Last active
August 17, 2023 15:47
-
-
Save miathedev/f6fc258557c8c99507b7ad2ca50fcc99 to your computer and use it in GitHub Desktop.
Kubeadm cloud-init
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#cloud-config | |
package_update: true | |
package_upgrade: true | |
packages: | |
# Update the apt package index and install packages needed to use the Docker and Kubernetes apt repositories over HTTPS | |
- apt-transport-https | |
- ca-certificates | |
- curl | |
- gnupg | |
- lsb-release | |
# Let iptables see bridged traffic | |
# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic | |
write_files: | |
- path: /etc/modules-load.d/k8s.conf | |
content: | | |
br_netfilter | |
- path: /etc/sysctl.d/k8s.conf | |
content: | | |
net.bridge.bridge-nf-call-ip6tables = 1 | |
net.bridge.bridge-nf-call-iptables = 1 | |
# create the docker group | |
groups: | |
- docker | |
# Add default auto created user to docker group | |
system_info: | |
default_user: | |
groups: [docker] | |
runcmd: | |
- modprobe br_netfilter # Load br_netfilter module. | |
#Docker | |
- curl -fsSL https://get.docker.com -o get-docker.sh | |
- sh get-docker.sh | |
#Install packages | |
- apt-get update -y # Update apt package index | |
- curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | |
- echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
- apt-get update # Update apt package index | |
- apt-get install -y kubelet kubeadm kubectl | |
- apt-mark hold kubelet kubeadm kubectl | |
- sysctl --system # Reload settings from all system configuration files to take iptables configuration | |
- sed -i '/disabled_plugins = \["cri"\]/d' /etc/containerd/config.toml | |
- systemctl restart containerd | |
- curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | |
- apt-get install -y python3-pip jq | |
- pip3 install yq | |
- yq 'del(.network.ethernets.eth0.nameservers)' /etc/netplan/50-cloud-init.yaml -i -y | |
- yq '.network.ethernets.eth0.nameservers.addresses += ["8.8.8.8"]' /etc/netplan/50-cloud-init.yaml -i -y | |
- touch /etc/cloud/cloud-init.disabled | |
###Execute on first node, replace advertise-addr. with internal ip to listen on for cluster communication, remove --skip-phases if you want to use a Network plugin other then cilium. | |
#sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.0.0.3 --skip-phases=addon/kube-proxy | |
#https://docs.cilium.io/en/stable/installation/k8s-install-kubeadm/ | |
#calico | |
#kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml | |
#curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml -O | |
#edit cidr field to match local net | |
#kubectl create -f custom-resources.yaml | |
#outputs sth like this, execute it on all other nodes you want to join to the cluster | |
#kubeadm join 49.13.81.120:6443 --token f0g8qm.nrs313szon169kl6 \ | |
#-discovery-token-ca-cert-hash sha256:65b72eb016e2a5f07930790f2f93eba1f2189df40643a3830f9322cb6b57eb17 | |
###After join on a selected node for acc. the kube-api | |
#mkdir -p $HOME/.kube | |
#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config | |
#sudo chown $(id -u):$(id -g) $HOME/.kube/config |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment