1 - Install control pane

Install the kubernetes control pane in an empty server
Published

April 17, 2026

Server setup was done in a server with the following specs:

Target system:

This guide sets up a minimal Kubernetes control plane using kubeadm.

Step 1 — System prep

Kubernetes needs a clean system:

  • swap must be disabled (scheduler breaks otherwise)
  • packages must be up to date

Update system

sudo apt-get update && sudo apt-get upgrade -y

Turn off swap

sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

# Verify swap is off (should return empty)
free -h | grep Swap

Step 2 — Kernel modules

Kubernetes networking relies on Linux kernel modules:

  • overlay → container networking
  • br_netfilter → bridge traffic filtering

default behaviour on boot

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF

do it for this session

sudo modprobe overlay
sudo modprobe br_netfilter

# Verify both loaded (should see both names)
lsmod | grep -E 'overlay|br_netfilter'

Step 3 — Network settings

Kubernetes needs the kernel to:

  • forward packets
  • allow bridged traffic to be processed by iptables
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF

Apply config

sudo sysctl --system

# Verify (should return 1 for each)
sysctl net.ipv4.ip_forward

Step 4 — Install containerd

Kubernetes doesn’t run Docker directly anymore. It uses: - containerd = lightweight runtime used by kubelet

sudo apt-get install -y containerd

Generate default config

sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml

Enable SystemdCgroup — required on Ubuntu 24.04

sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml

Restart and enable it

sudo systemctl restart containerd
sudo systemctl enable containerd

# Verify it's running
sudo systemctl status containerd

Step 5 — Install Kubernetes tools

What gets installed - kubeadm → cluster bootstrap tool - kubelet → node agent - kubectl → CLI tool

Add Kubernetes repo

sudo apt-get install -y apt-transport-https ca-certificates curl gpg

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg

echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

Install packages

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl

Prevent automatic version upgrades and verify install

# Lock versions so they don't auto-upgrade
sudo apt-mark hold kubelet kubeadm kubectl

# Verify
kubeadm version
kubectl version --client

Step 6 — Initialize the cluster

This creates the Kubernetes cluster:

  • API server
  • controller manager
  • scheduler
  • etcd (single-node setup)

Run initialization

This takes about 2 minutes. At the end you’ll see a kubeadm join … command — copy and save that somewhere, you’ll need it when setting up your worker node.

sudo kubeadm init --pod-network-cidr=10.244.0.0/16

Configure kubectl access

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

Step 7 — Install network plugin (Flannel)

Without a CNI plugin:

  • pods can’t talk to each other
  • cluster stays stuck in “NotReady”
kubectl apply -f https://github.com/flannel-io/flannel/releases/latest/download/kube-flannel.yml

Step 8 — Verify everything is healthy

Check nodes

kubectl get nodes

# Should show:
# NAME         STATUS   ROLES           AGE   VERSION
# your-host    Ready    control-plane   Xm    v1.29.x
kubectl get pods -A
# All pods should eventually be Running