Diagram showing the deployment of a Kubernetes cluster on Rocky Linux 9.

Deploy a Kubernetes Cluster on Rocky Linux 9 with containerd: Complete Guide

Byluissb94

If you’re looking to deploy Kubernetes on Rocky Linux 9 with containerd, this guide walks you through the full process from system setup to cluster verification. You’ll learn how to build a Kubernetes cluster on Rocky Linux 9 using kubeadm and containerd, with real-world troubleshooting insights for a smoother experience.

Setting up a Kubernetes cluster on Rocky Linux 9 is a great choice for building a robust container orchestration environment. In this comprehensive tutorial, you’ll learn how to deploy a production-ready Kubernetes cluster using kubeadm and containerd, including key troubleshooting insights based on real deployment experiences.

Requirements for Kubernetes on Rocky Linux

  • Three Rocky Linux 9 servers (1 control-plane, 2 workers)
    • ⚠️ For production environments, it is recommended to have at least three control-plane nodes for high availability.
  • Root or sudo access
  • Internet connectivity. Or use our guide for SSH tunnel.

Step 1: Prepare Your System

Update the System

dnf update -y

Set a Unique Hostname

hostnamectl set-hostname <node-name>

Add Hostname to /etc/hosts

echo "127.0.0.1 $(hostname)" >> /etc/hosts

Disable SELinux

setenforce 0
sed -i 's/^SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config

Disable Swap

swapoff -a
sed -i '/ swap / s/^/#/' /etc/fstab

Enable Kernel Modules and Networking Settings

modprobe br_netfilter

cat <<EOF | tee /etc/modules-load.d/k8s.conf
br_netfilter
EOF

cat <<EOF | tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF

sysctl --system

Step 2: Install containerd

Install and configure containerd. You can use Docker official repository.

dnf install -y containerd
mkdir -p /etc/containerd
containerd config default | tee /etc/containerd/config.toml

Edit /etc/containerd/config.toml and enable systemd cgroups:

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options]
SystemdCgroup = true

Start and enable containerd:

systemctl enable --now containerd

Step 3: Install Kubernetes Components

Add the Kubernetes Repository

cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes 
baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
enabled=1
gpgcheck=1 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key 
EOF

Install kubelet, kubeadm, kubectl

dnf install -y kubelet kubeadm kubectl
systemctl enable kubelet

Step 4: Initialize the Control-Plane Node

On your designated master node:

We specify --pod-network-cidr=10.244.0.0/16 because this is the default subnet used by Flannel, a simple and lightweight CNI (Container Network Interface) plugin. If you’re planning to use a different CNI, like Calico, you may need to use a different subnet (e.g., 192.168.0.0/16) or none at all depending on its configuration.

kubeadm init \
  --pod-network-cidr=10.244.0.0/16 \
  --apiserver-advertise-address=<MASTER_IP>

Configure kubectl access:

Without this step, the kubectl command will not work because it won’t know how to authenticate against the Kubernetes API server. The file admin.conf contains the credentials and certificate data needed for access.

mkdir -p $HOME/.kube
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
chown $(id -u):$(id -g) $HOME/.kube/config

Step 5: Set Up Pod Networking with Flannel

Flannel is a basic and easy-to-deploy CNI plugin, ideal for development and small clusters. It enables simple L3 network connectivity between pods.

Flannel vs Calico (Quick Summary):

  • Flannel: Provides basic pod-to-pod communication (Layer 3 only). No native network policies.
  • Calico: More advanced. Supports network policies, better scalability, and optional encryption with WireGuard.

Apply the Flannel CNI plugin:

kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/master/Documentation/kube-flannel.yml

Step 6: Join Worker Nodes to the Cluster

From the control-plane node, get the join command:

kubeadm token create --print-join-command

#Example output:

kubeadm join MASTER_IP:6443 --token 0iax3l.5xa5l61mspqet --discovery-token-ca-cert-hash sha256:5660b8sfak43e56sf3dpi13jdd1d4ecde06d55bfed842g3mf1d793daeb9549f4ba3

Run the output on each worker node to join the cluster.

Step 7: Verify Your Kubernetes Cluster

On the control-plane node:

kubectl get nodes

NAME              STATUS   ROLES           AGE   VERSION
vm-ctrl-plane     Ready    control-plane   22h   v1.29.15
vm-worker-1       Ready    <none>          22h   v1.29.15
vm-worker-2       Ready    <none>          22h   v1.29.15

You should see your master and workers in Ready state.

Final Tips for Running Kubernetes on Rocky Linux 9 with containerd

  • Ensure ip_forward and br_netfilter are active for networking to work.
  • containerd is the preferred runtime for modern Kubernetes clusters.
  • Troubleshoot stuck pods (Pending) by checking CNI plugin status.

By following this tutorial, you’ll have a clean and stable Kubernetes environment running on Rocky Linux 9 with containerd. Perfect for learning, testing, or building production-grade workloads.