Skip to main content

Kubernetes Cluster (kubeadm + Calico)

Standing up a 4-node Kubernetes cluster from scratch: node prep, containerd, kubeadm init and join, the Calico CNI via manifest, host firewall, and the control-plane taint.

Why kubeadm (and not k3s or a managed service)

There are easier ways to get a Kubernetes cluster. k3s is a single binary. A cloud provider will ...

Preparing the nodes

Before kubeadm will touch a machine, the machine has to be ready. The same prep runs on all four ...

Bootstrapping the control plane

With the master node prepped, one command brings the control plane to life: kubeadm init \ --ap...

Joining the workers (and the firewall that blocked them)

Each worker joins with the command kubeadm init printed: kubeadm join 10.100.100.7:6443 --token <...

The network layer: Calico, installed from a manifest

Kubernetes deliberately ships without a network. You choose a CNI plugin and install it. I used C...

Keeping workloads off the control plane

By default kubeadm puts a taint on the control-plane node: node-role.kubernetes.io/control-plane:...
Back to top