Created
January 14, 2018 22:09
-
-
Save rikatz/68217ad14b481d18d73d96edb3052e37 to your computer and use it in GitHub Desktop.
Calico Lab
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- If using GCE as your provider, you must first create networks, firewall rules and Instances | |
-- The following is based in Kelsey Hightower 'Kubernetes The Hard Way' tutorial | |
gcloud compute networks create calico-demo --subnet-mode custom | |
gcloud compute networks subnets create kubernetes \ | |
--network calico-demo \ | |
--range 10.240.0.0/24 | |
gcloud compute firewall-rules create calico-demo-allow-internal \ | |
--allow tcp,udp,icmp \ | |
--network calico-demo \ | |
--source-ranges 10.240.0.0/24,192.168.0.0/16 | |
gcloud compute firewall-rules create calico-demo-allow-external \ | |
--allow tcp:22,tcp:6443,icmp \ | |
--network calico-demo \ | |
--source-ranges 0.0.0.0/0 | |
gcloud compute addresses create calico-demo \ | |
--region $(gcloud config get-value compute/region) | |
gcloud compute instances create controller-1 \ | |
--async \ | |
--boot-disk-size 20GB \ | |
--can-ip-forward \ | |
--image-family centos-7 \ | |
--image-project centos-cloud \ | |
--machine-type n1-standard-1 \ | |
--private-network-ip 10.240.0.11 \ | |
--scopes compute-rw,storage-ro,service-management,service-control,logging-write,monitoring \ | |
--subnet kubernetes \ | |
--tags calico-demo,controller | |
for i in 0 1; do | |
gcloud compute instances create worker-${i} \ | |
--async \ | |
--boot-disk-size 20GB \ | |
--can-ip-forward \ | |
--image-family centos-7 \ | |
--image-project centos-cloud \ | |
--machine-type n1-standard-1 \ | |
--private-network-ip 10.240.0.2${i} \ | |
--scopes compute-rw,storage-ro,service-management,service-control,logging-write,monitoring \ | |
--subnet kubernetes \ | |
--tags calico-demo,worker | |
done | |
--- In All Nodes --- | |
yum install -y docker | |
systemctl enable docker && systemctl start docker | |
cat <<EOF > /etc/yum.repos.d/kubernetes.repo | |
[kubernetes] | |
name=Kubernetes | |
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 | |
enabled=1 | |
gpgcheck=1 | |
repo_gpgcheck=1 | |
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
EOF | |
setenforce 0 | |
sed -i 's/SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config | |
yum install -y kubelet-1.8.6-0 | |
yum install -y kubeadm kubectl | |
systemctl disable firewalld && systemctl stop firewalld | |
systemctl enable kubelet && systemctl start kubelet | |
cat <<EOF > /etc/sysctl.d/k8s.conf | |
net.bridge.bridge-nf-call-ip6tables = 1 | |
net.bridge.bridge-nf-call-iptables = 1 | |
EOF | |
sysctl --system | |
reboot | |
-- In Controller --- | |
kubeadm init --pod-network-cidr=192.168.0.0/16 | |
Copy/Paste the 'kubeadm join' line to somewhere else, to be used in Workers config step | |
kubectl apply -f https://docs.projectcalico.org/v3.0/getting-started/kubernetes/installation/hosted/kubeadm/1.7/calico.yaml | |
--- In Workers --- | |
kubeadm join [....] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment