Skip to content

📝 Author

Birat Aryalbirataryal.github.io Created Date: 2026-03-10
Updated Date: Tuesday 10th March 2026 22:33:07
Website - birataryal.com.np
Repository - Birat Aryal
LinkedIn - Birat Aryal
DevSecOps Engineer | System Engineer | Cyber Security Analyst | Network Engineer

Pre-requisites

Warning

  1. Cloud-init installed
  2. Network Manager Installed
  3. Containerd installed
  4. kubeadm, kubelet, kubectl installed
  5. br_netfilter, overlay modules enabled
  6. swap disabled
  7. selinux permissive or disabled
  8. vm-tools installed

Template Resource Definition

S.No. CPU RAM HDD Remarks
1. 2 vCPU 4 GB 25GB This is the minimal template which would be used later on for updating the clustering

Note

The resources configured on this template would be increased later on while configuring the cluster. Clusterctl Generation Command

Installation Steps

Basic Packages Installation & Configuration

Bash
yum update -y
yum install -y vim git mtr epel-release open-vm-tools curl wget iputils net-tools
hostnamectl set-hostname clustertemplate
timedatectl set-timezone Asia/Kathmandu # or use the ntp to sync time.

Cloud init Installation

Bash
yum install -y cloud-init cloud-utils-growpart gdisk jq

Start all the services:

Bash
systemctl enable cloud-init-local.service
systemctl enable cloud-init.service
systemctl enable cloud-config.service
systemctl enable cloud-final.service
systemctl start cloud-init.service
systemctl start cloud-init-local.service
systemctl start cloud-config.service
systemctl start cloud-final.service

Configure the cloud init vmware booting process

Bash
sudo tee /etc/cloud/cloud.cfg.d/99-vmware.cfg >/dev/null <<'EOF'
datasource_list: [ Vmware, OVF, NoCloud, ConfigureDrive, None ]
EOF

Network manager enabled

Bash
systemctl enable --now NetworkManager

Containerd Installed

Bash
sudo yum config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y containerd.io docker-buildx-plugin
sudo systemctl enable --now docker
sudo systemctl status docker
sudo systemctl enable --now containerd
sudo mkdir -p /etc/containerd
sudo containerd config default | sudo tee /etc/containerd/config.toml >/dev/null

VMWare Tools configurations

Bash
yum install -y open-vm-tools 
systemctl enable --now vmtoolsd
systemctl status vmtoolsd

Kubernetes Packages installed:

Bash
sudo tee /etc/yum.repos.d/kubernetes.repo >/dev/null <<'EOF'
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v1.33/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v1.33/rpm/repodata/repomd.xml.key
EOF
sudo yum install -y kubelet kubeadm kubectl
sudo systemctl enable kubelet

Switch to systemd cgroup driver

Bash
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml

sudo systemctl restart containerd

Kernel Sysctl update

Bash
sudo tee /etc/sysctl.d/99-kubernetes-cri.conf >/dev/null <<'EOF'
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF
sudo sysctl --system

Firewalld configuration

Bash
sudo systemctl is-active firewalld
sudo systemctl disable --now firewalld

Note

Since we are disabling the firewalld now, we would enable the firewalld using the cloud-init later on while creating the cluster. Clusterctl Generation Command

Version lock the packages

Bash
yum install -y versionlock
yum versionlock kubectl kubeadm kubelet
yum versionlock list

Template Clean up and Verifications

Verifications

Bash
lsmod | egrep 'br_netfilter|overlay'
containerd --version
kubeadm version
kubelet --version
cloud-init --version
systemctl is-enabled cloud-init cloud-final kubelet containerd

Final Cleanup

Bash
sudo systemctl-reload-machine-id
sudo systemctl stop kubelet 2>/dev/null || true
sudo cloud-init clean --logs
sudo rm -rf /var/lib/cloud/*
sudo rm -f /etc/ssh/ssh_host_*
sudo rm -f /etc/machine-id
sudo truncate -s 0 /var/log/wtmp /var/log/btmp || true
sudo sync
sudo poweroff