Skip to content

Instantly share code, notes, and snippets.

@mundry

mundry/README.md

Last active June 29, 2023 19:14
Show Gist options
  • Save mundry/126693551f2e7dad339f874d76b1554c to your computer and use it in GitHub Desktop.
Save mundry/126693551f2e7dad339f874d76b1554c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
README.md 
sudo dnf update -y --refresh; sudo dnf install -y qemu-guest-agent tar; sudo systemctl disable --now firewalld; sudo dnf clean all; sudo systemctl reboot
sudo -i
curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.27 INSTALL_RKE2_TYPE=server sh -
cat <<EOF >> /etc/rancher/rke2/config.yaml
node-taint:
  - "CriticalAddonsOnly=true:NoExecute"
EOF
export PROXY_DOMAIN=
cat <<EOF >> /etc/sysconfig/rke2-server

HTTP_PROXY=http://$PROXY_DOMAIN:8080
HTTPS_PROXY=http://$PROXY_DOMAIN:8080
NO_PROXY=127.0.0.0/8,::1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
EOF
systemctl enable --now rke2-server.service
ln -s $(find /var/lib/rancher/rke2/data/ -name kubectl) /usr/local/bin/kubectl
echo "export KUBECONFIG=/etc/rancher/rke2/rke2.yaml" >> /root/.bashrc
echo 'export PATH=/usr/local/bin:$PATH' >> /root/.bashrc
source /root/.bashrc
kubectl get nodes
cat /var/lib/rancher/rke2/server/node-token
cat <<'EOF' > /var/lib/rancher/rke2/server/manifests/rke2-ingress-nginx-config.yaml
---
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
  name: rke2-ingress-nginx
  namespace: kube-system
spec:
  valuesContent: |-
    controller:
      config:
        use-forwarded-headers: "true"
EOF
curl -#L https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo update
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -days 3650 -nodes -subj "/C=XX/ST=StateName/L=CityName/O=CompanyName/OU=CompanySectionName/CN=rancher.example.com"
mv cert.pem tls.crt; mv key.pem tls.key
kubectl create namespace cattle-system
kubectl -n cattle-system create secret tls tls-rancher-ingress --cert=tls.crt --key=tls.key
helm upgrade -i rancher rancher-latest/rancher --create-namespace --namespace cattle-system --set hostname=rancher.example.com --set bootstrapPassword=bootStrapAllTheThings --set global.cattle.psp.enabled=false --set tls=external --set ingress.tls.source=secret


export RANCHER1_IP=192.168.178.44
export TOKEN=K1006948a58c9fbfe092d84f4c4efb31589f46937c0820627cbd6be8d281ef6ffcb::server:c62c2e763207962c4eec7e8296d0166f
curl -sfL https://get.rke2.io | INSTALL_RKE2_CHANNEL=v1.27 INSTALL_RKE2_TYPE=agent sh -
echo "server: https://$RANCHER1_IP:9345" > /etc/rancher/rke2/config.yaml
echo "token: $TOKEN" >> /etc/rancher/rke2/config.yaml
systemctl enable --now rke2-agent.service


---

curl https://releases.rancher.com/install-docker/20.10.sh | sh
sudo apt-mark hold docker-ce docker-ce-cli docker-ce-rootless-extras docker-compose-plugin docker-scan-plugin containerd.io
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment