Created
May 1, 2025 05:08
-
-
Save ramanuj-dad/0955dd7d95777be67fe51e5bf4f4f2b6 to your computer and use it in GitHub Desktop.
k8s_setup.sh
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ################################################################################ | |
| # Kubernetes v1.33 & Cilium Installer for Debian | |
| # | |
| # This script installs Kubernetes version v1.33 on a plain-vanilla Debian system | |
| # using kubeadm, kubelet, and kubectl via the new package repository hosted at | |
| # pkgs.k8s.io. It also installs containerd (configured with the systemd cgroup | |
| # driver) as the container runtime, disables swap, and deploys Cilium as the CNI. | |
| # | |
| # Prerequisites: | |
| # - Compatible Linux host with at least 2GB RAM and 2 CPUs. | |
| # - Unique hostname, MAC address, and product_uuid on every node. | |
| # - Required ports (e.g., 6443 for API server) open. | |
| # | |
| # Usage: Run this script as root: | |
| # sudo ./k8s_install.sh | |
| ################################################################################ | |
| # Exit immediately on error, treat unset variables as errors, and propagate pipeline errors. | |
| set -euo pipefail | |
| IFS=$'\n\t' | |
| # Log file location | |
| LOG_FILE="/var/log/k8s_install.log" | |
| : > "$LOG_FILE" | |
| chmod 644 "$LOG_FILE" | |
| # Logging functions | |
| log_info() { | |
| echo "$(date +'%Y-%m-%d %H:%M:%S') [INFO] $*" | tee -a "$LOG_FILE" | |
| } | |
| log_warn() { | |
| echo "$(date +'%Y-%m-%d %H:%M:%S') [WARN] $*" | tee -a "$LOG_FILE" | |
| } | |
| log_error() { | |
| echo "$(date +'%Y-%m-%d %H:%M:%S') [ERROR] $*" | tee -a "$LOG_FILE" >&2 | |
| } | |
| # Ensure the script is run as root | |
| if [ "$EUID" -ne 0 ]; then | |
| log_error "This script must be run as root. Exiting." | |
| exit 1 | |
| fi | |
| log_info "Starting Kubernetes v1.33 installation on Debian..." | |
| ############################################################################### | |
| # Pre-Installation: Update apt and install prerequisites | |
| ############################################################################### | |
| log_info "Updating apt repositories..." | |
| apt-get update -y >> "$LOG_FILE" 2>&1 | |
| log_info "Installing prerequisites: apt-transport-https, ca-certificates, curl, gpg..." | |
| apt-get install -y apt-transport-https ca-certificates curl gpg >> "$LOG_FILE" 2>&1 | |
| ############################################################################### | |
| # Install and Configure containerd as the Container Runtime | |
| ############################################################################### | |
| log_info "Installing containerd..." | |
| apt-get install -y containerd >> "$LOG_FILE" 2>&1 | |
| log_info "Generating default containerd configuration..." | |
| # Generate a default configuration file for containerd | |
| containerd config default > /etc/containerd/config.toml | |
| log_info "Configuring containerd to use the systemd cgroup driver..." | |
| # Ensure that containerd uses systemd as the cgroup driver for compatibility with kubelet. | |
| if ! grep -q "SystemdCgroup = true" /etc/containerd/config.toml; then | |
| # Append the setting under the correct section | |
| sed -i '/\[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc.options\]/a \ \ \ \ SystemdCgroup = true' /etc/containerd/config.toml | |
| fi | |
| systemctl restart containerd | |
| log_info "containerd installation and configuration completed." | |
| ############################################################################### | |
| # Set Up the Kubernetes v1.33 Package Repository (pkgs.k8s.io) | |
| ############################################################################### | |
| log_info "Setting up the Kubernetes v1.33 apt repository..." | |
| # Create the keyrings directory if it does not exist (required on older Debian/Ubuntu) | |
| mkdir -p /etc/apt/keyrings | |
| # Download the public signing key and save it in the keyrings directory | |
| curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | |
| # Overwrite any existing configuration in the Kubernetes sources list | |
| echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /' | tee /etc/apt/sources.list.d/kubernetes.list | |
| log_info "Updating apt repositories after adding Kubernetes repo..." | |
| apt-get update -y >> "$LOG_FILE" 2>&1 | |
| ############################################################################### | |
| # Install kubeadm, kubelet, and kubectl (Kubernetes v1.33) | |
| ############################################################################### | |
| if ! command -v kubeadm &> /dev/null; then | |
| log_info "Installing kubeadm, kubelet, and kubectl (Kubernetes v1.33)..." | |
| apt-get install -y kubelet kubeadm kubectl >> "$LOG_FILE" 2>&1 | |
| log_info "Pinning Kubernetes packages to prevent unintended upgrades..." | |
| apt-mark hold kubelet kubeadm kubectl | |
| else | |
| log_info "Kubernetes components are already installed. Skipping installation." | |
| fi | |
| # Enable the kubelet service | |
| log_info "Enabling and starting kubelet service..." | |
| systemctl enable --now kubelet >> "$LOG_FILE" 2>&1 | |
| ############################################################################### | |
| # Swap Configuration (Disable Swap) | |
| ############################################################################### | |
| log_info "Disabling swap (Kubelet requires swap to be off)..." | |
| swapoff -a >> "$LOG_FILE" 2>&1 | |
| # Comment out swap entries in /etc/fstab to disable swap on reboot | |
| sed -i '/ swap / s/^/#/' /etc/fstab | |
| log_info "Swap disabled." | |
| ############################################################################### | |
| # Pre-Flight Checks Reminder | |
| ############################################################################### | |
| log_info "IMPORTANT: Ensure that your node has a unique hostname, MAC address, and product_uuid." | |
| log_info "You can verify these using 'hostname', 'ip link' and 'cat /sys/class/dmi/id/product_uuid'." | |
| # (For multi-node clusters, verify that these values are unique to each node.) | |
| ############################################################################### | |
| # Initialize the Kubernetes Cluster with kubeadm | |
| ############################################################################### | |
| if [ ! -f /etc/kubernetes/admin.conf ]; then | |
| log_info "Initializing Kubernetes cluster with kubeadm..." | |
| # --pod-network-cidr is set to 10.244.0.0/16 (adjust if using a different CNI) | |
| kubeadm init --pod-network-cidr=10.244.0.0/16 >> "$LOG_FILE" 2>&1 | |
| if [ $? -eq 0 ]; then | |
| log_info "Kubernetes cluster initialized successfully." | |
| else | |
| log_error "Kubernetes initialization failed. Check the log for details." | |
| exit 1 | |
| fi | |
| # Set up kubeconfig for root (adjust if using non-root users) | |
| export KUBECONFIG=/etc/kubernetes/admin.conf | |
| else | |
| log_info "Kubernetes cluster already initialized. Skipping kubeadm init." | |
| export KUBECONFIG=/etc/kubernetes/admin.conf | |
| fi | |
| # Allow control plane components to stabilize | |
| log_info "Waiting for the Kubernetes control plane to stabilize..." | |
| sleep 15 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment