Last active
August 5, 2019 03:33
-
-
Save sfxworks/19026101bdc53dcf4c446d0b66fe56da to your computer and use it in GitHub Desktop.
kubectl runc runsc containerd ubuntu 18.0.4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
set -e | |
#install kubernetes | |
apt-get update && apt-get install -y apt-transport-https curl | |
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - | |
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list | |
deb https://apt.kubernetes.io/ kubernetes-xenial main | |
EOF | |
apt-get update | |
apt-get install -y kubelet kubeadm kubectl | |
apt-mark hold kubelet kubeadm kubectl | |
#install containerd | |
sudo mkdir -p \ | |
/etc/cni/net.d \ | |
/opt/cni/bin \ | |
/etc/containerd | |
wget https://github.com/containernetworking/plugins/releases/download/v0.8.1/cni-plugins-linux-amd64-v0.8.1.tgz | |
wget https://github.com/containerd/containerd/releases/download/v1.3.0-beta.0/containerd-1.3.0-beta.0.linux-amd64.tar.gz | |
wget https://storage.googleapis.com/gvisor/releases/nightly/latest/runsc | |
wget https://github.com/opencontainers/runc/releases/download/v1.0.0-rc8/runc.amd64 | |
mv runc.amd64 /usr/bin/runc | |
chmod +x /usr/bin/runc | |
cat <<EOF | sudo tee /etc/systemd/system/containerd.service | |
[Unit] | |
Description=containerd container runtime | |
Documentation=https://containerd.io | |
After=network.target | |
[Service] | |
ExecStartPre=/sbin/modprobe overlay | |
ExecStart=/bin/containerd | |
Restart=always | |
RestartSec=5 | |
Delegate=yes | |
KillMode=process | |
OOMScoreAdjust=-999 | |
LimitNOFILE=1048576 | |
LimitNPROC=infinity | |
LimitCORE=infinity | |
[Install] | |
WantedBy=multi-user.target | |
EOF | |
chmod a+x runsc | |
mv runsc /usr/local/bin | |
# Install gvisor-containerd-shim | |
LATEST_RELEASE=$(wget -qO - https://api.github.com/repos/google/gvisor-containerd-shim/releases | grep -oP '(?<="browser_download_url": ")https://[^"]*gvisor-containerd-shim.linux-amd64' | head -1) | |
wget -O gvisor-containerd-shim ${LATEST_RELEASE} | |
chmod +x gvisor-containerd-shim | |
sudo mv gvisor-containerd-shim /usr/local/bin/gvisor-containerd-shim | |
# Create the gvisor-containerd-shim.toml | |
cat <<EOF | sudo tee /etc/containerd/gvisor-containerd-shim.toml | |
# This is the path to the default runc containerd-shim. | |
runc_shim = "/usr/local/bin/containerd-shim" | |
EOF | |
# Create containerd config.toml | |
cat <<EOF | sudo tee /etc/containerd/config.toml | |
disabled_plugins = ["restart"] | |
[plugins.linux] | |
shim = "/usr/local/bin/gvisor-containerd-shim" | |
shim_debug = true | |
[plugins.cri.containerd.runtimes.runsc] | |
runtime_type = "io.containerd.runtime.v1.linux" | |
runtime_engine = "/usr/local/bin/runsc" | |
runtime_root = "/run/containerd/runsc" | |
EOF | |
tar -xvf cni-plugins-linux-amd64-v0.8.1.tgz -C /opt/cni/bin/ | |
tar -xvf containerd-1.3.0-beta.0.linux-amd64.tar.gz -C / | |
echo br_netfilter >> /etc/modules | |
echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.conf | |
echo '1' > /proc/sys/net/ipv4/ip_forward | |
modprobe br_netfilter | |
systemctl enable kubelet | |
systemctl enable containerd | |
systemctl start containerd | |
swapoff -a | |
kubeadm join $MASTER_IP:$MASTER_PORT --token $TOKEN --discovery-token-ca-cert-hash $HASH | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment