I like using RKE to build, destroy, update, upgrade k8s clusters. I have come to understand that there are a lot of small but very impactful things we need to take care of it. If I forget this is what I will come back to check
- Create a separate user for RKE (let us say the user is rke) and use the ssh keyfile for authentication
- Install docker using the official docker package from docker.io as per their documentation
https://docs.docker.com/engine/install/ubuntu/ - Disable docker apt repository so that when you install updates to the system, the node won't update to the latest docker version and thus breaking your cluster. On ubuntu 18 I first checked the apt repositories list
cat /etc/apt/sources.list | grep docker
# deb-src [arch=amd64] https://download.docker.com/linux/ubuntu bionic stablerke@build-hq-45:~$ sudo apt list upradeapt list --upgradable^C
1. Uninstall existing docker sudo apt-get remove
docker docker-engine docker.io containerd runc
2. sudo apt-get install -y \
apt-transport-https \
ca-certificates \
curl \
gnupg-agent \
software-properties-common
3. curl -fsSL https://get.docker.com -o get-docker.sh
4. chmod +x *.sh
5. sudo sh get-docker.sh
6. Uninstall again sudo apt-get remove docker docker-ce docker-engine docker.io containerd runc
The script has updated the docker apt repository and
installed the latest docker version too. We want to retain the repository
source but install a specific version of docker.
7.
sudo apt-get purge docker-ce docker-ce-cli containerd.io
8. sudo apt-get update
9. apt-cache madison docker-ce (list all versions)
10. DOCKER_VERSION="5:19.03.14~3-0~ubuntu-bionic"
[we just want docker version 19 since that is what is compatible with out rke
and k8s 1.18…]
11. sudo chmod 777 /var/run/docker.sock && sudo chown rke /var/run/docker.sock
12. sudo usermod -aG docker rke && sudo usermod -aG rke
13. edit /etc/ssh/sshd_config and AllowTcpForwarding yes