-
-
Save mcg1969/84193a370e8e712de955f517e966856f to your computer and use it in GitHub Desktop.
Preparing a CentOS node for AE5
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| set -eux | |
| OS="$(gawk -F= '/^NAME/{print $2}' /etc/os-release | sed 's/"//g')" | |
| echo "Detected ${OS} Distro" | |
| if [[ "$OS" =~ ^(CentOS\ Linux|RedHat|Ubuntu)$ ]]; then | |
| echo "Enabling Modules" | |
| for i in overlay br_netfilter ebtable_filter ebtables iptable_nat iptable_filter; do echo "$i" | sudo tee /etc/modules-load.d/$i.conf > /dev/null; done | |
| for i in overlay br_netfilter ebtable_filter ebtables iptable_nat iptable_filter; do sudo modprobe $i; done | |
| lsmod | grep 'overlay\|br_netfilter\|ebtables\|ebtable_filter' | |
| fi | |
| if [[ "$OS" =~ ^(CentOS\ Linux|RedHat)$ ]]; then | |
| if [[ `cut -d ' ' -f 4 /etc/redhat-release | cut -d '.' -f 2` == "2" ]]; then | |
| echo "Centos 7.2 detected -- loading bridge module" | |
| sudo modprobe bridge | |
| sudo sysctl -w net.bridge.bridge-nf-call-iptables=1 | |
| fi | |
| echo "Disabling SELinux" | |
| sudo setenforce 0 | |
| sudo sed -i -- 's/SELINUX\=enforcing/SELINUX\=disabled/g' /etc/selinux/config | |
| echo "Modifying Kernel Parameters" | |
| sudo sed -i -- 's/net\.bridge\.bridge-nf-call-ip6tables\ \=\ 0/net\.bridge\.bridge-nf-call-ip6tables\ \=\ 1/g' /usr/lib/sysctl.d/00-system.conf | |
| echo 'net.ipv4.ip_forward = 1' | sudo tee --append /usr/lib/sysctl.d/00-system.conf > /dev/null | |
| sudo sysctl -w net.bridge.bridge-nf-call-ip6tables=1 | |
| sudo sysctl -w net.ipv4.ip_forward=1 | |
| sudo sysctl -w fs.inotify.max_user_watches=1048576 | |
| sudo sysctl -w fs.may_detach_mounts=1 # https://gravitational.com/docs/faq/#kubernetes-pods-stuck-in-terminating-state | |
| sudo bash -c "echo 'fs.may_detach_mounts = 1' >> /etc/sysctl.d/10-may_detach_mounts.conf" | |
| sudo bash -c "echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.d/99-bridge.conf" | |
| sudo bash -c "echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.d/99-bridge.conf" | |
| sudo bash -c "echo 'fs.inotify.max_user_watches=1048576' >> /etc/sysctl.d/99-watches.conf" | |
| sudo bash -c "echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.d/99-net.conf" | |
| #MINOR_VERSION=`cat /etc/redhat-release | cut -d" " -f4 | cut -d "." -f2` | |
| fi | |
| if [[ "$OS" =~ ^(SLES)$ ]]; | |
| then | |
| sudo sysctl -w fs.may_detach_mounts=1 | |
| echo "Enabling more threads" | |
| echo 'DefaultTasksMax=infinity' | sudo tee --append /etc/systemd/system.conf > /dev/null | |
| fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment