Skip to content

Instantly share code, notes, and snippets.

@taking
Last active June 17, 2024 00:29
Show Gist options
  • Save taking/22af888e010f7084d920ca1ecec10085 to your computer and use it in GitHub Desktop.
Save taking/22af888e010f7084d920ca1ecec10085 to your computer and use it in GitHub Desktop.
#!/bin/bash
# Author by Taking
# ubuntu 22.04
# Kubernetes v1.25 Install + Reset
# Cri-o v1.25
# Flannel CNI
# Cluster Name Change (Host명 기준)
# MetalLB Install
RED=`tput setaf 1`
GREEN=`tput setaf 2`
NC=`tput sgr0`
# Check permission
if ! [ $(id -u) = 0 ]
then echo "${RED}Please run as root ${NC}"
exit
fi
############ k8s check ###############
if [ -f ~/.kube/config ]; then
echo "${RED}--Kubernetes reset check--${NC}"
echo "kubernetes reset?"
read -r -p "Are You Sure? [Y/n] " input
case $input in
[yY][eE][sS]|[yY])
echo "Yes"
kubeadm reset -f &&
rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel
ip link del cni0
ip link del flannel.1
exit 1
;;
[nN][oO]|[nN])
echo "No"
;;
*)
echo "Invalid input..."
exit 1
;;
esac
fi
############ hostname change ###############
# Hostname 으로, 모든 것이 설정됩니다.
echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}"
read -p "hostname Change is (ex k8s-worker) : " uhost
ubuntu_version=$(lsb_release -rs)
if [ "$ubuntu_version" == "22.04" ]; then
# Ubuntu 22.04의 경우
hostnamectl hostname "$uhost"
else
# 그 이외
hostnamectl set-hostname $uhost
fi
echo '[Hostname] Change Success'
echo "${RED}--HOSTNAME CHANGE END--${NC}"
apt-get update -y
apt-get install vim apt-transport-https gnupg2 curl git wget ca-certificates -y
echo "${RED}--CNI Network Plugin INSTALL CHECK--${NC}"
if [ -f /opt/cni/bin ]; then
echo "${RED}--CNI Network Plugin INSTALLED...PASS--${NC}"
else
echo "${RED}--CNI Network Plugin Installing & Init...--${NC}"
CNI_VERSION=1.1.1
archType="amd64"
wget -q "https://github.com/containernetworking/plugins/releases/download/v${CNI_VERSION}/cni-plugins-linux-${archType}-v${CNI_VERSION}.tgz" -O /tmp/cni-plugins.tgz
mkdir -p /opt/cni/bin/
tar -C /opt/cni/bin/ -xzf /tmp/cni-plugins.tgz
echo "${RED}--Containerd Init SUCCESS...--${NC}"
fi
echo "${RED}--CRI-O INSTALL CHECK--${NC}"
if [ -f /usr/bin/crio ]; then
echo "${RED}--CRI-O INSTALLED...PASS--${NC}"
else
echo "${RED}--CRI-O Installing & Init...--${NC}"
OS=xUbuntu_20.04
CRIO_VERSION=1.25
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list
curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:/$CRIO_VERSION/$OS/Release.key | apt-key add -
apt update -y
apt install cri-o cri-o-runc cri-tools -y
sed -i 's/-\/etc\/default\/crio/-\/etc\/crio\/crio.conf/' /lib/systemd/system/crio.service
cat /lib/systemd/system/crio.service | grep EnvironmentFile
cat <<EOF | /etc/crio/crio.conf
[crio.runtime]
cgroup_manager = "systemd"
[crio.network]
network_dir = "/etc/cni/net.d/"
plugin_dirs = [
"/opt/cni/bin/",
]
EOF
systemctl daemon-reload
systemctl enable --now crio
systemctl restart crio
echo "${RED}--Containerd Init SUCCESS...--${NC}"
fi
echo "${RED}--Kubernetes INSTALL CHECK--${NC}"
if [ -f /usr/bin/kubectx -a -f /usr/bin/kubeadm -a -f /usr/bin/kubelet ]; then
echo "${RED}--Kubernetes INSTALLED...PASS--${NC}"
else
echo "${RED}--Kubernetes INSTALLING...--${NC}"
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
curl https://helm.baltorepo.com/organization/signing.asc | sudo apt-key add -
echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
apt-get update -y
apt-get install kubelet=1.25.0-00 kubeadm=1.25.0-00 kubectl=1.25.0-00 helm -y
apt-mark hold kubelet kubeadm kubectl kubernetes-cni
echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}"
fi
echo "${RED}--System initialize Check...--${NC}"
if [ -f /etc/sysctl.d/k8s.conf ]; then
echo "${RED}--System initialized...PASS--${NC}"
else
echo "${RED}--Kubernetes initializing...--${NC}"
swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
echo '1' > /proc/sys/net/ipv4/ip_forward
cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
cat <<EOF > /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward=1
kernel.keys.root_maxbytes=25000000
kernel.keys.root_maxkeys=1000000
kernel.panic=10
kernel.panic_on_oops=1
vm.overcommit_memory=1
vm.panic_on_oom=0
net.ipv4.ip_local_reserved_ports=30000-32767
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
mkdir -p /var/lib/kubelet
cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd"
EOF
sysctl --system
systemctl daemon-reload
systemctl restart kubelet
systemctl enable --now kubelet
fi
echo "${RED}--Kubectx, Kubens Install Check...--${NC}"
if [ -f /usr/bin/kubectx ]; then
echo "${RED}--kubectx exist...PASS--${NC}"
else
echo "${RED}--Kubernetetes : kubectx + kubens downloading...--${NC}"
git clone https://github.com/ahmetb/kubectx
cp -r kubectx/kube* /usr/bin/
rm -rf ./kubectx
kubectx
kubens
fi
if [ -f ~/.kube/config ]; then
echo "${RED}--Kubernetes initialized...PASS--${NC}"
else
echo "${RED}--Kubernetes initializing...--${NC}"
internal_ip="$(hostname -I | awk {'print $1'})"
instance_public_ip="$(curl ifconfig.me --silent)"
echo '#### K8s Init ? ####'
echo '[Kubernetes Init Select]'
echo 'Network Add-on is [Flannel]'
echo 'Flannel Applying...'
pod_network_cidr="10.244.0.0/16"
kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip}"
mkdir -p $HOME/.kube &&
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config &&
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
# all
_hostname="$(hostname)"
kubectl taint nodes --all node-role.kubernetes.io/master-
kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane-
kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/ clusterName: kubernetes/ clusterName: ${_hostname}/g" | kubectl replace -f - &&
kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname}
sed -i "6s/.*/ name: ${_hostname}/g" $HOME/.kube/config
sed -i "9s/.*/ cluster: ${_hostname}/g" $HOME/.kube/config
kubectl get nodes
# new account
#kubectl -n kube-system create serviceaccount ${_hostname} &&
#kubectl create clusterrolebinding ${_hostname} \
# --clusterrole=cluster-admin \
# --serviceaccount=kube-system:${_hostname}
fi
echo "${RED}--Script END--${NC}"
@taking
Copy link
Author

taking commented Feb 21, 2024

Trouble Shoot

  • No CNI configuration file in /etc/cni/net.d/. Has your network provider started?"
systemctl restart crio

@taking
Copy link
Author

taking commented Jun 17, 2024

Rocky linux 9.4 + Kubernetes 1.25

#!/bin/bash
# Author by Taking
# Rocky Linux 9.4
# Kubernetes v1.25 Install + Reset
# Cri-o v1.25
# Calico CNI
# Cluster Name Change (Host명 기준)

RED=`tput setaf 1`
GREEN=`tput setaf 2`
NC=`tput sgr0`

# Check permission
if ! [ $(id -u) = 0 ]
  then echo "${RED}Please run as root ${NC}"
  exit
fi

############ k8s check ###############

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes reset check--${NC}"
    
    echo "kubernetes reset?"
    read -r -p "Are You Sure? [Y/n] " input
    case $input in
        [yY][eE][sS]|[yY])
    		    echo "Yes"
        kubeadm reset -f &&
        rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel
        ip link del cni0
        ip link del flannel.1
        exit 1
		    ;;
        [nN][oO]|[nN])
		    echo "No"
       		    ;;
        *)
	    echo "Invalid input..."
	    exit 1
	    ;;
    esac
fi

############ hostname change ###############
# Hostname 으로, 모든 것이 설정됩니다.
echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}"
read -p "hostname Change is (ex k8s-worker) : " uhost

hostnamectl hostname "$uhost"

echo '[Hostname] Change Success'
echo "${RED}--HOSTNAME CHANGE END--${NC}"

dnf update -y
dnf install chrony net-tools tar curl git wget unzip vim gnupg2 bind bind-chroot bind-utils -y

echo "${RED}--CRI-O INSTALL CHECK--${NC}"
if [ -f /bin/crio ]; then
    echo "${RED}--CRI-O INSTALLED...PASS--${NC}"
else
    echo "${RED}--CRI-O Installing & Init...--${NC}"
    OS=CentOS_9_Stream
    CRIO_VERSION=1.27
    curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo
    curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo

    dnf update -y
    dnf install cri-o -y

    systemctl daemon-reload
    systemctl enable --now crio
    systemctl restart crio
    echo "${RED}--CRI-O Init SUCCESS...--${NC}"
fi

echo "${RED}--Podman INSTALL CHECK--${NC}"
if [ -f /bin/podman ]; then
    echo "${RED}--Podman INSTALLED...PASS--${NC}"
else
    echo "${RED}--Podman Installing...--${NC}"

    dnf install podman -y

    echo "${RED}--Podman Init SUCCESS...--${NC}"
fi

echo "${RED}--Pip3 INSTALL CHECK--${NC}"
if [ -f /bin/pip3 ]; then
    echo "${RED}--Pip3 INSTALLED...PASS--${NC}"
else
    echo "${RED}--Pip3 Installing...--${NC}"

    curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
    python get-pip.py

    mv /usr/local/bin/pip3* /bin/
    mv /usr/local/bin/wheel /bin/

    echo "${RED}--Pip3 Init SUCCESS...--${NC}"
fi

echo "${RED}--Podman Compose INSTALL CHECK--${NC}"
if [ -f /bin/podman-compose ]; then
    echo "${RED}--Podman Compose INSTALLED...PASS--${NC}"
else
    echo "${RED}--Podman Compose Installing...--${NC}"

    pip3 install podman-compose
    mv /usr/local/bin/podman-compose /bin/

    echo "${RED}--Podman Init SUCCESS...--${NC}"
fi

echo "${RED}--Kubernetes INSTALL CHECK--${NC}"
if [ -f /bin/kubectx -a -f /bin/kubeadm -a -f /bin/kubelet ]; then
    echo "${RED}--Kubernetes INSTALLED...PASS--${NC}"
else
    echo "${RED}--Kubernetes INSTALLING...--${NC}"

    KUBE_VERSION=1.27
    cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF

    dnf update -y
    dnf install -y kubeadm-1.27.8 kubelet-1.27.8 kubectl-1.27.8 helm --disableexcludes=kubernetes
    dnf versionlock add kubeadm kubelet kubectl
    echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}"
fi


echo "${RED}--HELM INSTALL CHECK--${NC}"
if [ -f /bin/helm ]; then
    echo "${RED}--HELM INSTALLED...PASS--${NC}"
else
    echo "${RED}--HELM INSTALLING...--${NC}"

    curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
    mv /usr/local/bin/helm /bin/helm

    echo "${RED}--HELM INSTALL SUCCESS...--${NC}"
fi

echo "${RED}--System initialize Check...--${NC}"

if [ -f /etc/sysctl.d/k8s.conf ]; then
    echo "${RED}--System initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

    setenforce 0
    sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

    # master
    firewall-cmd --add-port={6443,2379-2380,10250,10251,10252,5473,179,5473}/tcp --permanent
    firewall-cmd --add-port={4789,8285,8472}/udp --permanent
    firewall-cmd --reload

    # worker
    # firewall-cmd --add-port={10250,30000-32767,5473,179,5473}/tcp --permanent
    # firewall-cmd --add-port={4789,8285,8472}/udp --permanent
    # firewall-cmd --reload

    echo '1' > /proc/sys/net/ipv4/ip_forward
    cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF
    modprobe br_netfilter
    modprobe nf_nat
    modprobe xt_REDIRECT
    modprobe xt_owner
    modprobe iptable_nat
    modprobe iptable_mangle
    modprobe iptable_filter
    cat <<EOF | sudo tee /etc/modules-load.d/istio-iptables.conf
br_netfilter
nf_nat
xt_REDIRECT
xt_owner
iptable_nat
iptable_mangle
iptable_filter
EOF    
    cat <<EOF > /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward=1
kernel.keys.root_maxbytes=25000000
kernel.keys.root_maxkeys=1000000
kernel.panic=10
kernel.panic_on_oops=1
vm.overcommit_memory=1
vm.panic_on_oom=0
net.ipv4.ip_local_reserved_ports=30000-32767
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
    sysctl --system

    mkdir -p /var/lib/kubelet
    cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd"
EOF

    # containerd config default | sudo tee /etc/containerd/config.toml
    # systemctl restart containerd

    systemctl daemon-reload
    systemctl restart kubelet
    systemctl enable --now kubelet
fi

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    internal_ip="$(hostname -I | awk {'print $1'})"
    instance_public_ip="$(curl ifconfig.me --silent)"
    echo '#### K8s Init ? ####'
    echo '[Kubernetes Init Select]'
    echo 'Network Add-on is [Calico]'
    echo 'Calico Applying...'

    pod_network_cidr="10.244.0.0/16"
    kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip},${instance_public_ip}" --cri-socket unix://var/run/crio/crio.sock
    mkdir -p $HOME/.kube &&
    cp -i /etc/kubernetes/admin.conf $HOME/.kube/config &&
    chown $(id -u):$(id -g) $HOME/.kube/config

    kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

    # all
    _hostname="$(hostname)"  
    kubectl taint nodes --all node-role.kubernetes.io/master-
    kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane-
    kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/    clusterName: kubernetes/    clusterName: ${_hostname}/g" | kubectl replace -f - &&
    kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname}
    sed -i "6s/.*/  name: ${_hostname}/g" $HOME/.kube/config
    sed -i "9s/.*/    cluster: ${_hostname}/g" $HOME/.kube/config
    kubectl get nodes

    # new account
    #kubectl -n kube-system create serviceaccount ${_hostname} &&
    #kubectl create clusterrolebinding ${_hostname} \
    #  --clusterrole=cluster-admin \
    #  --serviceaccount=kube-system:${_hostname}
fi

echo "${RED}--Script END--${NC}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment