OS: Ubuntu 16.04 or CentOS 7
- Install docker
- Install cri_o or containerd
- Install kubelet, kubeadm, kubectl
OS: Ubuntu 16.04 or CentOS 7
# Configs | |
variable "aws_access_key" { | |
default = "" | |
} | |
variable "aws_secret_key" { | |
default = "" | |
} | |
variable "aws_region" { | |
default = "" | |
} | |
variable "instances_number" { | |
default = 1 | |
} | |
variable "instances_type" { | |
default = "" | |
} | |
variable "ssh_public_key" { | |
default = "" | |
} | |
# AWS data | |
provider "aws" { | |
access_key = "${var.aws_access_key}" | |
secret_key = "${var.aws_secret_key}" | |
region = "${var.aws_region}" | |
version = "~> 2.7" | |
} | |
data "aws_ami" "ubuntu" { | |
most_recent = true | |
filter { | |
name = "name" | |
values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"] | |
} | |
filter { | |
name = "virtualization-type" | |
values = ["hvm"] | |
} | |
owners = ["099720109477"] # Canonical | |
} | |
# main | |
resource "aws_key_pair" "deployer" { | |
key_name = "deployer-key" | |
public_key = "${var.ssh_public_key}" | |
} | |
resource "aws_security_group" "instance" { | |
name = "K8S" | |
ingress { | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 80 | |
to_port = 80 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
ingress { | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 22 | |
to_port = 22 | |
protocol = "tcp" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
egress { | |
from_port = 0 | |
to_port = 0 | |
protocol = "-1" | |
cidr_blocks = ["0.0.0.0/0"] | |
} | |
tags = { | |
Name = "K8S" | |
} | |
} | |
resource "aws_instance" "k8s" { | |
key_name = "${aws_key_pair.deployer.key_name}" | |
ami = "${data.aws_ami.ubuntu.id}" | |
instance_type = "${var.instances_type}" | |
vpc_security_group_ids = [aws_security_group.instance.id] | |
root_block_device { | |
volume_type = "standard" | |
volume_size = "100" | |
} | |
tags = { | |
Name = "K8S" | |
} | |
volume_tags = { | |
Name = "K8S" | |
} | |
} |
modprobe overlay | |
modprobe br_netfilter | |
# Setup required sysctl params, these persist across reboots. | |
cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF | |
net.bridge.bridge-nf-call-iptables = 1 | |
net.ipv4.ip_forward = 1 | |
net.bridge.bridge-nf-call-ip6tables = 1 | |
EOF | |
sysctl --system | |
# Install prerequisites | |
yum-config-manager --add-repo=https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/ | |
# Install CRI-O | |
yum install --nogpgcheck cri-o | |
systemctl start crio |
modprobe overlay | |
modprobe br_netfilter | |
# Setup required sysctl params, these persist across reboots. | |
cat > /etc/sysctl.d/99-kubernetes-cri.conf <<EOF | |
net.bridge.bridge-nf-call-iptables = 1 | |
net.ipv4.ip_forward = 1 | |
net.bridge.bridge-nf-call-ip6tables = 1 | |
EOF | |
sysctl --system | |
# Install prerequisites | |
apt-get update | |
apt-get install software-properties-common | |
add-apt-repository ppa:projectatomic/ppa | |
apt-get update | |
# Install CRI-O | |
apt-get install cri-o-1.15 | |
# Install prerequisites | |
yum-config-manager --add-repo=https://cbs.centos.org/repos/paas7-crio-115-release/x86_64/os/ | |
# Install CRI-O | |
yum install --nogpgcheck cri-o | |
systemctl start crio |
# Install Docker CE | |
## Set up the repository | |
### Install required packages. | |
yum install yum-utils device-mapper-persistent-data lvm2 | |
### Add Docker repository. | |
yum-config-manager \ | |
--add-repo \ | |
https://download.docker.com/linux/centos/docker-ce.repo | |
## Install Docker CE. | |
yum update && yum install docker-ce-18.06.2.ce | |
## Create /etc/docker directory. | |
mkdir /etc/docker | |
# Setup daemon. | |
cat > /etc/docker/daemon.json <<EOF | |
{ | |
"exec-opts": ["native.cgroupdriver=systemd"], | |
"log-driver": "json-file", | |
"log-opts": { | |
"max-size": "100m" | |
}, | |
"storage-driver": "overlay2", | |
"storage-opts": [ | |
"overlay2.override_kernel_check=true" | |
] | |
} | |
EOF | |
mkdir -p /etc/systemd/system/docker.service.d | |
# Restart Docker | |
systemctl daemon-reload | |
systemctl restart docker |
# Install Docker CE | |
## Set up the repository: | |
### Install packages to allow apt to use a repository over HTTPS | |
apt-get update && apt-get install apt-transport-https ca-certificates curl software-properties-common | |
### Add Docker’s official GPG key | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
### Add Docker apt repository. | |
add-apt-repository \ | |
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \ | |
$(lsb_release -cs) \ | |
stable" | |
## Install Docker CE. | |
apt-get update && apt-get install docker-ce=18.06.2~ce~3-0~ubuntu | |
# Setup daemon. | |
cat > /etc/docker/daemon.json <<EOF | |
{ | |
"exec-opts": ["native.cgroupdriver=systemd"], | |
"log-driver": "json-file", | |
"log-opts": { | |
"max-size": "100m" | |
}, | |
"storage-driver": "overlay2" | |
} | |
EOF | |
mkdir -p /etc/systemd/system/docker.service.d | |
# Restart docker. | |
systemctl daemon-reload | |
systemctl restart docker |
cat <<EOF > /etc/yum.repos.d/kubernetes.repo | |
[kubernetes] | |
name=Kubernetes | |
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 | |
enabled=1 | |
gpgcheck=1 | |
repo_gpgcheck=1 | |
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
EOF | |
# Set SELinux in permissive mode (effectively disabling it) | |
setenforce 0 | |
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config | |
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes | |
systemctl enable --now kubelet | |
kubeadm init |
apt-get update && apt-get install -y apt-transport-https curl | |
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - | |
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list | |
deb https://apt.kubernetes.io/ kubernetes-xenial main | |
EOF | |
apt-get update | |
apt-get install -y kubelet kubeadm kubectl | |
apt-mark hold kubelet kubeadm kubectl | |
kubeadm init |