Last active
August 1, 2023 13:48
-
-
Save Nurlan199206/1d21bb6c691ba72bb2ad2749462671f3 to your computer and use it in GitHub Desktop.
k8s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dnf install https://dl.min.io/server/minio/release/linux-amd64/minio-20230721211244.0.0.x86_64.rpm | |
| kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email> | |
| [Unit] | |
| Description=MinIO | |
| Documentation=https://docs.min.io | |
| Wants=network-online.target | |
| After=network-online.target | |
| AssertFileIsExecutable=/usr/local/bin/minio | |
| [Service] | |
| WorkingDirectory=/usr/local | |
| User=minio-user | |
| Group=minio-user | |
| ProtectProc=invisible | |
| EnvironmentFile=-/etc/default/minio | |
| ExecStartPre=/bin/bash -c "if [ -z \"${MINIO_VOLUMES}\" ]; then echo \"Variable MINIO_VOLUMES not set in /etc/default/minio\"; exit 1; fi" | |
| ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES | |
| # Let systemd restart this service always | |
| Restart=always | |
| # Specifies the maximum file descriptor number that can be opened by this process | |
| LimitNOFILE=65536 | |
| # Specifies the maximum number of threads this process can create | |
| TasksMax=infinity | |
| # Disable timeout logic and wait until process is stopped | |
| TimeoutStopSec=infinity | |
| SendSIGKILL=no | |
| [Install] | |
| WantedBy=multi-user.target | |
| ====================================================================================================== | |
| wget https://dl.min.io/server/minio/release/linux-amd64/minio | |
| chmod +x minio | |
| MINIO_ROOT_USER=admin MINIO_ROOT_PASSWORD=password ./minio server /mnt/data --console-address ":9001" | |
| https://github.com/kubernetes-sigs/kubespray.git | |
| curl -O -k https://github.com/weaveworks/weave/releases/download/v2.8.1/weave-daemonset-k8s.yaml | |
| curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/calico.yaml -O | |
| # Copy ``inventory/sample`` as ``inventory/mycluster`` | |
| cp -rfp inventory/sample inventory/mycluster | |
| # Update Ansible inventory file with inventory builder | |
| declare -a IPS=(10.10.1.3 10.10.1.4 10.10.1.5) | |
| CONFIG_FILE=inventory/mycluster/hosts.yaml python3 contrib/inventory_builder/inventory.py ${IPS[@]} | |
| # Review and change parameters under ``inventory/mycluster/group_vars`` | |
| cat inventory/mycluster/group_vars/all/all.yml | |
| cat inventory/mycluster/group_vars/k8s_cluster/k8s-cluster.yml | |
| # Deploy Kubespray with Ansible Playbook - run the playbook as root | |
| # The option `--become` is required, as for example writing SSL keys in /etc/, | |
| # installing packages and interacting with various systemd daemons. | |
| # Without --become the playbook will fail to run! | |
| ansible-playbook -i inventory/mycluster/hosts.yaml --become --become-user=root cluster.yml | |
| VERSION=1.27 | |
| sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/CentOS_7/devel:kubic:libcontainers:stable.repo | |
| https://git.egs.kz/ops/ansible/roles/kubespray.git | |
| sudo curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:${VERSION}/CentOS_7/devel:kubic:libcontainers:stable:cri-o:${VERSION}.repo | |
| https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm | |
| https://dl.k8s.io/v1.27.4/bin/linux/amd64/kubectl | |
| kubectl get nodes -o jsonpath='{.items[*].spec.podCIDR}' | |
| 100.64.0.0/14 | |
| git clone https://github.com/nginxinc/kubernetes-ingress.git --branch v3.2.0 | |
| kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml | |
| kubectl get pods --all-namespaces | grep -E OutOfcpu\|Evicted\|Completed\|OOMKilled\|Error\|Terminating\|Pending | awk '{print "kubectl delete po --grace-period=0 --force " $2 " -n " $1 }'| bash | |
| kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.7.0/aio/deploy/recommended.yaml | |
| https://dl.k8s.io/v1.27.4/bin/linux/amd64/kubeadm | |
| https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.0-2.2.rc.2.1.el7.x86_64.rpm | |
| https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.6.19-3.1.el7.x86_64.rpm | |
| ============================================================================================ | |
| [base] | |
| name=CentOS-$releasever - Base | |
| mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os | |
| gpgcheck=1 | |
| gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | |
| #released updates | |
| [updates] | |
| name=CentOS-$releasever - Updates | |
| mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates | |
| gpgcheck=1 | |
| gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | |
| #additional packages that may be useful | |
| [extras] | |
| name=CentOS-$releasever - Extras | |
| mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras | |
| gpgcheck=1 | |
| gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | |
| #additional packages that extend functionality of existing packages | |
| [centosplus] | |
| name=CentOS-$releasever - Plus | |
| mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus | |
| gpgcheck=1 | |
| enabled=0 | |
| gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 | |
| cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| net.ipv4.ip_forward = 1 | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| EOF |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment