Last active
July 17, 2018 05:37
-
-
Save swamibluedata/cd2810ba8e3b378f5dd6af945347206c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Setup keypair to access all your nodes from your mac | |
| # Define the master node | |
| MASTER_NODE="10.32.1.58" | |
| # Define all minions | |
| MINION_NODES="10.32.1.70 10.32.1.189" | |
| # Define the pod network | |
| POD_NETWORK_RANGE="192.168.0.0/16" | |
| ALL_NODES="$MASTER_NODE $MINION_NODES" | |
| # disable swap on all nodes | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "disabling swap on $NODE_IP" | |
| ssh root@$NODE_IP "swapoff -a" | |
| ssh root@$NODE_IP sed -i '/swap/d' /etc/fstab | |
| done | |
| # disable selinux on all systems | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "disabling selinux on $NODE_IP" | |
| ssh root@$NODE_IP "sed 's/enforcing/disabled/g' -i /etc/selinux/config" | |
| ssh root@$NODE_IP "setenforce 0" | |
| done | |
| # disable firewalld on all systems | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "disabling firewalld on $NODE_IP" | |
| ssh root@$NODE_IP "systemctl stop firewalld" | |
| ssh root@$NODE_IP "systemctl disable firewalld" | |
| done | |
| # install docker on all nodes | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "installing docker on $NODE_IP" | |
| ssh root@$NODE_IP "yum install -y docker" | |
| ssh root@$NODE_IP "systemctl enable docker" | |
| ssh root@$NODE_IP "systemctl start docker" | |
| done | |
| # verify docker on all nodes | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "verifying docker on $NODE_IP" | |
| ssh root@$NODE_IP "docker --version" | |
| done | |
| # Set /proc/sys/net/bridge/bridge-nf-call-iptables to 1 by | |
| # running sysctl net.bridge.bridge-nf-call-iptables=1 to | |
| # pass bridged IPv4 traffic to iptables’ chains. | |
| # This is a requirement for CNI plugins to work, for more information please see here | |
| for NODE_IP in $ALL_NODES | |
| do | |
| ssh root@$NODE_IP "cat <<EOF > /etc/sysctl.d/k8s.conf | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| EOF" | |
| ssh root@$NODE_IP "sysctl --system" | |
| done | |
| # installing kubelet and kubeadm | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "installing kubelet, kubeadm and kubectl on $NODE_IP" | |
| ssh root@$NODE_IP "cat <<EOF > /etc/yum.repos.d/kubernetes.repo | |
| [kubernetes] | |
| name=Kubernetes | |
| baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 | |
| enabled=1 | |
| gpgcheck=1 | |
| repo_gpgcheck=1 | |
| gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
| EOF" | |
| ssh root@$NODE_IP "yum install -y kubelet kubeadm kubectl" | |
| echo "starting kubelet service on $NODE_IP" | |
| ssh root@$NODE_IP "systemctl enable kubelet" | |
| ssh root@$NODE_IP "systemctl start kubelet" | |
| done | |
| # verify kubectl on all nodes | |
| for NODE_IP in $ALL_NODES | |
| do | |
| echo "verifying kubectl on $NODE_IP" | |
| ssh root@$NODE_IP "kubectl version" | |
| done | |
| # Initialize the cluster with some random token | |
| ssh root@$MASTER_NODE "kubeadm init --pod-network-cidr=$POD_NETWORK_RANGE --ignore-preflight-errors=all" | |
| # Setup kubectl config to run on master node | |
| ssh root@$MASTER_NODE "mkdir -p .kube;rm -f .kube/config; cp /etc/kubernetes/admin.conf .kube/config" | |
| ssh root@$MASTER_NODE kubectl get nodes | |
| # Get a copy of kubectl config on your mac as well | |
| scp root@$MASTER_NODE:.kube/config kube-config | |
| # Fetch the token so we can add other nodes, copy kube config as well | |
| TOKEN="$(ssh root@$MASTER_NODE kubeadm token list | tail -n2 | awk '{print $1}')" | |
| for MINION_IP in $MINION_NODES | |
| do | |
| echo "joining $MINION_IP" | |
| ssh root@$MINION_IP "kubeadm join --token $TOKEN $MASTER_NODE:6443 --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=all" | |
| ssh root@$MINION_IP mkdir -p .kube | |
| scp kube-config root@$MINION_IP:.kube/config | |
| done | |
| # At this time, kubectl get nodes will still show not ready | |
| ssh root@$MASTER_NODE "kubectl get nodes" | |
| # Setup calico | |
| ssh root@$MASTER_NODE "kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/rbac-kdd.yaml" | |
| ssh root@$MASTER_NODE "kubectl apply -f https://docs.projectcalico.org/v3.1/getting-started/kubernetes/installation/hosted/kubernetes-datastore/calico-networking/1.7/calico.yaml" | |
| # After this we should poll for kubectl get nodes to make sure all nodes are Ready | |
| ssh root@$MASTER_NODE "kubectl get nodes" | |
| ssh root@$MASTER_NODE "kubectl get pods --all-namespaces" | |
| ssh root@$MASTER_NODE "kubectl taint nodes --all node-role.kubernetes.io/master-" | |
| # Setting up helm (Just optional) | |
| ssh root@$MASTER_NODE "curl https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get | bash" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment