tuna2134 · January 30, 2024 11:46 · tuna2134 · Jan 25, 2023
diff --git a/kubeadm-setup-rocky.sh b/kubeadm-setup-rocky.sh
 #!/bin/bash
 cat /etc/fstab | sed /swap/d | tee /etc/fstab
 swapoff -a

 setenforce 0
 sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

 cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
 overlay
 br_netfilter
 EOF
 modprobe overlay
 modprobe br_netfilter

 cat <<EOF | sudo tee /etc/sysctl.d/kubernetes.conf
 net.bridge.bridge-nf-call-iptables  = 1
 net.ipv4.ip_forward                 = 1
 net.bridge.bridge-nf-call-ip6tables = 1
 vm.overcommit_memory                = 1
 vm.panic_on_oom                     = 0
 kernel.panic                        = 10
 kernel.panic_on_oops                = 1
 kernel.keys.root_maxkeys            = 1000000
 kernel.keys.root_maxbytes           = 25000000
 EOF
 sudo sysctl --system

 basearch=$(rpm -q --qf "%{arch}" -f /etc/$distro)
 cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
 name=Kubernetes
 baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
 enabled=1
 gpgcheck=1
 gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
 exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
 EOF
 yum config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
 yum -y update
 yum -y install git tar kubelet kubeadm kubectl containerd cri-tools conntrack-tools --disableexcludes=kubernetes

 sudo mkdir -p /etc/containerd
 systemctl disable --now firewalld
 systemctl enable --now containerd
 sudo containerd config default > /etc/containerd/config.toml
 if grep -q "SystemdCgroup = true" "/etc/containerd/config.toml"; then
  echo "Config found, skip rewriting..."
 else
  sed -i -e "s/SystemdCgroup \= false/SystemdCgroup \= true/g" /etc/containerd/config.toml
 fi
 systemctl restart containerd

 cat > ~/init_kubeadm.yaml <<EOF
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: InitConfiguration
 bootstrapTokens:
 - token: "$(openssl rand -hex 3).$(openssl rand -hex 8)"
  description: "kubeadm bootstrap token"
  ttl: "24h"
 nodeRegistration:
  criSocket: "unix:///var/run/containerd/containerd.sock"
 ---
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 controllerManager:
  extraArgs:
    bind-address: "0.0.0.0" # Used by Prometheus Operator
 scheduler:
  extraArgs:
    bind-address: "0.0.0.0" # Used by Prometheus Operator
 ---
 apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 cgroupDriver: "systemd"
 protectKernelDefaults: true
 EOF
 systemctl enable --now kubelet
 kubeadm init --config init_kubeadm.yaml

 mkdir -p $HOME/.kube
 cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 chown $(id -u):$(id -g) $HOME/.kube/config

 curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
 helm repo add cilium https://helm.cilium.io/
 sleep 10
 helm install cilium cilium/cilium \
    --namespace kube-system
	#!/bin/bash
	cat /etc/fstab \| sed /swap/d \| tee /etc/fstab
	swapoff -a

	setenforce 0
	sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

	cat <<EOF \| sudo tee /etc/modules-load.d/containerd.conf
	overlay
	br_netfilter
	EOF
	modprobe overlay
	modprobe br_netfilter

	cat <<EOF \| sudo tee /etc/sysctl.d/kubernetes.conf
	net.bridge.bridge-nf-call-iptables = 1
	net.ipv4.ip_forward = 1
	net.bridge.bridge-nf-call-ip6tables = 1
	vm.overcommit_memory = 1
	vm.panic_on_oom = 0
	kernel.panic = 10
	kernel.panic_on_oops = 1
	kernel.keys.root_maxkeys = 1000000
	kernel.keys.root_maxbytes = 25000000
	EOF
	sudo sysctl --system

	basearch=$(rpm -q --qf "%{arch}" -f /etc/$distro)
	cat <<EOF \| sudo tee /etc/yum.repos.d/kubernetes.repo
	[kubernetes]
	name=Kubernetes
	baseurl=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/
	enabled=1
	gpgcheck=1
	gpgkey=https://pkgs.k8s.io/core:/stable:/v1.29/rpm/repodata/repomd.xml.key
	exclude=kubelet kubeadm kubectl cri-tools kubernetes-cni
	EOF
	yum config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
	yum -y update
	yum -y install git tar kubelet kubeadm kubectl containerd cri-tools conntrack-tools --disableexcludes=kubernetes

	sudo mkdir -p /etc/containerd
	systemctl disable --now firewalld
	systemctl enable --now containerd
	sudo containerd config default > /etc/containerd/config.toml
	if grep -q "SystemdCgroup = true" "/etc/containerd/config.toml"; then
	echo "Config found, skip rewriting..."
	else
	sed -i -e "s/SystemdCgroup \= false/SystemdCgroup \= true/g" /etc/containerd/config.toml
	fi
	systemctl restart containerd

	cat > ~/init_kubeadm.yaml <<EOF
	apiVersion: kubeadm.k8s.io/v1beta3
	kind: InitConfiguration
	bootstrapTokens:
	- token: "$(openssl rand -hex 3).$(openssl rand -hex 8)"
	description: "kubeadm bootstrap token"
	ttl: "24h"
	nodeRegistration:
	criSocket: "unix:///var/run/containerd/containerd.sock"
	---
	apiVersion: kubeadm.k8s.io/v1beta3
	kind: ClusterConfiguration
	controllerManager:
	extraArgs:
	bind-address: "0.0.0.0" # Used by Prometheus Operator
	scheduler:
	extraArgs:
	bind-address: "0.0.0.0" # Used by Prometheus Operator
	---
	apiVersion: kubelet.config.k8s.io/v1beta1
	kind: KubeletConfiguration
	cgroupDriver: "systemd"
	protectKernelDefaults: true
	EOF
	systemctl enable --now kubelet
	kubeadm init --config init_kubeadm.yaml

	mkdir -p $HOME/.kube
	cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	chown $(id -u):$(id -g) $HOME/.kube/config

	curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 \| bash
	helm repo add cilium https://helm.cilium.io/
	sleep 10
	helm install cilium cilium/cilium \
	--namespace kube-system
No results found