This document provides a step-by-step guide for setting up a local Kubernetes lab using MicroK8s on Ubuntu 24.04. It includes instructions for installing necessary components, enabling add-ons like DNS and Helm, deploying sample applications, and accessing the Kubernetes Dashboard. It also outlines file organization and usage of kubectl.
The guide walks through deploying a Kubernetes lab with MicroK8s, installing add-ons, and testing basic workloads. Key steps include cluster initialization, Helm usage, and dashboard access.
Kubernetes can be installed locally on a desktop mahcine. There are many ways to do this, but one of the most popular and easiest methods is to use MicroK8s. MicroK8s is a lightweight, production-grade Kubernetes distribution that can be installed on Linux systems, including Ubuntu. Other distructions are Minikube, K3s and kubeadm. These tools provide a simplified way to run Kubernetes clusters on local machines, making them ideal for development and testing purposes. Another popular distro is Docker Desktop/Rancher Desktop, it is good for Desktop users.
They all can be setup with a single-node cluster known as light-weight or a multi-node cluseter setup.
| Option | Best For | Key Features |
|---|---|---|
| Minikube | Beginners & quick testing | Runs locally, supports multiple drivers (Docker, KVM, etc.) |
| MicroK8s | Lightweight multi-node lab | Easy install via snap, supports add-ons like DNS, Helm |
| k3s | Resource-constrained setups | Minimal footprint, great for Raspberry Pi or old PCs |
| kubeadm | Full cluster experience | Manual setup, ideal for learning internals |
| Docker | Deskto/ Rancher Desktop | Desktop users Built-in Kubernetes support, GUI-based |
This section introduces the process of setting up a local Kubernetes cluster using MicroK8s, a lightweight, production-grade Kubernetes distribution. MicroK8s is ideal for development, testing, and learning Kubernetes concepts on your own machine.
1sudo apt update && sudo apt upgrade -y
2sudo snap install microk8s --classic
3sudo usermod -a -G microk8s $USER
4newgrp microk8s
These commands update the system, install MicroK8s, and add a` user to the microk8s group for proper permissions.
After installation, it’s important to verify that MicroK8s is running correctly and ready to use.
1$ microk8s status --wait-ready
2microk8s is running
3high-availability: no
4 datastore master nodes: 127.0.0.1:19001
5 datastore standby nodes: none
6addons:
7 enabled:
8 dns # (core) CoreDNS
9 ha-cluster # (core) Configure high availability on the current node
10 helm # (core) Helm - the package manager for Kubernetes
11 helm3 # (core) Helm 3 - the package manager for Kubernetes
12 disabled:
13 cert-manager # (core) Cloud native certificate management
14 cis-hardening # (core) Apply CIS K8s hardening
15 community # (core) The community addons repository
16 dashboard # (core) The Kubernetes dashboard
17 gpu # (core) Alias to nvidia add-on
18 host-access # (core) Allow Pods connecting to Host services smoothly
19 hostpath-storage # (core) Storage class; allocates storage from host directory
20 ingress # (core) Ingress controller for external access
21 kube-ovn # (core) An advanced network fabric for Kubernetes
22 mayastor # (core) OpenEBS MayaStor
23 metallb # (core) Loadbalancer for your Kubernetes cluster
24 metrics-server # (core) K8s Metrics Server for API access to service metrics
25 minio # (core) MinIO object storage
26 nvidia # (core) NVIDIA hardware (GPU and network) support
27 observability # (core) A lightweight observability stack for logs, traces and metrics
28 prometheus # (core) Prometheus operator for monitoring and logging
29 rbac # (core) Role-Based Access Control for authorisation
30 registry # (core) Private image registry exposed on localhost:32000
31 rook-ceph # (core) Distributed Ceph storage using Rook
32 storage # (core) Alias to hostpath-storage add-on, deprecated
This output shows the current state of MicroK8s, including enabled and disabled add-ons. Ensuring the cluster is running is essential before proceeding.
MicroK8s provides a set of commands to manage your Kubernetes cluster. Here are some common commands:
| Command | Description |
|---|---|
microk8s kubectl | Access the Kubernetes API using kubectl |
microk8s enable <addon> | Enable a specific add-on |
microk8s disable <addon> | Disable a specific add-on |
microk8s status | Check the status of the MicroK8s services |
microk8s inspect | Inspect the cluster for issues |
microk8s add-node | Add a new node to the MicroK8s cluster |
microk8s addons | List available add-ons |
microk8s config | Show kubeconfig for connecting to the cluster |
microk8s ctr | Interact with the container runtime (containerd) |
microk8s dashboard-proxy | Start a proxy to access the Kubernetes Dashboard |
microk8s dbctl | Manage the dqlite database for MicroK8s (HA setups) |
microk8s disable | Disable an add-on |
microk8s enable | Enable an add-on |
microk8s helm | Run Helm v2 commands |
microk8s helm3 | Run Helm v3 commands |
microk8s images | List images available in MicroK8s |
microk8s istioctl | Run Istio control commands |
microk8s join | Join a node to the MicroK8s cluster |
microk8s leave | Remove a node from the MicroK8s cluster |
microk8s linkerd | Run Linkerd service mesh commands |
microk8s refresh-certs | Refresh Kubernetes certificates |
microk8s remove-node | Remove a node from the cluster |
microk8s reset | Reset the MicroK8s cluster to a clean state |
microk8s start | Start MicroK8s services |
microk8s stop | Stop MicroK8s services |
microk8s version | Show the MicroK8s version |
microk8s inspect | Inspect the cluster for issues |
MicroK8s supports a variety of add-ons that extend its functionality. Enabling key add-ons like DNS, Dashboard, Helm, and Ingress provides essential services for real-world Kubernetes usage.
Enables critical services for real-world usage:
Run this command
1microk8s enable dns dashboard helm3 ingress
1microk8s enable dns dashboard helm3 ingress
2Infer repository core for addon dns
3Infer repository core for addon dashboard
4Infer repository core for addon helm3
5Infer repository core for addon ingress
6WARNING: Do not enable or disable multiple addons in one command.
7 This form of chained operations on addons will be DEPRECATED in the future.
8 Please, enable one addon at a time: 'microk8s enable <addon>'
9Addon core/dns is already enabled
10Enabling Kubernetes Dashboard
11Infer repository core for addon metrics-server
12Enabling Metrics-Server
13serviceaccount/metrics-server created
14clusterrole.rbac.authorization.k8s.io/system:aggregated-metrics-reader created
15clusterrole.rbac.authorization.k8s.io/system:metrics-server created
16rolebinding.rbac.authorization.k8s.io/metrics-server-auth-reader created
17clusterrolebinding.rbac.authorization.k8s.io/metrics-server:system:auth-delegator created
18clusterrolebinding.rbac.authorization.k8s.io/system:metrics-server created
19service/metrics-server created
20deployment.apps/metrics-server created
21apiservice.apiregistration.k8s.io/v1beta1.metrics.k8s.io created
22clusterrolebinding.rbac.authorization.k8s.io/microk8s-admin created
23Metrics-Server is enabled
24Applying manifest
25serviceaccount/kubernetes-dashboard created
26service/kubernetes-dashboard created
27secret/kubernetes-dashboard-certs created
28secret/kubernetes-dashboard-csrf created
29secret/kubernetes-dashboard-key-holder created
30configmap/kubernetes-dashboard-settings created
31role.rbac.authorization.k8s.io/kubernetes-dashboard created
32clusterrole.rbac.authorization.k8s.io/kubernetes-dashboard created
33rolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
34clusterrolebinding.rbac.authorization.k8s.io/kubernetes-dashboard created
35deployment.apps/kubernetes-dashboard created
36service/dashboard-metrics-scraper created
37deployment.apps/dashboard-metrics-scraper created
38secret/microk8s-dashboard-token created
39
40If RBAC is not enabled access the dashboard using the token retrieved with:
41
42microk8s kubectl describe secret -n kube-system microk8s-dashboard-token
43
44Use this token in the https login UI of the kubernetes-dashboard service.
45
46In an RBAC enabled setup (microk8s enable RBAC) you need to create a user with restricted
47permissions as shown in:
48https://github.com/kubernetes/dashboard/blob/master/docs/user/access-control/creating-sample-user.md
49
50Addon core/helm3 is already enabled
51Enabling Ingress
52ingressclass.networking.k8s.io/public created
53ingressclass.networking.k8s.io/nginx created
54namespace/ingress created
55serviceaccount/nginx-ingress-microk8s-serviceaccount created
56clusterrole.rbac.authorization.k8s.io/nginx-ingress-microk8s-clusterrole created
57role.rbac.authorization.k8s.io/nginx-ingress-microk8s-role created
58clusterrolebinding.rbac.authorization.k8s.io/nginx-ingress-microk8s created
59rolebinding.rbac.authorization.k8s.io/nginx-ingress-microk8s created
60configmap/nginx-load-balancer-microk8s-conf created
61configmap/nginx-ingress-tcp-microk8s-conf created
62configmap/nginx-ingress-udp-microk8s-conf created
63daemonset.apps/nginx-ingress-microk8s-controller created
64Ingress is enabled
These add-ons are necessary for managing applications, networking, and visualizing your cluster. The warning about enabling add-ons one at a time is to prevent issues with future MicroK8s versions.
Note
All essential add-ons are now enabled, providing a robust foundation for Kubernetes operations.
Warning
Avoid chaining multiple addons in one command. Use
microk8s enable <addon>for each addon to prevent issues.
| Add-on | Description |
|---|---|
| DNS | Internal name resolution for services |
| Dashboard | GUI to visualize workloads and manage resources with Metrics |
| Helm | Package manager for Kubernetes applications |
| Ingress | Routes external traffic into the cluster |
Now that the cluster is ready, you can deploy a simple application to test your setup. This example uses Nginx, a popular web server, to demonstrate deployment and service exposure.
