Last active
July 13, 2018 05:09
-
-
Save leoh0/6da444d132bb3d9d09eb9ba2793c1f2e to your computer and use it in GitHub Desktop.
gce 18.04 ubuntu image대상으로 linuxkit 설치 스크립트. https://github.com/leoh0/kubernetes 이용. 자세한 내용은 http://leoh0.github.io/ 블로그 참고
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
if [ "$(id -u)" != "0" ]; then | |
echo "This script must be run as root" 1>&2 | |
exit 1 | |
fi | |
set -ex | |
apt update | |
apt install -y apt-transport-https ca-certificates curl software-properties-common | |
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - | |
apt-key fingerprint 0EBFCD88 | |
#add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ | |
# $(lsb_release -cs) \ | |
# stable" | |
# 18.04는 repo가 아직 없어서 artful을 이용해야 한다. | |
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ | |
artful \ | |
stable" | |
apt update | |
apt install -y docker-ce uml-utilities qemu-kvm bridge-utils virtinst libvirt-bin golang-go | |
virsh net-destroy default | |
virsh net-autostart --disable default | |
ip link add virbr10-dummy address $(hexdump -vn3 -e '/3 "52:54:00"' -e '/1 ":%02x"' -e '"\n"' /dev/urandom) type dummy | |
brctl addbr virbr10 | |
brctl stp virbr10 on | |
brctl addif virbr10 virbr10-dummy | |
ip address add 10.0.0.1/8 dev virbr10 broadcast 192.168.100.255 | |
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf | |
echo "net.ipv4.conf.all.forwarding=1" >> /etc/sysctl.conf | |
sysctl -p | |
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 224.0.0.0/24 -j RETURN | |
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -d 255.255.255.255/32 -j RETURN | |
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -p tcp -j MASQUERADE --to-ports 1024-65535 | |
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -p udp -j MASQUERADE --to-ports 1024-65535 | |
iptables -t nat -A POSTROUTING -s 10.0.0.0/8 ! -d 10.0.0.0/8 -j MASQUERADE | |
iptables -t filter -A FORWARD -d 10.0.0.0/8 -o virbr10 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT | |
# 밖으로(169.254.0.0/16)으로 메타가 새면 하이퍼바이저의 메타를 들고온다.. | |
iptables -t filter -A FORWARD -s 10.0.0.0/8 ! -d 169.254.0.0/16 -i virbr10 -j ACCEPT | |
iptables -t filter -A FORWARD -s 10.0.0.0/8 -d 169.254.0.0/16 -i virbr10 -j DROP | |
ip l set virbr10-dummy up | |
ip l set virbr10 up | |
mkdir -p /etc/qemu/ | |
echo 'allow virbr10' > /etc/qemu/bridge.conf | |
mkdir -p /var/lib/dnsmasq/virbr10 | |
touch /var/lib/dnsmasq/virbr10/hostsfile | |
touch /var/lib/dnsmasq/virbr10/leases | |
cat > /var/lib/dnsmasq/virbr10/dnsmasq.conf << EOF | |
# Only bind to the virtual bridge. This avoids conflicts with other running | |
# dnsmasq instances. | |
except-interface=lo | |
interface=virbr10 | |
bind-dynamic | |
# If using dnsmasq 2.62 or older, remove "bind-dynamic" and "interface" lines | |
# and uncomment these lines instead: | |
#bind-interfaces | |
listen-address=10.0.0.1 | |
# IPv4 addresses to offer to VMs. This should match the chosen subnet. | |
dhcp-range=10.0.0.2,10.15.255.254 | |
# 굳이 안해도 되나 아이피 일괄적으로 주려면 이런게 제일 편하다. | |
dhcp-host=8a:a0:33:57:08:0a,10.0.0.2 | |
dhcp-host=8a:a0:33:57:08:0b,10.0.0.3 | |
dhcp-host=8a:a0:33:57:08:0c,10.0.0.4 | |
dhcp-host=8a:a0:33:57:08:0d,10.0.0.5 | |
dhcp-host=8a:a0:33:57:08:0e,10.0.0.6 | |
# Set this to at least the total number of addresses in DHCP-enabled subnets. | |
dhcp-lease-max=1000 | |
# File to write DHCP lease information to. | |
dhcp-leasefile=/var/lib/dnsmasq/virbr10/leases | |
# File to read DHCP host information from. | |
dhcp-hostsfile=/var/lib/dnsmasq/virbr10/hostsfile | |
# Avoid problems with old or broken clients. | |
dhcp-no-override | |
# https://www.redhat.com/archives/libvir-list/2010-March/msg00038.html | |
strict-order | |
EOF | |
cat > /etc/systemd/system/dnsmasq@.service << EOF | |
# '%i' becomes 'virbr10' when running `systemctl start dnsmasq@virbr10.service` | |
# Remember to run `systemctl daemon-reload` after creating or editing this file. | |
[Unit] | |
Description=DHCP and DNS caching server for %i. | |
After=network.target | |
[Service] | |
ExecStart=/usr/sbin/dnsmasq -k --conf-file=/var/lib/dnsmasq/%i/dnsmasq.conf | |
ExecReload=/bin/kill -HUP $MAINPID | |
Restart=on-failure | |
RestartSec=5 | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
systemctl start dnsmasq@virbr10.service | |
echo '''Host * | |
StrictHostKeyChecking no | |
UserKnownHostsFile /dev/null | |
User root''' > /root/.ssh/config | |
export PATH=~/go/bin:$PATH | |
export PATH=/usr/libexec:$PATH | |
echo '''export PATH=~/go/bin:$PATH | |
export PATH=/usr/libexec:$PATH''' >> ~/.bashrc | |
git clone https://github.com/leoh0/kubernetes | |
go get -u github.com/linuxkit/linuxkit/src/cmd/linuxkit | |
echo -e "\n\n\n" | ssh-keygen -t rsa -N "" | |
echo ''' | |
# cd /root/kubernetes | |
make all | |
KUBE_CLEAR_STATE=true KUBE_MAC=8a:a0:33:57:08:0a KUBE_NETWORKING="bridge,virbr10" ./boot.sh | |
KUBE_CLEAR_STATE=true KUBE_MAC=8a:a0:33:57:08:0b KUBE_NETWORKING="bridge,virbr10" ./boot.sh 1 10.0.0.2:6443 --token 3wkfov.fj3ywmkva55nr4p7 --discovery-token-ca-cert-hash sha256:ee14b16af5775cfa65215cff0f6fe2807d35b23a4a3dd8a72507e93292fcd8f1 | |
''' |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment