Last active
November 11, 2022 17:12
-
-
Save jsturtevant/cd942fe45d89446af7c180a552bcd86e to your computer and use it in GitHub Desktop.
Windows Kubeadm
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/ | |
| #install docker | |
| #https://docs.docker.com/engine/install/ubuntu/ | |
| sudo apt-get update | |
| sudo apt-get install \ | |
| apt-transport-https \ | |
| ca-certificates \ | |
| curl \ | |
| gnupg-agent \ | |
| gnupg \ | |
| software-properties-common \ | |
| lsb-release | |
| curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg | |
| echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null | |
| sudo apt-get update | |
| sudo apt-get install docker-ce docker-ce-cli containerd.io | |
| #install kubeadm | |
| sudo apt-get update && sudo apt-get install -y apt-transport-https curl | |
| curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - | |
| cat <<EOF | sudo tee /etc/apt/sources.list.d/kubernetes.list | |
| deb https://apt.kubernetes.io/ kubernetes-xenial main | |
| EOF | |
| sudo apt-get update | |
| sudo apt-get install -y kubelet kubeadm kubectl | |
| sudo apt-mark hold kubelet kubeadm kubectl | |
| # for 1.23+ need to align cgroups for kubelet and docker/containerd | |
| cat <<EOF | sudo tee /etc/docker/daemon.json | |
| { "exec-opts": ["native.cgroupdriver=systemd"] } | |
| EOF | |
| sudo systemctl restart docker | |
| #if have trouble try https://github.com/containerd/containerd/issues/4581 | |
| sudo kubeadm init --pod-network-cidr=10.244.0.0/16 --ignore-preflight-errors=NumCPU | |
| mkdir -p $HOME/.kube | |
| sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config | |
| sudo chown $(id -u):$(id -g) $HOME/.kube/config | |
| sudo sysctl net.bridge.bridge-nf-call-iptables=1 | |
| wget https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml | |
| #MANUAL STEP: edit configfile: https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/adding-windows-nodes/#configuring-flannel | |
| kubectl apply -f kube-flannel.yml | |
| kubectl get pods -n kube-system | |
| curl -L https://github.com/kubernetes-sigs/sig-windows-tools/releases/latest/download/kube-proxy.yml | sed 's/VERSION/v1.19.2/g' > win-kubeproxy.yaml | |
| curl -L https://github.com/kubernetes-sigs/sig-windows-tools/releases/latest/download/flannel-overlay.yml | sed 's/Ethernet/Ethernet 2/g' > flannel-windows.yaml | |
| kubectl --kubeconfig kubeconfig apply -f win-kubeproxy.yaml | |
| kubectl --kubeconfig kubeconfig apply -f flannel-windows.yaml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| make build-azure-vhd-windows-2019 | |
| #output: OSDiskUri: https://capiasdf.blob.core.windows.net/system/Microsoft.Compute/Images/cluster-api-vhds/capi-1600979827-osDisk.188b9608-175f-49f2-88a6-2a3f807ec2da.vhd | |
| #use output to make image: | |
| az image create -n windowstestvmimage -g test-cluster-api-images --os-type Windows --source <OSDiskUri> | |
| #use the resulitng windowstestvmimage | |
| WINLTS="windowstestvmimage" | |
| --image ${WINLTS} when creating the vm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Steps from [kubernetes the hardway on azure](https://github.com/ivanfioravanti/kubernetes-the-hard-way-on-azure/blob/master/docs/03-compute-resources.md) | |
| # with added windows vm | |
| az group create --name test-win-kubeadm -l westus2 | |
| az network vnet create -g test-win-kubeadm \ | |
| -n kubernetes-vnet \ | |
| --address-prefix 10.240.0.0/24 \ | |
| --subnet-name kubernetes-subnet | |
| az network nsg create -g test-win-kubeadm -n kubernetes-nsg | |
| az network vnet subnet update -g test-win-kubeadm \ | |
| -n kubernetes-subnet \ | |
| --vnet-name kubernetes-vnet \ | |
| --network-security-group kubernetes-nsg | |
| az network nsg rule create -g test-win-kubeadm \ | |
| -n kubernetes-allow-ssh \ | |
| --access allow \ | |
| --destination-address-prefix '*' \ | |
| --destination-port-range 22 \ | |
| --direction inbound \ | |
| --nsg-name kubernetes-nsg \ | |
| --protocol tcp \ | |
| --source-address-prefix '*' \ | |
| --source-port-range '*' \ | |
| --priority 1000 | |
| az network nsg rule create -g test-win-kubeadm \ | |
| -n kubernetes-allow-rdp \ | |
| --access allow \ | |
| --destination-address-prefix '*' \ | |
| --destination-port-range 3389 \ | |
| --direction inbound \ | |
| --nsg-name kubernetes-nsg \ | |
| --protocol tcp \ | |
| --source-address-prefix '*' \ | |
| --source-port-range '*' \ | |
| --priority 1002 | |
| az network nsg rule create -g test-win-kubeadm \ | |
| -n kubernetes-allow-api-server \ | |
| --access allow \ | |
| --destination-address-prefix '*' \ | |
| --destination-port-range 6443 \ | |
| --direction inbound \ | |
| --nsg-name kubernetes-nsg \ | |
| --protocol tcp \ | |
| --source-address-prefix '*' \ | |
| --source-port-range '*' \ | |
| --priority 1001 | |
| az network lb create -g test-win-kubeadm \ | |
| -n kubernetes-lb \ | |
| --backend-pool-name kubernetes-lb-pool \ | |
| --public-ip-address kubernetes-pip \ | |
| --public-ip-address-allocation static | |
| # az vm image list --location eastus2 --publisher Canonical --offer UbuntuServer --sku 18.04-LTS --all -o table | |
| UBUNTULTS="Canonical:UbuntuServer:18.04-LTS:latest" | |
| az vm availability-set create -g test-win-kubeadm -n controller-as | |
| for i in 0; do | |
| echo "[Controller ${i}] Creating public IP..." | |
| az network public-ip create -n controller-${i}-pip -g test-win-kubeadm > /dev/null | |
| echo "[Controller ${i}] Creating NIC..." | |
| az network nic create -g test-win-kubeadm \ | |
| -n controller-${i}-nic \ | |
| --private-ip-address 10.240.0.1${i} \ | |
| --public-ip-address controller-${i}-pip \ | |
| --vnet kubernetes-vnet \ | |
| --subnet kubernetes-subnet \ | |
| --ip-forwarding \ | |
| --lb-name kubernetes-lb \ | |
| --lb-address-pools kubernetes-lb-pool > /dev/null | |
| echo "[Controller ${i}] Creating VM..." | |
| az vm create -g test-win-kubeadm \ | |
| -n controller-${i} \ | |
| --image ${UBUNTULTS} \ | |
| --nics controller-${i}-nic \ | |
| --availability-set controller-as \ | |
| --nsg '' \ | |
| --admin-username 'kuberoot' \ | |
| --generate-ssh-keys > /dev/null | |
| done | |
| az vm availability-set create -g test-win-kubeadm -n worker-as | |
| for i in 0 ; do | |
| echo "[Worker ${i}] Creating public IP..." | |
| az network public-ip create -n worker-${i}-pip -g test-win-kubeadm > /dev/null | |
| echo "[Worker ${i}] Creating NIC..." | |
| az network nic create -g test-win-kubeadm \ | |
| -n worker-${i}-nic \ | |
| --private-ip-address 10.240.0.2${i} \ | |
| --public-ip-address worker-${i}-pip \ | |
| --vnet kubernetes-vnet \ | |
| --subnet kubernetes-subnet \ | |
| --ip-forwarding > /dev/null | |
| echo "[Worker ${i}] Creating VM..." | |
| az vm create -g test-win-kubeadm \ | |
| -n worker-${i} \ | |
| --image ${UBUNTULTS} \ | |
| --nics worker-${i}-nic \ | |
| --tags pod-cidr=10.200.${i}.0/24 \ | |
| --availability-set worker-as \ | |
| --nsg '' \ | |
| --generate-ssh-keys \ | |
| --admin-username 'kuberoot' > /dev/null | |
| done | |
| az vm availability-set create -g test-win-kubeadm -n worker-win-as | |
| #az vm image list -p MicrosoftWindowsServer -f WindowsServer -s 2019-Datacenter-Core-with-Containers-smalldisk --all --output table | |
| WINLTS="MicrosoftWindowsServer:WindowsServer:2019-Datacenter-Core-smalldisk:latest" | |
| for i in 1 ; do | |
| echo "[Worker ${i}] Creating public IP..." | |
| az network public-ip create -n worker-win-${i}-pip -g test-win-kubeadm > /dev/null | |
| echo "[Worker ${i}] Creating NIC..." | |
| az network nic create -g test-win-kubeadm \ | |
| -n worker-win-${i}-nic \ | |
| --private-ip-address 10.240.0.2${i} \ | |
| --public-ip-address worker-win-${i}-pip \ | |
| --vnet kubernetes-vnet \ | |
| --subnet kubernetes-subnet \ | |
| --ip-forwarding > /dev/null | |
| echo "[Worker ${i}] Creating VM..." | |
| az vm create -g test-win-kubeadm \ | |
| -n worker-win-${i} \ | |
| --image ${WINLTS} \ | |
| --nics worker-win-${i}-nic \ | |
| --tags pod-cidr=10.200.${i}.0/24 \ | |
| --availability-set worker-win-as \ | |
| --nsg '' \ | |
| --admin-username 'kuberoot' \ | |
| --admin-password 'replaceMe123$' \ | |
| --size Standard_D4_v3 | |
| done | |
| # for windows node need to disable the firewall to allow connectivity |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl.exe -LO https://github.com/kubernetes-sigs/sig-windows-tools/releases/latest/download/PrepareNode.ps1 | |
| .\PrepareNode.ps1 -KubernetesVersion v1.18.4 | |
| kubeadm join # fill in keys from init command |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment