azarus · May 19, 2025 02:31
diff --git a/k8s b/k8s
 #!/bin/bash

 set -e

 MODE=$1

 if [ -z "$MODE" ]; then
  echo "Usage: $0 {configure|init|reset}"
  exit 1
 fi

 check_prerequisites() {
  echo "[~] Checking system requirements..."
  MISSING=0
  
  for bin in curl tar modprobe iptables; do
    if ! command -v $bin &>/dev/null; then
      echo "[!] Missing required binary: $bin"
      MISSING=1
    fi
  done

  if [ ! -f /etc/os-release ]; then
    echo "[!] Missing /etc/os-release, cannot verify OS"
    MISSING=1
  fi

  if [ "$MISSING" -eq 1 ]; then
    echo "[!] One or more critical components are missing. Exiting."
    exit 1
  fi
 }

 configure_node() {
  check_prerequisites
  echo "[+] Configuring node..."

  read -p "Set hostname: " HOSTNAME
  current_hostname=$(hostname)
  if [ "$HOSTNAME" != "$current_hostname" ]; then
    hostnamectl set-hostname "$HOSTNAME"
  fi

  echo "[+] Disabling SELinux and swap..."
  if selinuxenabled; then setenforce 0 || true; fi
  grep -q '^SELINUX=disabled' /etc/selinux/config || sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
  swapoff -a
  grep -q '^#.*swap' /etc/fstab || sed -i '/\sswap\s/s/^/#/' /etc/fstab

  echo "[+] Kernel modules and sysctl setup..."
  modules=(overlay br_netfilter ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh nf_conntrack)
  for m in "${modules[@]}"; do
    lsmod | grep -q "^$m" || modprobe $m || echo "[!] Failed to load module: $m"
  done

  cat <<EOF | tee /etc/modules-load.d/k8s.conf > /dev/null
 ${modules[@]}
 EOF

  SYSCTL_FILE=/etc/sysctl.d/k8s.conf
  grep -q 'net.bridge.bridge-nf-call-iptables' $SYSCTL_FILE 2>/dev/null || cat <<EOF | tee $SYSCTL_FILE
 net.bridge.bridge-nf-call-iptables=1
 net.bridge.bridge-nf-call-ip6tables=1
 net.ipv4.ip_forward=1
 net.ipv6.conf.all.forwarding=1
 EOF

  sysctl --system

  echo "[+] Installing containerd..."
  if ! command -v containerd &>/dev/null; then
    curl -LO https://github.com/containerd/containerd/releases/download/v1.7.18/containerd-1.7.18-linux-amd64.tar.gz
    tar -C /usr/local -xzf containerd-1.7.18-linux-amd64.tar.gz
    curl -Lo /usr/local/lib/systemd/system/containerd.service https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
    systemctl daemon-reload
    systemctl enable --now containerd
  fi

  mkdir -p /etc/containerd
  grep -q 'pause:3.9' /etc/containerd/config.toml 2>/dev/null || {
    containerd config default > /etc/containerd/config.toml
    sed -i 's|sandbox_image = ".*"|sandbox_image = "registry.k8s.io/pause:3.9"|' /etc/containerd/config.toml
    systemctl restart containerd
  }

  echo "[+] Installing runc and CNI plugins..."
  if ! command -v runc &>/dev/null; then
    curl -Lo /usr/local/sbin/runc https://github.com/opencontainers/runc/releases/download/v1.1.13/runc.amd64
    chmod +x /usr/local/sbin/runc
  fi

  if [ ! -d /opt/cni/bin ]; then
    curl -LO https://github.com/containernetworking/plugins/releases/download/v1.5.1/cni-plugins-linux-amd64-v1.5.1.tgz
    mkdir -p /opt/cni/bin
    tar -C /opt/cni/bin -xzf cni-plugins-linux-amd64-v1.5.1.tgz
  fi

  echo "[+] Installing kubeadm, kubelet, kubectl..."
  if ! command -v kubeadm &>/dev/null; then
    cat <<EOF | tee /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
 name=Kubernetes
 baseurl=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/
 enabled=1
 gpgcheck=1
 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/repodata/repomd.xml.key
 exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
 EOF
    yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
    systemctl enable --now kubelet
  fi
 }

 init_cluster() {
  echo "[+] Initializing control plane..."
  read -p "Enter API endpoint (e.g. 192.168.1.135:6443): " ENDPOINT

  kubeadm config images pull
  kubeadm init --control-plane-endpoint=$ENDPOINT

  echo "[+] Setting up kubeconfig..."
  mkdir -p $HOME/.kube
  cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
  chown $(id -u):$(id -g) $HOME/.kube/config

  echo "[+] Applying Calico manifest..."
  curl -O https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/calico.yaml
  kubectl apply -f calico.yaml
 }

 reset_cluster() {
  echo "[+] Resetting cluster..."
  kubeadm reset --force
  ipvsadm --clear || true
  rm -rf /etc/cni/net.d/* /etc/kubernetes /var/lib/etcd /var/lib/kubelet /opt/cni/bin
  ip link | grep cali | awk -F: '{print $2}' | xargs -I{} ip link delete {}
  ip link delete tunl0 || true
  iptables -F
  iptables -X
  systemctl stop kubelet
  echo "[+] Reset complete. Reboot recommended."
 }

 case "$MODE" in
  configure)
    configure_node
    ;;
  init)
    init_cluster
    ;;
  reset)
    reset_cluster
    ;;
  *)
    echo "Unknown command: $MODE"
    exit 1
    ;;
 esac
	#!/bin/bash

	set -e

	MODE=$1

	if [ -z "$MODE" ]; then
	echo "Usage: $0 {configure\|init\|reset}"
	exit 1
	fi

	check_prerequisites() {
	echo "[~] Checking system requirements..."
	MISSING=0

	for bin in curl tar modprobe iptables; do
	if ! command -v $bin &>/dev/null; then
	echo "[!] Missing required binary: $bin"
	MISSING=1
	fi
	done

	if [ ! -f /etc/os-release ]; then
	echo "[!] Missing /etc/os-release, cannot verify OS"
	MISSING=1
	fi

	if [ "$MISSING" -eq 1 ]; then
	echo "[!] One or more critical components are missing. Exiting."
	exit 1
	fi
	}

	configure_node() {
	check_prerequisites
	echo "[+] Configuring node..."

	read -p "Set hostname: " HOSTNAME
	current_hostname=$(hostname)
	if [ "$HOSTNAME" != "$current_hostname" ]; then
	hostnamectl set-hostname "$HOSTNAME"
	fi

	echo "[+] Disabling SELinux and swap..."
	if selinuxenabled; then setenforce 0 \|\| true; fi
	grep -q '^SELINUX=disabled' /etc/selinux/config \|\| sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
	swapoff -a
	grep -q '^#.*swap' /etc/fstab \|\| sed -i '/\sswap\s/s/^/#/' /etc/fstab

	echo "[+] Kernel modules and sysctl setup..."
	modules=(overlay br_netfilter ip_vs ip_vs_rr ip_vs_wrr ip_vs_sh nf_conntrack)
	for m in "${modules[@]}"; do
	lsmod \| grep -q "^$m" \|\| modprobe $m \|\| echo "[!] Failed to load module: $m"
	done

	cat <<EOF \| tee /etc/modules-load.d/k8s.conf > /dev/null
	${modules[@]}
	EOF

	SYSCTL_FILE=/etc/sysctl.d/k8s.conf
	grep -q 'net.bridge.bridge-nf-call-iptables' $SYSCTL_FILE 2>/dev/null \|\| cat <<EOF \| tee $SYSCTL_FILE
	net.bridge.bridge-nf-call-iptables=1
	net.bridge.bridge-nf-call-ip6tables=1
	net.ipv4.ip_forward=1
	net.ipv6.conf.all.forwarding=1
	EOF

	sysctl --system

	echo "[+] Installing containerd..."
	if ! command -v containerd &>/dev/null; then
	curl -LO https://github.com/containerd/containerd/releases/download/v1.7.18/containerd-1.7.18-linux-amd64.tar.gz
	tar -C /usr/local -xzf containerd-1.7.18-linux-amd64.tar.gz
	curl -Lo /usr/local/lib/systemd/system/containerd.service https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
	systemctl daemon-reload
	systemctl enable --now containerd
	fi

	mkdir -p /etc/containerd
	grep -q 'pause:3.9' /etc/containerd/config.toml 2>/dev/null \|\| {
	containerd config default > /etc/containerd/config.toml
	sed -i 's\|sandbox_image = ".*"\|sandbox_image = "registry.k8s.io/pause:3.9"\|' /etc/containerd/config.toml
	systemctl restart containerd
	}

	echo "[+] Installing runc and CNI plugins..."
	if ! command -v runc &>/dev/null; then
	curl -Lo /usr/local/sbin/runc https://github.com/opencontainers/runc/releases/download/v1.1.13/runc.amd64
	chmod +x /usr/local/sbin/runc
	fi

	if [ ! -d /opt/cni/bin ]; then
	curl -LO https://github.com/containernetworking/plugins/releases/download/v1.5.1/cni-plugins-linux-amd64-v1.5.1.tgz
	mkdir -p /opt/cni/bin
	tar -C /opt/cni/bin -xzf cni-plugins-linux-amd64-v1.5.1.tgz
	fi

	echo "[+] Installing kubeadm, kubelet, kubectl..."
	if ! command -v kubeadm &>/dev/null; then
	cat <<EOF \| tee /etc/yum.repos.d/kubernetes.repo
	[kubernetes]
	name=Kubernetes
	baseurl=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/
	enabled=1
	gpgcheck=1
	gpgkey=https://pkgs.k8s.io/core:/stable:/v1.30/rpm/repodata/repomd.xml.key
	exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
	EOF
	yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
	systemctl enable --now kubelet
	fi
	}

	init_cluster() {
	echo "[+] Initializing control plane..."
	read -p "Enter API endpoint (e.g. 192.168.1.135:6443): " ENDPOINT

	kubeadm config images pull
	kubeadm init --control-plane-endpoint=$ENDPOINT

	echo "[+] Setting up kubeconfig..."
	mkdir -p $HOME/.kube
	cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	chown $(id -u):$(id -g) $HOME/.kube/config

	echo "[+] Applying Calico manifest..."
	curl -O https://raw.githubusercontent.com/projectcalico/calico/v3.28.0/manifests/calico.yaml
	kubectl apply -f calico.yaml
	}

	reset_cluster() {
	echo "[+] Resetting cluster..."
	kubeadm reset --force
	ipvsadm --clear \|\| true
	rm -rf /etc/cni/net.d/* /etc/kubernetes /var/lib/etcd /var/lib/kubelet /opt/cni/bin
	ip link \| grep cali \| awk -F: '{print $2}' \| xargs -I{} ip link delete {}
	ip link delete tunl0 \|\| true
	iptables -F
	iptables -X
	systemctl stop kubelet
	echo "[+] Reset complete. Reboot recommended."
	}

	case "$MODE" in
	configure)
	configure_node
	;;
	init)
	init_cluster
	;;
	reset)
	reset_cluster
	;;
	*)
	echo "Unknown command: $MODE"
	exit 1
	;;
	esac