-
-
Save wranders/b10b305e93fbd858f82f511017296bb2 to your computer and use it in GitHub Desktop.
setup-crio.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -ex | |
| # Set up required sysctl params, these persist across reboots. | |
| cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| net.ipv4.ip_forward = 1 | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| EOF | |
| sysctl --system | |
| export VERSION=1.19 | |
| export OS=CentOS_8 | |
| curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo | |
| curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$VERSION.repo | |
| yum install cri-o -y | |
| systemctl enable cri-o | |
| systemctl start cri-o | |
| cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo | |
| [kubernetes] | |
| name=Kubernetes | |
| baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch | |
| enabled=1 | |
| gpgcheck=1 | |
| repo_gpgcheck=1 | |
| gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
| exclude=kubelet kubeadm kubectl | |
| EOF | |
| # Set SELinux in permissive mode (effectively disabling it) | |
| setenforce 0 | |
| sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config | |
| yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes | |
| systemctl enable --now kubelet | |
| modprobe overlay | |
| modprobe br_netfilter | |
| cat > ~/init_kubelet.yaml <<EOF | |
| apiVersion: kubeadm.k8s.io/v1beta2 | |
| kind: InitConfiguration | |
| nodeRegistration: | |
| kubeletExtraArgs: | |
| logging-format: "json" | |
| --- | |
| apiVersion: kubeadm.k8s.io/v1beta2 | |
| kind: ClusterConfiguration | |
| apiServer: | |
| extraArgs: | |
| logging-format: "json" | |
| controllerManager: | |
| extraArgs: | |
| logging-format: "json" | |
| scheduler: | |
| extraArgs: | |
| logging-format: "json" | |
| --- | |
| apiVersion: kubelet.config.k8s.io/v1beta1 | |
| kind: KubeletConfiguration | |
| cgroupDriver: "systemd" | |
| EOF | |
| kubeadm init --config init_kubelet.yaml | |
| mkdir -p $HOME/.kube | |
| cp -i /etc/kubernetes/admin.conf $HOME/.kube/config | |
| chown $(id -u):$(id -g) $HOME/.kube/config | |
| # シングルスタークラスターなので、ワークロードをマスターに載せる許可設定 | |
| kubectl taint nodes --all node-role.kubernetes.io/master- | |
| # CNIとしてCilliumを入れる | |
| curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash | |
| helm repo add cilium https://helm.cilium.io/ | |
| helm install cilium cilium/cilium --version 1.8.2 \ | |
| --namespace kube-system \ | |
| --set global.containerRuntime.integration=crio | |
| # CRI-OはデフォルトでCNIを認識してくれないので、プロセスの再起動が必要 | |
| # ref. https://docs.cilium.io/en/v1.8/concepts/kubernetes/configuration/#crio | |
| systemctl restart cri-o | |
| cat > ~/app.yaml <<EOF | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: nginx-deployment | |
| spec: | |
| selector: | |
| matchLabels: | |
| app: nginx | |
| replicas: 3 | |
| template: | |
| metadata: | |
| labels: | |
| app: nginx | |
| spec: | |
| containers: | |
| - name: nginx | |
| image: nginx:1.18.0-alpine | |
| ports: | |
| - containerPort: 80 | |
| --- | |
| kind: Service | |
| apiVersion: v1 | |
| metadata: | |
| name: nginx-service | |
| labels: | |
| app: nginx | |
| spec: | |
| ports: | |
| - port: 80 | |
| targetPort: 80 | |
| selector: | |
| app: nginx | |
| type: NodePort | |
| EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment