All nodes required to run cilium must have kernel version 4.8 and above
On every node in the cluster mount bpf filesystem
sudo mount bpffs /sys/fs/bpf -t bpf
Init k8s cluster using kubeadm
sudo kubeadm reset
sudo kubeadm init --pod-network-cidr 10.244.0.0/16 # --apiserver-bind-port 443 --kubernetes-version stable-1.10Copy over the credentials
rm -rf $HOME/.kube && mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Untaint the master for cilium-etcd to be scheduled
kubectl taint nodes $(hostname) node-role.kubernetes.io/master:NoSchedule-
Bring up a standalone etcd replica and service for cilium to use
kubectl -n kube-system apply -f https://raw.githubusercontent.com/cilium/cilium/master/examples/kubernetes/addons/etcd/standalone-etcd.yaml
Bring up cilium
kubectl apply -f https://raw.githubusercontent.com/cilium/cilium/master/examples/kubernetes/1.10/cilium.yaml
Bring up cilium without vxlan tunnelling between nodes
curl -sL https://raw.githubusercontent.com/cilium/cilium/master/examples/kubernetes/1.10/cilium.yaml | sed 's/"vxlan"/"disabled"/g' | kubectl apply -f -