Last active
September 20, 2024 21:44
-
-
Save SamuelBagattin/030a0fea7d1314f905ec3f614f64ec05 to your computer and use it in GitHub Desktop.
install a single node kubeadm cluster on various OS. Make sure pod ip ranges do not overlap with physical network
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum update -y | |
| # Configure iptables to see bridged traffic | |
| cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf | |
| br_netfilter | |
| EOF | |
| sudo modprobe overlay | |
| sudo modprobe br_netfilter | |
| cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| EOF | |
| sudo sysctl --system | |
| sudo sysctl -w net.ipv4.ip_forward=1 | |
| # Use cgroupv2 | |
| sudo grubby \ | |
| --update-kernel=ALL \ | |
| --args="systemd.unified_cgroup_hierarchy=1" | |
| sudo amazon-linux-extras enable docker | |
| sudo yum install containerd iproute-tc -y | |
| sudo mkdir -p /etc/containerd | |
| containerd config default | sudo tee /etc/containerd/config.toml | |
| sudo sed -i '/\[plugins\."io\.containerd\.grpc\.v1\.cri"\.containerd\.runtimes\.runc\.options\]/a \ \ \ \ \ \ \ \ \ \ \ \ SystemdCgroup = true' /etc/containerd/config.toml | |
| sudo systemctl restart containerd | |
| # installing kubelet kubeadm kubectl | |
| cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo | |
| [kubernetes] | |
| name=Kubernetes | |
| baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch | |
| enabled=1 | |
| gpgcheck=1 | |
| repo_gpgcheck=1 | |
| gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
| exclude=kubelet kubeadm kubectl | |
| EOF | |
| sudo setenforce 0 | |
| sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config | |
| sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes | |
| sudo systemctl enable --now kubelet | |
| sudo kubeadm init | |
| mkdir -p $HOME/.kube | |
| sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config | |
| sudo chown $(id -u):$(id -g) $HOME/.kube/config | |
| curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-arm64.tar.gz | |
| sudo tar xzvfC cilium-linux-arm64.tar.gz /usr/local/bin | |
| rm cilium-linux-arm64.tar.gz | |
| cilium install | |
| source <(kubectl completion bash) # setup autocomplete in bash into the current shell, bash-completion package should be installed first. | |
| echo "source <(kubectl completion bash)" >> ~/.bashrc | |
| wget -O /tmp/yq https://github.com/mikefarah/yq/releases/download/v4.15.1/yq_linux_arm64 | |
| chmod +x /tmp/yq | |
| sudo mv /tmp/yq /usr/local/bin/ | |
| curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash | |
| kubectl taint nodes node-role.kubernetes.io/control-plane- --all | |
| kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.0.4/deploy/static/provider/baremetal/deploy.yaml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo yum update -y && sudo yum upgrade -y | |
| sudo systemctl disable firewalld --now | |
| # Configure iptables to see bridged traffic | |
| cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf | |
| br_netfilter | |
| EOF | |
| sudo modprobe overlay | |
| sudo modprobe br_netfilter | |
| cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| EOF | |
| sudo sysctl --system | |
| sudo sysctl -w net.ipv4.ip_forward=1 | |
| # Use cgroupv2 | |
| sudo grubby \ | |
| --update-kernel=ALL \ | |
| --args="systemd.unified_cgroup_hierarchy=1" | |
| sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo | |
| sudo yum install containerd.io -y | |
| sudo mkdir -p /etc/containerd | |
| containerd config default | sudo tee /etc/containerd/config.toml | |
| sed -i 's/SystemdCgroup = false/SystemdCgroup = true/g' /etc/containerd/config.toml | |
| sudo service containerd restart | |
| cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo | |
| [kubernetes] | |
| name=Kubernetes | |
| baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch | |
| enabled=1 | |
| gpgcheck=1 | |
| repo_gpgcheck=1 | |
| gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
| exclude=kubelet kubeadm kubectl | |
| EOF | |
| sudo swapoff -a | |
| sudo sed -i '/sw,comment=cloudconfig/d' /etc/fstab | |
| sudo setenforce 0 | |
| sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config | |
| sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes | |
| sudo systemctl enable --now kubelet | |
| sudo kubeadm init | |
| mkdir -p $HOME/.kube | |
| sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config | |
| sudo chown $(id -u):$(id -g) $HOME/.kube/config | |
| curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-arm64.tar.gz | |
| sudo tar xzvfC cilium-linux-arm64.tar.gz /usr/local/bin | |
| rm cilium-linux-arm64.tar.gz | |
| cilium install | |
| source <(kubectl completion bash) # setup autocomplete in bash into the current shell, bash-completion package should be installed first. | |
| echo "source <(kubectl completion bash)" >> ~/.bashrc | |
| wget -O /tmp/yq https://github.com/mikefarah/yq/releases/download/v4.15.1/yq_linux_arm64 | |
| chmod +x /tmp/yq | |
| sudo mv /tmp/yq /usr/local/bin/ | |
| curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash | |
| kubectl taint nodes node-role.kubernetes.io/control-plane- --all |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment