k8s-v1.25-Crio-Auto-Installation.sh

#!/bin/bash
# Author by Taking
# ubuntu 22.04
# Kubernetes v1.25 Install + Reset
# Cri-o v1.25
# Flannel CNI
# Cluster Name Change (Host명 기준)
# MetalLB Install

RED=`tput setaf 1`
GREEN=`tput setaf 2`
NC=`tput sgr0`

# Check permission
if ! [ $(id -u) = 0 ]
  then echo "${RED}Please run as root ${NC}"
  exit
fi

############ k8s check ###############

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes reset check--${NC}"
    
    echo "kubernetes reset?"
    read -r -p "Are You Sure? [Y/n] " input
    case $input in
        [yY][eE][sS]|[yY])
    		    echo "Yes"
        kubeadm reset -f &&
        rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel
        ip link del cni0
        ip link del flannel.1
        exit 1
		    ;;
        [nN][oO]|[nN])
		    echo "No"
       		    ;;
        *)
	    echo "Invalid input..."
	    exit 1
	    ;;
    esac
fi

############ hostname change ###############
# Hostname 으로, 모든 것이 설정됩니다.
echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}"
read -p "hostname Change is (ex k8s-worker) : " uhost

ubuntu_version=$(lsb_release -rs)

if [ "$ubuntu_version" == "22.04" ]; then
    # Ubuntu 22.04의 경우
    hostnamectl hostname "$uhost"
else
    # 그 이외
    hostnamectl set-hostname $uhost
fi

echo '[Hostname] Change Success'
echo "${RED}--HOSTNAME CHANGE END--${NC}"

apt-get update -y
apt-get install vim apt-transport-https gnupg2 curl git wget ca-certificates -y

echo "${RED}--CNI Network Plugin INSTALL CHECK--${NC}"
if [ -f /opt/cni/bin ]; then
    echo "${RED}--CNI Network Plugin INSTALLED...PASS--${NC}"
else
    echo "${RED}--CNI Network Plugin  Installing & Init...--${NC}"
    CNI_VERSION=1.1.1
    archType="amd64"
    wget -q "https://github.com/containernetworking/plugins/releases/download/v${CNI_VERSION}/cni-plugins-linux-${archType}-v${CNI_VERSION}.tgz" -O /tmp/cni-plugins.tgz
    mkdir -p /opt/cni/bin/
    tar -C /opt/cni/bin/ -xzf /tmp/cni-plugins.tgz
    echo "${RED}--Containerd Init SUCCESS...--${NC}"
fi

echo "${RED}--CRI-O INSTALL CHECK--${NC}"
if [ -f /usr/bin/crio ]; then
    echo "${RED}--CRI-O INSTALLED...PASS--${NC}"
else
    echo "${RED}--CRI-O Installing & Init...--${NC}"
    OS=xUbuntu_20.04
    CRIO_VERSION=1.25
    echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
    echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list

    curl -L https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:/$CRIO_VERSION/$OS/Release.key | apt-key add -
    
    apt update -y
    apt install cri-o cri-o-runc cri-tools -y
    sed -i 's/-\/etc\/default\/crio/-\/etc\/crio\/crio.conf/' /lib/systemd/system/crio.service
    cat /lib/systemd/system/crio.service | grep EnvironmentFile

    cat <<EOF | /etc/crio/crio.conf
[crio.runtime]
cgroup_manager = "systemd"
[crio.network]
network_dir = "/etc/cni/net.d/"
plugin_dirs = [
        "/opt/cni/bin/",
]
EOF

    systemctl daemon-reload
    systemctl enable --now crio
    systemctl restart crio
    echo "${RED}--Containerd Init SUCCESS...--${NC}"
fi

echo "${RED}--Kubernetes INSTALL CHECK--${NC}"
if [ -f /usr/bin/kubectx -a -f /usr/bin/kubeadm -a -f /usr/bin/kubelet ]; then
    echo "${RED}--Kubernetes INSTALLED...PASS--${NC}"
else
    echo "${RED}--Kubernetes INSTALLING...--${NC}"
    curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add -
    echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" | sudo tee /etc/apt/sources.list.d/kubernetes.list
    curl https://helm.baltorepo.com/organization/signing.asc | sudo apt-key add -
    echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
    apt-get update -y
    apt-get install kubelet=1.25.0-00 kubeadm=1.25.0-00 kubectl=1.25.0-00 helm -y
    apt-mark hold kubelet kubeadm kubectl kubernetes-cni
    echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}"
fi

echo "${RED}--System initialize Check...--${NC}"

if [ -f /etc/sysctl.d/k8s.conf ]; then
    echo "${RED}--System initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
    echo '1' > /proc/sys/net/ipv4/ip_forward
    cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF
    modprobe overlay
    modprobe br_netfilter
    cat <<EOF > /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward=1
kernel.keys.root_maxbytes=25000000
kernel.keys.root_maxkeys=1000000
kernel.panic=10
kernel.panic_on_oops=1
vm.overcommit_memory=1
vm.panic_on_oom=0
net.ipv4.ip_local_reserved_ports=30000-32767
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF

    mkdir -p /var/lib/kubelet
    cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd"
EOF

    sysctl --system    
    systemctl daemon-reload
    systemctl restart kubelet
    systemctl enable --now kubelet
fi


echo "${RED}--Kubectx, Kubens Install Check...--${NC}"

if [ -f /usr/bin/kubectx ]; then
    echo "${RED}--kubectx exist...PASS--${NC}"
else
    echo "${RED}--Kubernetetes : kubectx + kubens downloading...--${NC}"
    git clone https://github.com/ahmetb/kubectx
    cp -r kubectx/kube* /usr/bin/
    rm -rf ./kubectx
    kubectx
    kubens
fi

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    internal_ip="$(hostname -I | awk {'print $1'})"
    instance_public_ip="$(curl ifconfig.me --silent)"
    echo '#### K8s Init ? ####'
    echo '[Kubernetes Init Select]'
    echo 'Network Add-on is [Flannel]'
    echo 'Flannel Applying...'

    pod_network_cidr="10.244.0.0/16"
    kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip}"
    mkdir -p $HOME/.kube &&
    cp -i /etc/kubernetes/admin.conf $HOME/.kube/config &&
    chown $(id -u):$(id -g) $HOME/.kube/config

    kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

    # all
    _hostname="$(hostname)"  
    kubectl taint nodes --all node-role.kubernetes.io/master-
    kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane-
    kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/    clusterName: kubernetes/    clusterName: ${_hostname}/g" | kubectl replace -f - &&
    kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname}
    sed -i "6s/.*/  name: ${_hostname}/g" $HOME/.kube/config
    sed -i "9s/.*/    cluster: ${_hostname}/g" $HOME/.kube/config
    kubectl get nodes

    # new account
    #kubectl -n kube-system create serviceaccount ${_hostname} &&
    #kubectl create clusterrolebinding ${_hostname} \
    #  --clusterrole=cluster-admin \
    #  --serviceaccount=kube-system:${_hostname}
fi

echo "${RED}--Script END--${NC}"

Trouble Shoot

• No CNI configuration file in /etc/cni/net.d/. Has your network provider started?"

systemctl restart crio

Rocky linux 9.4 + Kubernetes 1.25

#!/bin/bash
# Author by Taking
# Rocky Linux 9.4
# Kubernetes v1.25 Install + Reset
# Cri-o v1.25
# Calico CNI
# Cluster Name Change (Host명 기준)

RED=`tput setaf 1`
GREEN=`tput setaf 2`
NC=`tput sgr0`

# Check permission
if ! [ $(id -u) = 0 ]
  then echo "${RED}Please run as root ${NC}"
  exit
fi

############ k8s check ###############

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes reset check--${NC}"
    
    echo "kubernetes reset?"
    read -r -p "Are You Sure? [Y/n] " input
    case $input in
        [yY][eE][sS]|[yY])
    		    echo "Yes"
        kubeadm reset -f &&
        rm -rf /etc/cni /etc/etcd.env /etc/kubernetes /var/lib/dockershim /var/lib/etcd /var/lib/kubelet /var/run/kubernetes ~/.kube/ /run/flannel /etc/flannel
        ip link del cni0
        ip link del flannel.1
        exit 1
		    ;;
        [nN][oO]|[nN])
		    echo "No"
       		    ;;
        *)
	    echo "Invalid input..."
	    exit 1
	    ;;
    esac
fi

############ hostname change ###############
# Hostname 으로, 모든 것이 설정됩니다.
echo "${RED}--HOSTNAME CHANGE (IMPORTANT)--${NC}"
read -p "hostname Change is (ex k8s-worker) : " uhost

hostnamectl hostname "$uhost"

echo '[Hostname] Change Success'
echo "${RED}--HOSTNAME CHANGE END--${NC}"

dnf update -y
dnf install chrony net-tools tar curl git wget unzip vim gnupg2 bind bind-chroot bind-utils -y

echo "${RED}--CRI-O INSTALL CHECK--${NC}"
if [ -f /bin/crio ]; then
    echo "${RED}--CRI-O INSTALLED...PASS--${NC}"
else
    echo "${RED}--CRI-O Installing & Init...--${NC}"
    OS=CentOS_9_Stream
    CRIO_VERSION=1.27
    curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable.repo https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/devel:kubic:libcontainers:stable.repo
    curl -L -o /etc/yum.repos.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION/$OS/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.repo

    dnf update -y
    dnf install cri-o -y

    systemctl daemon-reload
    systemctl enable --now crio
    systemctl restart crio
    echo "${RED}--CRI-O Init SUCCESS...--${NC}"
fi

echo "${RED}--Podman INSTALL CHECK--${NC}"
if [ -f /bin/podman ]; then
    echo "${RED}--Podman INSTALLED...PASS--${NC}"
else
    echo "${RED}--Podman Installing...--${NC}"

    dnf install podman -y

    echo "${RED}--Podman Init SUCCESS...--${NC}"
fi

echo "${RED}--Pip3 INSTALL CHECK--${NC}"
if [ -f /bin/pip3 ]; then
    echo "${RED}--Pip3 INSTALLED...PASS--${NC}"
else
    echo "${RED}--Pip3 Installing...--${NC}"

    curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
    python get-pip.py

    mv /usr/local/bin/pip3* /bin/
    mv /usr/local/bin/wheel /bin/

    echo "${RED}--Pip3 Init SUCCESS...--${NC}"
fi

echo "${RED}--Podman Compose INSTALL CHECK--${NC}"
if [ -f /bin/podman-compose ]; then
    echo "${RED}--Podman Compose INSTALLED...PASS--${NC}"
else
    echo "${RED}--Podman Compose Installing...--${NC}"

    pip3 install podman-compose
    mv /usr/local/bin/podman-compose /bin/

    echo "${RED}--Podman Init SUCCESS...--${NC}"
fi

echo "${RED}--Kubernetes INSTALL CHECK--${NC}"
if [ -f /bin/kubectx -a -f /bin/kubeadm -a -f /bin/kubelet ]; then
    echo "${RED}--Kubernetes INSTALLED...PASS--${NC}"
else
    echo "${RED}--Kubernetes INSTALLING...--${NC}"

    KUBE_VERSION=1.27
    cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/
enabled=1
gpgcheck=1
gpgkey=https://pkgs.k8s.io/core:/stable:/v$KUBE_VERSION/rpm/repodata/repomd.xml.key
exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
EOF

    dnf update -y
    dnf install -y kubeadm-1.27.8 kubelet-1.27.8 kubectl-1.27.8 helm --disableexcludes=kubernetes
    dnf versionlock add kubeadm kubelet kubectl
    echo "${RED}--Kubernetes INSTALL SUCCESS...--${NC}"
fi


echo "${RED}--HELM INSTALL CHECK--${NC}"
if [ -f /bin/helm ]; then
    echo "${RED}--HELM INSTALLED...PASS--${NC}"
else
    echo "${RED}--HELM INSTALLING...--${NC}"

    curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
    mv /usr/local/bin/helm /bin/helm

    echo "${RED}--HELM INSTALL SUCCESS...--${NC}"
fi

echo "${RED}--System initialize Check...--${NC}"

if [ -f /etc/sysctl.d/k8s.conf ]; then
    echo "${RED}--System initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    swapoff -a && sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

    setenforce 0
    sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux

    # master
    firewall-cmd --add-port={6443,2379-2380,10250,10251,10252,5473,179,5473}/tcp --permanent
    firewall-cmd --add-port={4789,8285,8472}/udp --permanent
    firewall-cmd --reload

    # worker
    # firewall-cmd --add-port={10250,30000-32767,5473,179,5473}/tcp --permanent
    # firewall-cmd --add-port={4789,8285,8472}/udp --permanent
    # firewall-cmd --reload

    echo '1' > /proc/sys/net/ipv4/ip_forward
    cat <<EOF | sudo tee /etc/modules-load.d/crio.conf
overlay
br_netfilter
EOF
    modprobe br_netfilter
    modprobe nf_nat
    modprobe xt_REDIRECT
    modprobe xt_owner
    modprobe iptable_nat
    modprobe iptable_mangle
    modprobe iptable_filter
    cat <<EOF | sudo tee /etc/modules-load.d/istio-iptables.conf
br_netfilter
nf_nat
xt_REDIRECT
xt_owner
iptable_nat
iptable_mangle
iptable_filter
EOF    
    cat <<EOF > /etc/sysctl.d/99-kubernetes.conf
net.ipv4.ip_forward=1
kernel.keys.root_maxbytes=25000000
kernel.keys.root_maxkeys=1000000
kernel.panic=10
kernel.panic_on_oops=1
vm.overcommit_memory=1
vm.panic_on_oom=0
net.ipv4.ip_local_reserved_ports=30000-32767
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
    sysctl --system

    mkdir -p /var/lib/kubelet
    cat <<EOF | sudo tee /var/lib/kubelet/kubeadm-flags.env
KUBELET_KUBEADM_ARGS="--container-runtime=remote --container-runtime-endpoint='unix:///var/run/crio/crio.sock' --cgroup-driver=systemd"
EOF

    # containerd config default | sudo tee /etc/containerd/config.toml
    # systemctl restart containerd

    systemctl daemon-reload
    systemctl restart kubelet
    systemctl enable --now kubelet
fi

if [ -f ~/.kube/config ]; then
    echo "${RED}--Kubernetes initialized...PASS--${NC}"
else
    echo "${RED}--Kubernetes initializing...--${NC}"
    internal_ip="$(hostname -I | awk {'print $1'})"
    instance_public_ip="$(curl ifconfig.me --silent)"
    echo '#### K8s Init ? ####'
    echo '[Kubernetes Init Select]'
    echo 'Network Add-on is [Calico]'
    echo 'Calico Applying...'

    pod_network_cidr="10.244.0.0/16"
    kubeadm init --pod-network-cidr=${pod_network_cidr} --apiserver-cert-extra-sans "${internal_ip},${instance_public_ip}" --cri-socket unix://var/run/crio/crio.sock
    mkdir -p $HOME/.kube &&
    cp -i /etc/kubernetes/admin.conf $HOME/.kube/config &&
    chown $(id -u):$(id -g) $HOME/.kube/config

    kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml

    # all
    _hostname="$(hostname)"  
    kubectl taint nodes --all node-role.kubernetes.io/master-
    kubectl taint nodes ${_hostname} node-role.kubernetes.io/control-plane-
    kubectl get configmaps -n kube-system kubeadm-config -o yaml | sed "s/    clusterName: kubernetes/    clusterName: ${_hostname}/g" | kubectl replace -f - &&
    kubectl config rename-context kubernetes-admin@kubernetes kubernetes-admin@${_hostname}
    sed -i "6s/.*/  name: ${_hostname}/g" $HOME/.kube/config
    sed -i "9s/.*/    cluster: ${_hostname}/g" $HOME/.kube/config
    kubectl get nodes

    # new account
    #kubectl -n kube-system create serviceaccount ${_hostname} &&
    #kubectl create clusterrolebinding ${_hostname} \
    #  --clusterrole=cluster-admin \
    #  --serviceaccount=kube-system:${_hostname}
fi

echo "${RED}--Script END--${NC}"