niiku-y/postinst_before_rke.sh

## postinst_before_rke.sh
#!/bin/bash
# postinst_before_rke.sh
#
#usage)
# ubuntu@lb01:~$ chmod +x postinst_before_rke.sh
# ubuntu@lb01:~$ sudo bash postinst_before_rke.sh
#

usr="ubuntu"
echo "group check : "
if ! groups $usr | grep docker >/dev/null ; then
  sudo usermod -aG docker $usr
  echo "after : "
  groups $usr
else
  echo "nothing to do."
  groups $usr
fi

echo ""
echo "swap check (fstab) :"
cat /etc/fstab
echo ""
echo "swap check (free) :"
free -h

echo ""
echo "kernel module (check) :"
lsmod

if [ ! -f check.sh ]; then
  cat <<EOF >> check.sh
#!/bin/bash
# check.sh
modules="br_netfilter ip6_udp_tunnel ip_set ip_set_hash_ip ip_set_hash_net iptable_filter iptable_nat iptable_mangle iptable_raw nf_conntrack_netlink nf_conntrack nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat nf_nat_ipv4 nf_nat_masquerade_ipv4 nfnetlink udp_tunnel veth vxlan x_tables xt_addrtype xt_conntrack xt_comment xt_mark xt_multiport xt_nat xt_recent xt_set xt_statistic xt_tcpudp"
for m in \${modules}
do
    if ! lsmod | grep \${m} >/dev/null ; then
        echo "\${m}"
    fi
done
EOF
  chmod +x ./check.sh
else
  echo "check.sh : already exists"
fi

./check.sh > list.txt

echo ""
echo "kernel module (modify) :"
if [ ! -f /etc/modules.org ]; then
    cat /etc/modules list.txt >> modules.after
    cp /etc/modules /etc/modules.org
    cp modules.after /etc/modules
    cat /etc/modules
else
    echo "exist : /etc/modules.org"
    echo "/etc/modules : already modified."
    cat /etc/modules
fi

echo ""
echo "kernel parameter : "
if ! grep net.bridge.bridge-nf-call-iptables /etc/sysctl.conf >/dev/null ; then
    cp /etc/sysctl.conf /etc/sysctl.conf.org
    echo "net.bridge.bridge-nf-call-iptables=1" >> /etc/sysctl.conf
    diff /etc/sysctl.conf /etc/sysctl.conf.org
    grep net.bridge.bridge-nf-call-iptables /etc/sysctl.conf
    sysctl -p /etc/sysctl.conf
else
    echo "exist : net.bridge.bridge-nf-call-iptables"
fi

echo ""
echo "confirm (sysctl) : "
sysctl net.bridge.bridge-nf-call-iptables

echo ""
echo "confirm (check.sh) : "
./check.sh

echo ""
echo "finish."
	#!/bin/bash
	# postinst_before_rke.sh
	#
	#usage)
	# ubuntu@lb01:~$ chmod +x postinst_before_rke.sh
	# ubuntu@lb01:~$ sudo bash postinst_before_rke.sh
	#

	usr="ubuntu"
	echo "group check : "
	if ! groups $usr \| grep docker >/dev/null ; then
	sudo usermod -aG docker $usr
	echo "after : "
	groups $usr
	else
	echo "nothing to do."
	groups $usr
	fi

	echo ""
	echo "swap check (fstab) :"
	cat /etc/fstab
	echo ""
	echo "swap check (free) :"
	free -h

	echo ""
	echo "kernel module (check) :"
	lsmod

	if [ ! -f check.sh ]; then
	cat <<EOF >> check.sh
	#!/bin/bash
	# check.sh
	modules="br_netfilter ip6_udp_tunnel ip_set ip_set_hash_ip ip_set_hash_net iptable_filter iptable_nat iptable_mangle iptable_raw nf_conntrack_netlink nf_conntrack nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat nf_nat_ipv4 nf_nat_masquerade_ipv4 nfnetlink udp_tunnel veth vxlan x_tables xt_addrtype xt_conntrack xt_comment xt_mark xt_multiport xt_nat xt_recent xt_set xt_statistic xt_tcpudp"
	for m in \${modules}
	do
	if ! lsmod \| grep \${m} >/dev/null ; then
	echo "\${m}"
	fi
	done
	EOF
	chmod +x ./check.sh
	else
	echo "check.sh : already exists"
	fi

	./check.sh > list.txt

	echo ""
	echo "kernel module (modify) :"
	if [ ! -f /etc/modules.org ]; then
	cat /etc/modules list.txt >> modules.after
	cp /etc/modules /etc/modules.org
	cp modules.after /etc/modules
	cat /etc/modules
	else
	echo "exist : /etc/modules.org"
	echo "/etc/modules : already modified."
	cat /etc/modules
	fi

	echo ""
	echo "kernel parameter : "
	if ! grep net.bridge.bridge-nf-call-iptables /etc/sysctl.conf >/dev/null ; then
	cp /etc/sysctl.conf /etc/sysctl.conf.org
	echo "net.bridge.bridge-nf-call-iptables=1" >> /etc/sysctl.conf
	diff /etc/sysctl.conf /etc/sysctl.conf.org
	grep net.bridge.bridge-nf-call-iptables /etc/sysctl.conf
	sysctl -p /etc/sysctl.conf
	else
	echo "exist : net.bridge.bridge-nf-call-iptables"
	fi

	echo ""
	echo "confirm (sysctl) : "
	sysctl net.bridge.bridge-nf-call-iptables

	echo ""
	echo "confirm (check.sh) : "
	./check.sh

	echo ""
	echo "finish."