Last active
June 17, 2024 00:29
-
-
Save taking/22af888e010f7084d920ca1ecec10085 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Author by Taking | |
| # ubuntu 22.04 | |
| # Kubernetes v1.25 Install + Reset | |
| # Cri-o v1.25 | |
| # Flannel CNI | |
| # Cluster Name Change (Host명 기준) | |
| # MetalLB Install | |
| RED=`tput setaf 1` | |
| GREEN=`tput setaf 2` | |
| NC=`tput sgr0` | |
| # Check permission | |
| if ! [ $(id -u) = 0 ] | |
| then echo "${RED}Please run as root ${NC}" | |
| exit | |
| fi | |
| ############ k8s check ############### | |
| if [ -f ~/.kube/config ]; then | |
| echo "${RED}--Kubernetes reset check--${NC}" | |
| echo "kubernetes reset?" | |
| read -r -p "Are You Sure? [Y/n] " input | |
| case $input in | |
| [yY][eE][sS]|[yY]) | |
| echo "Yes" | |
| kubeadm reset -f && | |
| rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel | |
| ip link del cni0 | |
| ip link del flannel.1 | |
| exit 1 | |
| ;; | |
| [nN][oO]|[nN]) | |
| echo "No" | |
| ;; | |
| *) | |
| echo "Invalid input..." | |
| exit 1 | |
| ;; | |
| esac | |
| fi | |
| ############ hostname change ############### | |
| # Hostname 으로, 모든 것이 설정됩니다. | |
| echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}" | |
| read -p "hostname Change is (ex k8s-worker) : " uhost | |
| ubuntu_version=$(lsb_release -rs) | |
| if [ "$ubuntu_version" == "22.04" ]; then | |
| # Ubuntu 22.04의 경우 | |
| hostnamectl hostname "$uhost" | |
| else | |
| # 그 이외 | |
| hostnamectl set-hostname $uhost | |
| fi | |
| echo '[Hostname] Change Success' | |
| echo "${RED}--HOSTNAME CHANGE END--${NC}" | |
| apt-get update -y | |
| apt-get install vim apt-transport-https gnupg2 curl git wget ca-certificates -y | |
| echo "${RED}--CNI Network Plugin INSTALL CHECK--${NC}" | |
| if [ -f /opt/cni/bin ]; then | |
| echo "${RED}--CNI Network Plugin INSTALLED...PASS--${NC}" | |
| else | |
| echo "${RED}--CNI Network Plugin Installing & Init...--${NC}" | |
| CNI_VERSION=1.1.1 | |
| archType="amd64" | |
| wget -q "https://github.com/containernetworking/plugins/releases/download/v${CNI_VERSION}/cni-plugins-linux-${archType}-v${CNI_VERSION}.tgz" -O /tmp/cni-plugins.tgz | |
| mkdir -p /opt/cni/bin/ | |
| tar -C /opt/cni/bin/ -xzf /tmp/cni-plugins.tgz | |
| echo "${RED}--Containerd Init SUCCESS...--${NC}" | |
| fi | |
| echo "${RED}--CRI-O INSTALL CHECK--${NC}" | |
| if [ -f /usr/bin/crio ]; then | |
| echo "${RED}--CRI-O INSTALLED...PASS--${NC}" | |
| else | |
| echo "${RED}--CRI-O Installing & Init...--${NC}" | |
| OS=xUbuntu_20.04 | |
| CRIO_VERSION=1.25 | |
| echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list | |
| echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list | |
| curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:/$CRIO_VERSION/$OS/Release.key | apt-key add - | |
| apt update -y | |
| apt install cri-o cri-o-runc cri-tools -y | |
| sed -i 's/-\/etc\/default\/crio/-\/etc\/crio\/crio.conf/' /lib/systemd/system/crio.service | |
| cat /lib/systemd/system/crio.service | grep EnvironmentFile | |
| cat <<EOF | /etc/crio/crio.conf | |
| [crio.runtime] | |
| cgroup_manager = "systemd" | |
| [crio.network] | |
| network_dir = "/etc/cni/net.d/" | |
| plugin_dirs = [ | |
| "/opt/cni/bin/", | |
| ] | |
| EOF | |
| systemctl daemon-reload | |
| systemctl enable --now crio | |
| systemctl restart crio | |
| echo "${RED}--Containerd Init SUCCESS...--${NC}" | |
| fi | |
| echo "${RED}--Kubernetes INSTALL CHECK--${NC}" | |
| if [ -f /usr/bin/kubectx -a -f /usr/bin/kubeadm -a -f /usr/bin/kubelet ]; then | |
| echo "${RED}--Kubernetes INSTALLED...PASS--${NC}" | |
| else | |
| echo "${RED}--Kubernetes INSTALLING...--${NC}" | |
| curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - | |
| echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
| curl https://helm.baltorepo.com/organization/signing.asc | sudo apt-key add - | |
| echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list | |
| apt-get update -y | |
| apt-get install kubelet=1.25.0-00 kubeadm=1.25.0-00 kubectl=1.25.0-00 helm -y | |
| apt-mark hold kubelet kubeadm kubectl kubernetes-cni | |
| echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}" | |
| fi | |
| echo "${RED}--System initialize Check...--${NC}" | |
| if [ -f /etc/sysctl.d/k8s.conf ]; then | |
| echo "${RED}--System initialized...PASS--${NC}" | |
| else | |
| echo "${RED}--Kubernetes initializing...--${NC}" | |
| swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab | |
| echo '1' > /proc/sys/net/ipv4/ip_forward | |
| cat <<EOF | sudo tee /etc/modules-load.d/crio.conf | |
| overlay | |
| br_netfilter | |
| EOF | |
| modprobe overlay | |
| modprobe br_netfilter | |
| cat <<EOF > /etc/sysctl.d/99-kubernetes.conf | |
| net.ipv4.ip_forward=1 | |
| kernel.keys.root_maxbytes=25000000 | |
| kernel.keys.root_maxkeys=1000000 | |
| kernel.panic=10 | |
| kernel.panic_on_oops=1 | |
| vm.overcommit_memory=1 | |
| vm.panic_on_oom=0 | |
| net.ipv4.ip_local_reserved_ports=30000-32767 | |
| net.bridge.bridge-nf-call-iptables=1 | |
| net.bridge.bridge-nf-call-ip6tables=1 | |
| EOF | |
| mkdir -p /var/lib/kubelet | |
| cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env | |
| KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd" | |
| EOF | |
| sysctl --system | |
| systemctl daemon-reload | |
| systemctl restart kubelet | |
| systemctl enable --now kubelet | |
| fi | |
| echo "${RED}--Kubectx, Kubens Install Check...--${NC}" | |
| if [ -f /usr/bin/kubectx ]; then | |
| echo "${RED}--kubectx exist...PASS--${NC}" | |
| else | |
| echo "${RED}--Kubernetetes : kubectx + kubens downloading...--${NC}" | |
| git clone https://github.com/ahmetb/kubectx | |
| cp -r kubectx/kube* /usr/bin/ | |
| rm -rf ./kubectx | |
| kubectx | |
| kubens | |
| fi | |
| if [ -f ~/.kube/config ]; then | |
| echo "${RED}--Kubernetes initialized...PASS--${NC}" | |
| else | |
| echo "${RED}--Kubernetes initializing...--${NC}" | |
| internal_ip="$(hostname -I | awk {'print $1'})" | |
| instance_public_ip="$(curl ifconfig.me --silent)" | |
| echo '#### K8s Init ? ####' | |
| echo '[Kubernetes Init Select]' | |
| echo 'Network Add-on is [Flannel]' | |
| echo 'Flannel Applying...' | |
| pod_network_cidr="10.244.0.0/16" | |
| kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip}" | |
| mkdir -p $HOME/.kube && | |
| cp -i /etc/kubernetes/admin.conf $HOME/.kube/config && | |
| chown $(id -u):$(id -g) $HOME/.kube/config | |
| kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml | |
| # all | |
| _hostname="$(hostname)" | |
| kubectl taint nodes --all node-role.kubernetes.io/master- | |
| kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane- | |
| kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/ clusterName: kubernetes/ clusterName: ${_hostname}/g" | kubectl replace -f - && | |
| kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname} | |
| sed -i "6s/.*/ name: ${_hostname}/g" $HOME/.kube/config | |
| sed -i "9s/.*/ cluster: ${_hostname}/g" $HOME/.kube/config | |
| kubectl get nodes | |
| # new account | |
| #kubectl -n kube-system create serviceaccount ${_hostname} && | |
| #kubectl create clusterrolebinding ${_hostname} \ | |
| # --clusterrole=cluster-admin \ | |
| # --serviceaccount=kube-system:${_hostname} | |
| fi | |
| echo "${RED}--Script END--${NC}" |
Rocky linux 9.4 + Kubernetes 1.25
#!/bin/bash
# Author by Taking
# Rocky Linux 9.4
# Kubernetes v1.25 Install + Reset
# Cri-o v1.25
# Calico CNI
# Cluster Name Change (Host명 기준)
RED=`tput setaf 1`
GREEN=`tput setaf 2`
NC=`tput sgr0`
# Check permission
if ! [ $(id -u) = 0 ]
then echo "${RED}Please run as root ${NC}"
exit
fi
############ k8s check ###############
if [ -f ~/.kube/config ]; then
echo "${RED}--Kubernetes reset check--${NC}"
echo "kubernetes reset?"
read -r -p "Are You Sure? [Y/n] " input
case $input in
[yY][eE][sS]|[yY])
echo "Yes"
kubeadm reset -f &&
rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel
ip link del cni0
ip link del flannel.1
exit 1
;;
[nN][oO]|[nN])
echo "No"
;;
*)
echo "Invalid input..."
exit 1
;;
esac
fi
############ hostname change ###############
# Hostname 으로, 모든 것이 설정됩니다.
echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}"
read -p "hostname Change is (ex k8s-worker) : " uhost
hostnamectl hostname "$uhost"
echo '[Hostname] Change Success'
echo "${RED}--HOSTNAME CHANGE END--${NC}"
dnf update -y
dnf install chrony net-tools tar curl git wget unzip vim gnupg2 bind bind-chroot bind-utils -y
echo "${RED}--CRI-O INSTALL CHECK--${NC}"
if [ -f /bin/crio ]; then
echo "${RED}--CRI-O INSTALLED...PASS--${NC}"
else
echo "${RED}--CRI-O Installing & Init...--${NC}"
OS=CentOS_9_Stream
CRIO_VERSION=1.27
curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo
curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo
dnf update -y
dnf install cri-o -y
systemctl daemon-reload
systemctl enable --now crio
systemctl restart crio
echo "${RED}--CRI-O Init SUCCESS...--${NC}"
fi
echo "${RED}--Podman INSTALL CHECK--${NC}"
if [ -f /bin/podman ]; then
echo "${RED}--Podman INSTALLED...PASS--${NC}"
else
echo "${RED}--Podman Installing...--${NC}"
dnf install podman -y
echo "${RED}--Podman Init SUCCESS...--${NC}"
fi
echo "${RED}--Pip3 INSTALL CHECK--${NC}"
if [ -f /bin/pip3 ]; then
echo "${RED}--Pip3 INSTALLED...PASS--${NC}"
else
echo "${RED}--Pip3 Installing...--${NC}"
curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
python get-pip.py
mv /usr/local/bin/pip3* /bin/
mv /usr/local/bin/wheel /bin/
echo "${RED}--Pip3 Init SUCCESS...--${NC}"
fi
echo "${RED}--Podman Compose INSTALL CHECK--${NC}"
if [ -f /bin/podman-compose ]; then
echo "${RED}--Podman Compose INSTALLED...PASS--${NC}"
else
echo "${RED}--Podman Compose Installing...--${NC}"
pip3 install podman-compose
mv /usr/local/bin/podman-compose /bin/
echo "${RED}--Podman Init SUCCESS...--${NC}"
fi
echo "${RED}--Kubernetes INSTALL CHECK--${NC}"
if [ -f /bin/kubectx -a -f /bin/kubeadm -a -f /bin/kubelet ]; then
echo "${RED}--Kubernetes INSTALLED...PASS--${NC}"
else
echo "${RED}--Kubernetes INSTALLING...--${NC}"
KUBE_VERSION=1.27
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF
dnf update -y
dnf install -y kubeadm-1.27.8 kubelet-1.27.8 kubectl-1.27.8 helm --disableexcludes=kubernetes
dnf versionlock add kubeadm kubelet kubectl
echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}"
fi
