miathedev/cloud-init.yaml

## cloud-init.yaml
#cloud-config
package_update: true
package_upgrade: true
packages:
  # Update the apt package index and install packages needed to use the Docker and Kubernetes apt repositories over HTTPS
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg
  - lsb-release


# Let iptables see bridged traffic
# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic
write_files:
 - path: /etc/modules-load.d/k8s.conf
   content: |
    br_netfilter

 - path: /etc/sysctl.d/k8s.conf
   content: |
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1


# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

runcmd:
 - modprobe br_netfilter # Load br_netfilter module.
 #Docker
 - curl -fsSL https://get.docker.com -o get-docker.sh
 - sh get-docker.sh
 #Install packages
 - apt-get update -y # Update apt package index
 - curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
 - echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
 - apt-get update  # Update apt package index
 - apt-get install -y kubelet kubeadm kubectl
 - apt-mark hold kubelet kubeadm kubectl
 - sysctl --system # Reload settings from all system configuration files to take iptables configuration
 - sed -i '/disabled_plugins = \["cri"\]/d' /etc/containerd/config.toml
 - systemctl restart containerd
 - curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
 - apt-get install -y python3-pip jq
 - pip3 install yq
 - yq 'del(.network.ethernets.eth0.nameservers)'  /etc/netplan/50-cloud-init.yaml  -i -y
 - yq '.network.ethernets.eth0.nameservers.addresses += ["8.8.8.8"]'  /etc/netplan/50-cloud-init.yaml  -i -y
 - touch /etc/cloud/cloud-init.disabled

###Execute on first node, replace advertise-addr. with internal ip to listen on for cluster communication, remove --skip-phases if you want to use a Network plugin other then cilium.
#sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.0.0.3 --skip-phases=addon/kube-proxy
#https://docs.cilium.io/en/stable/installation/k8s-install-kubeadm/

#calico
#kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
#curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml -O
#edit cidr field to match local net
#kubectl create -f custom-resources.yaml


#outputs sth like this, execute it on all other nodes you want to join to the cluster
#kubeadm join 49.13.81.120:6443 --token f0g8qm.nrs313szon169kl6 \
#-discovery-token-ca-cert-hash sha256:65b72eb016e2a5f07930790f2f93eba1f2189df40643a3830f9322cb6b57eb17


###After join on a selected node for acc. the kube-api
#mkdir -p $HOME/.kube
#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
#sudo chown $(id -u):$(id -g) $HOME/.kube/config
	#cloud-config
	package_update: true
	package_upgrade: true
	packages:
	# Update the apt package index and install packages needed to use the Docker and Kubernetes apt repositories over HTTPS
	- apt-transport-https
	- ca-certificates
	- curl
	- gnupg
	- lsb-release


	# Let iptables see bridged traffic
	# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#letting-iptables-see-bridged-traffic
	write_files:
	- path: /etc/modules-load.d/k8s.conf
	content: \|
	br_netfilter

	- path: /etc/sysctl.d/k8s.conf
	content: \|
	net.bridge.bridge-nf-call-ip6tables = 1
	net.bridge.bridge-nf-call-iptables = 1


	# create the docker group
	groups:
	- docker

	# Add default auto created user to docker group
	system_info:
	default_user:
	groups: [docker]

	runcmd:
	- modprobe br_netfilter # Load br_netfilter module.
	#Docker
	- curl -fsSL https://get.docker.com -o get-docker.sh
	- sh get-docker.sh
	#Install packages
	- apt-get update -y # Update apt package index
	- curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key \| sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
	- echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' \| sudo tee /etc/apt/sources.list.d/kubernetes.list
	- apt-get update # Update apt package index
	- apt-get install -y kubelet kubeadm kubectl
	- apt-mark hold kubelet kubeadm kubectl
	- sysctl --system # Reload settings from all system configuration files to take iptables configuration
	- sed -i '/disabled_plugins = \["cri"\]/d' /etc/containerd/config.toml
	- systemctl restart containerd
	- curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 \| bash
	- apt-get install -y python3-pip jq
	- pip3 install yq
	- yq 'del(.network.ethernets.eth0.nameservers)' /etc/netplan/50-cloud-init.yaml -i -y
	- yq '.network.ethernets.eth0.nameservers.addresses += ["8.8.8.8"]' /etc/netplan/50-cloud-init.yaml -i -y
	- touch /etc/cloud/cloud-init.disabled

	###Execute on first node, replace advertise-addr. with internal ip to listen on for cluster communication, remove --skip-phases if you want to use a Network plugin other then cilium.
	#sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --apiserver-advertise-address=10.0.0.3 --skip-phases=addon/kube-proxy
	#https://docs.cilium.io/en/stable/installation/k8s-install-kubeadm/

	#calico
	#kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/tigera-operator.yaml
	#curl https://raw.githubusercontent.com/projectcalico/calico/v3.26.1/manifests/custom-resources.yaml -O
	#edit cidr field to match local net
	#kubectl create -f custom-resources.yaml


	#outputs sth like this, execute it on all other nodes you want to join to the cluster
	#kubeadm join 49.13.81.120:6443 --token f0g8qm.nrs313szon169kl6 \
	#-discovery-token-ca-cert-hash sha256:65b72eb016e2a5f07930790f2f93eba1f2189df40643a3830f9322cb6b57eb17


	###After join on a selected node for acc. the kube-api
	#mkdir -p $HOME/.kube
	#sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	#sudo chown $(id -u):$(id -g) $HOME/.kube/config