spaced · January 11, 2025 11:24
diff --git a/k8s_fcos_setup.sh b/k8s_fcos_setup.sh
 #enable crio repo
 cat <<EOF | tee /etc/yum.repos.d/cri-o.repo
 [cri-o]
 name=CRI-O
 baseurl=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/
 enabled=1
 gpgcheck=1
 gpgkey=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/repodata/repomd.xml.key
 EOF

 rpm-ostree install crictl crio conntrack-tools
 systemctl reboot

 #crio network (see https://kubernetes.io/docs/setup/production-environment/container-runtimes/)
 sudo sh -c 'echo "br_netfilter" > /etc/modules-load.d/br_netfilter.conf
 cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
 net.bridge.bridge-nf-call-iptables  = 1
 net.ipv4.ip_forward                 = 1
 net.bridge.bridge-nf-call-ip6tables = 1
 EOF

 #install kubeadm (https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/)
 DOWNLOAD_DIR=/usr/local/bin
 cd $DOWNLOAD_DIR
 RELEASE="$(curl -sSL https://dl.k8s.io/release/stable.txt)"
 ARCH="amd64"
 sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet}          
 sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet}
 sudo chmod +x {kubeadm,kubelet}


 RELEASE_VERSION="v0.4.0"
 curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service
 sudo mkdir -p /etc/systemd/system/kubelet.service.d
 curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

 #enable services
 systemctl enable --now kubelet
 systemctl enable --now crio

 #prepare/tweak config
 kubeadm config print init-defaults >kubeadm-init.yaml 
 #api server ip
 sed -i "s/advertiseAddress: 1.2.3.4/advertiseAddress: $(hostname -I|cut -f1 -d ' ')/g"

 #flex volume dir must be writable
 sed -i 's/controllerManager: {}/controllerManager: {"extraArgs": {"flex-volume-plugin-dir": "/var/lib/kubelet/volumeplugins"}}/g'
 #cgroup systemd
 echo "apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 cgroupDriver: systemd" >> kubeadm-init.yaml

 #init
 kubeadm init --config=./kubeadm-init.yaml


 #remove taint
 kubectl taint nodes --all node-role.kubernetes.io/master-
	#enable crio repo
	cat <<EOF \| tee /etc/yum.repos.d/cri-o.repo
	[cri-o]
	name=CRI-O
	baseurl=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/
	enabled=1
	gpgcheck=1
	gpgkey=https://pkgs.k8s.io/addons:/cri-o:/stable:/$CRIO_VERSION/rpm/repodata/repomd.xml.key
	EOF

	rpm-ostree install crictl crio conntrack-tools
	systemctl reboot

	#crio network (see https://kubernetes.io/docs/setup/production-environment/container-runtimes/)
	sudo sh -c 'echo "br_netfilter" > /etc/modules-load.d/br_netfilter.conf
	cat <<EOF \| sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
	net.bridge.bridge-nf-call-iptables = 1
	net.ipv4.ip_forward = 1
	net.bridge.bridge-nf-call-ip6tables = 1
	EOF

	#install kubeadm (https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/)
	DOWNLOAD_DIR=/usr/local/bin
	cd $DOWNLOAD_DIR
	RELEASE="$(curl -sSL https://dl.k8s.io/release/stable.txt)"
	ARCH="amd64"
	sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet}
	sudo curl -L --remote-name-all https://dl.k8s.io/release/${RELEASE}/bin/linux/${ARCH}/{kubeadm,kubelet}
	sudo chmod +x {kubeadm,kubelet}


	RELEASE_VERSION="v0.4.0"
	curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service" \| sed "s:/usr/bin:${DOWNLOAD_DIR}:g" \| sudo tee /etc/systemd/system/kubelet.service
	sudo mkdir -p /etc/systemd/system/kubelet.service.d
	curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf" \| sed "s:/usr/bin:${DOWNLOAD_DIR}:g" \| sudo tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf

	#enable services
	systemctl enable --now kubelet
	systemctl enable --now crio

	#prepare/tweak config
	kubeadm config print init-defaults >kubeadm-init.yaml
	#api server ip
	sed -i "s/advertiseAddress: 1.2.3.4/advertiseAddress: $(hostname -I\|cut -f1 -d ' ')/g"

	#flex volume dir must be writable
	sed -i 's/controllerManager: {}/controllerManager: {"extraArgs": {"flex-volume-plugin-dir": "/var/lib/kubelet/volumeplugins"}}/g'
	#cgroup systemd
	echo "apiVersion: kubelet.config.k8s.io/v1beta1
	kind: KubeletConfiguration
	cgroupDriver: systemd" >> kubeadm-init.yaml

	#init
	kubeadm init --config=./kubeadm-init.yaml


	#remove taint
	kubectl taint nodes --all node-role.kubernetes.io/master-