Last active
September 5, 2023 05:41
-
-
Save buty4649/148f34f4fe2bfa213a66d39c4c83902b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasCluster | |
| metadata: | |
| name: b8s | |
| namespace: default | |
| spec: | |
| dnsDomain: b-net.local | |
| --- | |
| apiVersion: cluster.x-k8s.io/v1beta1 | |
| kind: Cluster | |
| metadata: | |
| name: b8s | |
| namespace: default | |
| spec: | |
| clusterNetwork: | |
| pods: | |
| cidrBlocks: | |
| - 172.16.0.0/16 | |
| serviceDomain: cluster.local | |
| services: | |
| cidrBlocks: | |
| - 10.96.0.0/12 | |
| controlPlaneEndpoint: | |
| host: b8s.b-net.local | |
| port: 6443 | |
| controlPlaneRef: | |
| apiVersion: controlplane.cluster.x-k8s.io/v1beta1 | |
| kind: KubeadmControlPlane | |
| name: b8s-control | |
| infrastructureRef: | |
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasCluster | |
| name: b8s | |
| --- | |
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasMachineTemplate | |
| metadata: | |
| name: b8s-control | |
| namespace: default | |
| spec: | |
| template: | |
| spec: | |
| image: ubuntu/jammy | |
| minCPU: 4 | |
| minMemory: 8192 | |
| resourcePool: control-node | |
| --- | |
| apiVersion: controlplane.cluster.x-k8s.io/v1beta1 | |
| kind: KubeadmControlPlane | |
| metadata: | |
| name: b8s-control | |
| namespace: default | |
| spec: | |
| kubeadmConfigSpec: | |
| clusterConfiguration: | |
| apiServer: | |
| extraArgs: | |
| anonymous-auth: "true" | |
| authorization-mode: RBAC,Node | |
| default-not-ready-toleration-seconds: "60" | |
| default-unreachable-toleration-seconds: "60" | |
| disable-admission-plugins: AlwaysAdmit | |
| enable-admission-plugins: AlwaysPullImages,NamespaceLifecycle,ServiceAccount,NodeRestriction | |
| timeoutForControlPlane: 10m0s | |
| controllerManager: | |
| extraArgs: | |
| feature-gates: RotateKubeletServerCertificate=true | |
| terminated-pod-gc-threshold: "25" | |
| use-service-account-credentials: "true" | |
| dns: {} | |
| etcd: {} | |
| networking: {} | |
| scheduler: | |
| extraArgs: null | |
| initConfiguration: | |
| localAPIEndpoint: | |
| advertiseAddress: "" | |
| bindPort: 0 | |
| nodeRegistration: | |
| kubeletExtraArgs: | |
| event-qps: "0" | |
| feature-gates: RotateKubeletServerCertificate=true | |
| read-only-port: "0" | |
| name: '{{ v1.local_hostname }}' | |
| joinConfiguration: | |
| controlPlane: | |
| localAPIEndpoint: | |
| advertiseAddress: "" | |
| bindPort: 0 | |
| discovery: {} | |
| nodeRegistration: | |
| kubeletExtraArgs: | |
| event-qps: "0" | |
| feature-gates: RotateKubeletServerCertificate=true | |
| read-only-port: "0" | |
| name: '{{ v1.local_hostname }}' | |
| preKubeadmCommands: | |
| - mkdir -p /usr/local/src | |
| - wget -P /usr/local/src https://github.com/containerd/containerd/releases/download/v1.7.3/containerd-1.7.3-linux-amd64.tar.gz | |
| - tar -C /usr/local -xf /usr/local/src/containerd-1.7.3-linux-amd64.tar.gz | |
| - wget -P /etc/systemd/system https://raw.githubusercontent.com/containerd/containerd/main/containerd.service | |
| - systemctl daemon-reload | |
| - systemctl enable --now containerd | |
| - wget -O /usr/local/sbin/runc https://github.com/opencontainers/runc/releases/download/v1.1.8/runc.amd64 | |
| - chmod +x /usr/local/sbin/runc | |
| - wget -P /usr/local/src https://github.com/containernetworking/plugins/releases/download/v1.3.0/cni-plugins-linux-amd64-v1.3.0.tgz | |
| - mkdir -p /opt/cni/bin | |
| - tar -C /opt/cni/bin -xf /usr/local/src/cni-plugins-linux-amd64-v1.3.0.tgz | |
| - echo "overlay" >> /etc/modules-load.d/k8s.conf | |
| - echo "br_netfilter" >> /etc/modules-load.d/k8s.conf | |
| - modprobe overlay | |
| - modprobe br_netfilter | |
| - echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.d/k8s.conf | |
| - echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.d/k8s.conf | |
| - echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/k8s.conf | |
| - sysctl --system | |
| - mkdir /etc/containerd | |
| - containerd config default > /etc/containerd/config.toml | |
| - sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml | |
| - systemctl restart containerd | |
| - apt-get update | |
| - apt-get install -y apt-transport-https ca-certificates curl | |
| - curl -fsSL https://dl.k8s.io/apt/doc/apt-key.gpg | gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg | |
| - echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
| - apt-get update | |
| - apt-get install -y kubelet kubeadm kubectl | |
| - apt-mark hold kubelet kubeadm kubectl | |
| - while [ ! -S /var/run/containerd/containerd.sock ]; do echo 'Waiting for containerd...'; | |
| sleep 1; done | |
| - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab | |
| - swapoff -a | |
| useExperimentalRetryJoin: true | |
| machineTemplate: | |
| infrastructureRef: | |
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasMachineTemplate | |
| name: b8s-control | |
| replicas: 1 | |
| version: v1.27.4 | |
| --- | |
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasMachineTemplate | |
| metadata: | |
| name: b8s-worker | |
| namespace: default | |
| spec: | |
| template: | |
| spec: | |
| image: ubuntu/jammy | |
| minCPU: 4 | |
| minMemory: 8192 | |
| resourcePool: worker-node | |
| --- | |
| apiVersion: cluster.x-k8s.io/v1beta1 | |
| kind: MachineDeployment | |
| metadata: | |
| name: b8s-worker | |
| namespace: default | |
| spec: | |
| clusterName: b8s | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| cluster.x-k8s.io/cluster-name: b8s | |
| template: | |
| spec: | |
| bootstrap: | |
| configRef: | |
| apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 | |
| kind: KubeadmConfigTemplate | |
| name: b8s-worker | |
| clusterName: b8s | |
| infrastructureRef: | |
| apiVersion: infrastructure.cluster.x-k8s.io/v1beta1 | |
| kind: MaasMachineTemplate | |
| name: b8s-worker | |
| version: v1.27.4 | |
| --- | |
| apiVersion: bootstrap.cluster.x-k8s.io/v1beta1 | |
| kind: KubeadmConfigTemplate | |
| metadata: | |
| name: b8s-worker | |
| namespace: default | |
| spec: | |
| template: | |
| spec: | |
| joinConfiguration: | |
| nodeRegistration: | |
| kubeletExtraArgs: | |
| event-qps: "0" | |
| feature-gates: RotateKubeletServerCertificate=true | |
| read-only-port: "0" | |
| name: '{{ v1.local_hostname }}' | |
| preKubeadmCommands: | |
| - mkdir -p /usr/local/src | |
| - wget -P /usr/local/src https://github.com/containerd/containerd/releases/download/v1.7.3/containerd-1.7.3-linux-amd64.tar.gz | |
| - tar -C /usr/local -xf /usr/local/src/containerd-1.7.3-linux-amd64.tar.gz | |
| - wget -P /etc/systemd/system https://raw.githubusercontent.com/containerd/containerd/main/containerd.service | |
| - systemctl daemon-reload | |
| - systemctl enable --now containerd | |
| - wget -O /usr/local/sbin/runc https://github.com/opencontainers/runc/releases/download/v1.1.8/runc.amd64 | |
| - chmod +x /usr/local/sbin/runc | |
| - wget -P /usr/local/src https://github.com/containernetworking/plugins/releases/download/v1.3.0/cni-plugins-linux-amd64-v1.3.0.tgz | |
| - mkdir -p /opt/cni/bin | |
| - tar -C /opt/cni/bin -xf /usr/local/src/cni-plugins-linux-amd64-v1.3.0.tgz | |
| - echo "overlay" >> /etc/modules-load.d/k8s.conf | |
| - echo "br_netfilter" >> /etc/modules-load.d/k8s.conf | |
| - modprobe overlay | |
| - modprobe br_netfilter | |
| - echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.d/k8s.conf | |
| - echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.d/k8s.conf | |
| - echo "net.ipv4.ip_forward = 1" >> /etc/sysctl.d/k8s.conf | |
| - sysctl --system | |
| - mkdir /etc/containerd | |
| - containerd config default > /etc/containerd/config.toml | |
| - sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml | |
| - systemctl restart containerd | |
| - apt-get update | |
| - apt-get install -y apt-transport-https ca-certificates curl | |
| - curl -fsSL https://dl.k8s.io/apt/doc/apt-key.gpg | gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg | |
| - echo "deb [signed-by=/etc/apt/keyrings/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
| - apt-get update | |
| - apt-get install -y kubelet kubeadm kubectl | |
| - apt-mark hold kubelet kubeadm kubectl | |
| - while [ ! -S /var/run/containerd/containerd.sock ]; do echo 'Waiting for containerd...'; | |
| sleep 1; done | |
| - sed -ri '/\sswap\s/s/^#?/#/' /etc/fstab | |
| - swapoff -a | |
| useExperimentalRetryJoin: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| ubuntu@cluster-api:~$ sudo kind create cluster | |
| Creating cluster "kind" ... | |
| ✓ Ensuring node image (kindest/node:v1.27.3) 🖼 | |
| ✓ Preparing nodes 📦 | |
| ✓ Writing configuration 📜 | |
| ✓ Starting control-plane 🕹️ | |
| ✓ Installing CNI 🔌 | |
| ✓ Installing StorageClass 💾 | |
| Set kubectl context to "kind-kind" | |
| You can now use your cluster with: | |
| kubectl cluster-info --context kind-kind | |
| Have a question, bug, or feature request? Let us know! https://kind.sigs.k8s.io/#community 🙂 | |
| ``` | |
| https://github.com/spectrocloud/cluster-api-provider-maas/pull/65 がマージされていない | |
| fork版 https://github.com/lbailleul/cluster-api-provider-maas/tree/v0.5.0 | |
| ```sh | |
| $ cat ~/.config/cluster-api/clusterctl.yml | |
| providers: | |
| - name: "maas" | |
| url: "https://github.com/lbailleul/cluster-api-provider-maas/releases/latest/infrastructure-components.yaml" | |
| type: "InfrastructureProvider" | |
| ``` | |
| maas providerに必要な設定 | |
| ```sh | |
| $ export MAAS_ENDPOINT=http://192.168.177.12:5240/MAAS | |
| $ export MAAS_API_KEY=XXXX:yyyy:zzzz | |
| $ export GITHUB_TOKEN=XXXX | |
| ``` | |
| cluster作成 | |
| ```sh | |
| $ sudo GITHUB_TOKEN=$GITHUB_TOKEN MAAS_API_KEY=$MAAS_API_KEY MAAS_ENDPOINT=$MAAS_ENDPOINT clusterctl init -i maas:v0.5.0 -v=5 --config ~/.config/cluster-api/clusterctl.yml | |
| -- snip -- | |
| Your management cluster has been initialized successfully! | |
| You can now create your first workload cluster by running the following: | |
| clusterctl generate cluster [name] --kubernetes-version [version] | kubectl apply -f - | |
| Using configuration File="/home/ubuntu/.config/cluster-api/clusterctl.yml" | |
| ``` | |
| config作成 | |
| ```sh | |
| $ sudo CONTROL_PLANE_MACHINE_IMAGE=custom/u-2204-0-k-1261-0 \ | |
| > CONTROL_PLANE_MACHINE_MINCPU=4 \ | |
| > CONTROL_PLANE_MACHINE_MINMEMORY=8192 \ | |
| > WORKER_MACHINE_IMAGE=custom/u-2204-0-k-1261-0 \ | |
| > WORKER_MACHINE_MINCPU=4 \ | |
| > WORKER_MACHINE_MINMEMORY=8192 \ | |
| > MAAS_DNS_DOMAIN=b-net.local \ | |
| > clusterctl generate cluster test --kubernetes-version v1.26.1 --config ~/.config/cluster-api/clusterctl.yml > capi-maas.yml | |
| ``` | |
| 不正なパラメータがあるので削除 | |
| ```sh | |
| $ sed -i '/^status: null/d' capi-maas.yml | |
| ``` | |
| apply | |
| ```sh | |
| $ sudo kubectl apply -f capi-maas.yml | |
| maascluster.infrastructure.cluster.x-k8s.io/test created | |
| cluster.cluster.x-k8s.io/test created | |
| maasmachinetemplate.infrastructure.cluster.x-k8s.io/test-control-plane created | |
| kubeadmcontrolplane.controlplane.cluster.x-k8s.io/test-control-plane created | |
| maasmachinetemplate.infrastructure.cluster.x-k8s.io/test-md-0 created | |
| machinedeployment.cluster.x-k8s.io/test-md-0 created | |
| kubeadmconfigtemplate.bootstrap.cluster.x-k8s.io/test-md-0 created | |
| ``` | |
| ログを見る | |
| ``` | |
| $ sudo kubectl -n capmaas-system logs deployment.apps/capmaas-controller-manager -f | |
| ``` |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment