/16Use the outputted kubeadm join command on your workers.
3. Networking (CNI Choice)
You must install ONE Container Network Interface (CNI). Run one of the following on the Master node.
Option A: Flannel (Simple, Layer 3 VXLAN)
Use Flannel if you just want a working cluster in 30 seconds and don't care about advanced security policies or observability.
bash
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.ymlOption B: Cilium (eBPF Powerhouse)
Use Cilium if you want to learn modern networking, observability (Hubble), or need robust NetworkPolicies.
bash
# 1. Install Cilium CLI
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/master/stable.txt)
CLI_ARCH=amd64
if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi
curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin
rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
# 2. Install Cilium Chart
cilium install --version 1.15.1Which one should I choose?
| Feature | Flannel | Cilium |
|---|---|---|
| Technology | iptables & VXLAN | eBPF (Kernel Bylaws) |
| Performance | Good enough for labs | High-scale, low latency |
| NetworkPolicy | Not supported natively | Fully supported (L3/L4/L7) |
| Complexity | Extremely Low (1 YAML) | Moderate (Requires Kernel 5.8+) |
| Vibe | "It works." | "I am an Engineer." |