echo "${RED}--HELM INSTALL CHECK--${NC}"
if [ -f /bin/helm ]; then
echo "${RED}--HELM INSTALLED...PASS--${NC}"
else
echo "${RED}--HELM INSTALLING...--${NC}"
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
mv /usr/local/bin/helm /bin/helm
echo "${RED}--HELM INSTALL SUCCESS...--${NC}"
fi
echo "${RED}--System initialize Check...--${NC}"
if [ -f /etc/sysctl.d/k8s.conf ]; then
echo "${RED}--System initialized...PASS--${NC}"
else
echo "${RED}--Kubernetes initializing...--${NC}"
swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
setenforce 0
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux
# master
firewall-cmd --add-port={6443,2379-2380,10250,10251,10252,5473,179,5473}/tcp --permanent
firewall-cmd --add-port={4789,8285,8472}/udp --permanent
firewall-cmd --reload
# worker
# firewall-cmd --add-port={10250,30000-32767,5473,179,5473}/tcp --permanent
# firewall-cmd --add-port={4789,8285,8472}/udp --permanent
# firewall-cmd --reload
echo '1' > /proc/sys/net/ipv4/ip_forward
cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF
modprobe br_netfilter
modprobe nf_nat
modprobe xt_REDIRECT
modprobe xt_owner
modprobe iptable_nat
modprobe iptable_mangle
modprobe iptable_filter
cat <<EOF | sudo tee /etc/modules-load.d/istio-iptables.conf
br_netfilter
nf_nat
xt_REDIRECT
xt_owner
iptable_nat
iptable_mangle
iptable_filter
EOF
cat <<EOF > /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward=1
kernel.keys.root_maxbytes=25000000
kernel.keys.root_maxkeys=1000000
kernel.panic=10
kernel.panic_on_oops=1
vm.overcommit_memory=1
vm.panic_on_oom=0
net.ipv4.ip_local_reserved_ports=30000-32767
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
sysctl --system
mkdir -p /var/lib/kubelet
cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd"
EOF
# containerd config default | sudo tee /etc/containerd/config.toml
# systemctl restart containerd
systemctl daemon-reload
systemctl restart kubelet
systemctl enable --now kubelet
fi
if [ -f ~/.kube/config ]; then
echo "${RED}--Kubernetes initialized...PASS--${NC}"
else
echo "${RED}--Kubernetes initializing...--${NC}"
internal_ip="$(hostname -I | awk {'print $1'})"
instance_public_ip="$(curl ifconfig.me --silent)"
echo '#### K8s Init ? ####'
echo '[Kubernetes Init Select]'
echo 'Network Add-on is [Calico]'
echo 'Calico Applying...'
pod_network_cidr="10.244.0.0/16"
kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip},${instance_public_ip}" --cri-socket unix://var/run/crio/crio.sock
mkdir -p $HOME/.kube &&
cp -i /etc/kubernetes/admin.conf $HOME/.kube/config &&
chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
# all
_hostname="$(hostname)"
kubectl taint nodes --all node-role.kubernetes.io/master-
kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane-
kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/ clusterName: kubernetes/ clusterName: ${_hostname}/g" | kubectl replace -f - &&
kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname}
sed -i "6s/.*/ name: ${_hostname}/g" $HOME/.kube/config
sed -i "9s/.*/ cluster: ${_hostname}/g" $HOME/.kube/config
kubectl get nodes
# new account
#kubectl -n kube-system create serviceaccount ${_hostname} &&
#kubectl create clusterrolebinding ${_hostname} \
# --clusterrole=cluster-admin \
# --serviceaccount=kube-system:${_hostname}
fi
echo "${RED}--Script END--${NC}"
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Trouble Shoot
No CNI configuration file in /etc/cni/net.d/. Has your network provider started?"