1microk8s kubectl create deployment nginx --image=nginx
2microk8s kubectl expose deployment nginx --port=80 --type=NodePort
3microk8s kubectl get all
Note
Though the commands
kubectlandmicrok8s kubectlare interchangeable, it’s recommended to usemicrok8s kubectlto avoid conflicts with any other Kubernetes installations. But if you do not have any other installation of Kubernetes, you can set an alias in.bashrcto use directlykubectlinstead ofmicrok8s kubectl.
1microk8s kubectl create deployment nginx --image=nginx
2# deployment.apps/nginx created
This command creates a Deployment object that manages an Nginx Pod.
1microk8s kubectl expose deployment nginx --port=80 --type=NodePort
2# service/nginx exposed
Exposing the deployment creates a Service of type NodePort, allowing external access to the Nginx server on a specific port.
1microk8s kubectl get all
1microk8s kubectl get all
2NAME READY STATUS RESTARTS AGE
3pod/nginx-5869d7778c-kxwn6 0/1 ContainerCreating 0 41s
4
5NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
6service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 170m
7service/nginx NodePort 10.152.183.215 <none> 80:31621/TCP 16s
8
9NAME READY UP-TO-DATE AVAILABLE AGE
10deployment.apps/nginx 0/1 1 0 41s
11
12NAME DESIRED CURRENT READY AGE
13replicaset.apps/nginx-5869d7778c 1 1 0 41s
This confirms that your application is running and accessible from outside the cluster.
kubectl Commands| Action | Command | Example |
|---|---|---|
| View all resources | kubectl get all | kubectl get all |
| Deploy an app | kubectl create deployment | kubectl create deployment nginx --image=nginx |
| Expose app | kubectl expose | kubectl expose deployment nginx --port=80 --type=NodePort |
| Inspect logs | kubectl logs <pod> | kubectl logs nginx-xyz |
| Apply YAML | kubectl apply -f file.yaml | kubectl apply -f nginx-static.yaml |
| View node info | kubectl get nodes | kubectl get nodes |
| Execute command in container | kubectl exec -it <pod> -- <cmd> | kubectl exec -it nginx-xyz -- bash |
You can also explore:
kubectl describe for detailed insightskubectl delete to remove resourceskubectl config view to inspect your current setup (less relevant in MicroK8s, but useful when you use multiple clusters)The Kubernetes Dashboard provides a web-based UI to manage and monitor your cluster. You can use it to view workloads, services, logs, and resource usage.
1microk8s dashboard-proxy
2Checking if Dashboard is running.
3Infer repository core for addon dashboard
4Waiting for Dashboard to come up.
5Trying to get token from microk8s-dashboard-token
6Waiting for secret token (attempt 0)
7Dashboard will be available at https://127.0.0.1:10443
8Use the following token to login:
9eyJhbGciOiJSUzI1NiIsImtpZCI6IkYxZ3FGc0RDTEJEZDNfMl9LeEk0djQ5cWNWUi03WEdmdTFpaTZzY3Z3dlUifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJtaWNyb2s4cy1kYXNoYm9hcmQtdG9rZW4iLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlcnZpY2UtYWNjb3VudC5uYW1lIjoiZGVmYXVsdCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjFjMjU1ZTc0LWQ1N2EtNDEyOS05NzFmLWQ4NWZhYjJjZTIxMSIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTpkZWZhdWx0In0.OxCDOzH7M4-0875Cqea1E5B1yh0i9iskHnhpFIT10KZpt2gdjqRzD_fwozMFaMUuHtUxZxtd0QIqTtHPrxTh_9bg5sEbjtP5kB1EDX5G9oVelVYPCqUwBiAHfQI3CBd33mqVr4v_-38MYaLHOHspfNRx52BqpEjGFoOND8B4eoojj2kWbO1U_ydtH1ZoCnkAeVnXTQN351EKJbmfokj5p238InTclDSbLxZls6cmAH4KOc2QHgA-I2t_5zl5SLxueGiEPuy4erbbhXB2MCmAP2ovzNK5bnH1boA19J0_EWIDYuTWqtoPmijJMhpkP4W_PgwVnLkIj-PNq9i3D4L5Ug
Open the dashboard in your browser and paste the URL into the web browser (on your Ubuntu machine). If you’re accessing remotely, you can tunnel the port with SSH or expose the Dashboard via Ingress.
Authenticate with the token provided in the terminal. Choose “Token” as the login method and paste the token provided in the terminal.
Get a real-time overview of deployments, pods, services, resource usage, and cluster health. Dashboard includes logs, metrics, and YAML editors for fast debugging and adjustments.
Sometimes, the dashboard may not work out of the box due to browser security warnings or token expiration. For a temporary run, just accept the risk and proceed. If you are logged out, simply rerun the command to get a new token.
After logging in, explore key resources using the dashboard:
nginx deploymentUse the proxy address:
http://127.0.0.1:10443