tuna2134 · June 25, 2024 13:53 · tuna2134 · Jun 25, 2024
diff --git a/kubeadm-ubuntu-setup.sh b/kubeadm-ubuntu-setup.sh
 #/bin/bash -eu

 cat /etc/fstab | sed /swap/d | tee /etc/fstab
 swapoff -a

 # Install Containerd
 cat <<EOF | tee /etc/modules-load.d/containerd.conf
 overlay
 br_netfilter
 EOF

 modprobe overlay
 modprobe br_netfilter

 # Setup required sysctl params, these persist across reboots.
 cat <<EOF | tee /etc/sysctl.d/99-kubernetes-cri.conf
 net.bridge.bridge-nf-call-iptables  = 1
 net.ipv4.ip_forward                 = 1
 net.bridge.bridge-nf-call-ip6tables = 1
 EOF

 # Apply sysctl params without reboot
 sysctl --system

 ## Install containerd

 apt-get update
 apt-get install ca-certificates curl gnupg lsb-release
 mkdir -m 0755 -p /etc/apt/keyrings
 curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
 echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
 apt-get update
 apt-get install -y containerd.io

 # Configure containerd
 mkdir -p /etc/containerd
 containerd config default > /etc/containerd/config.toml

 if grep -q "SystemdCgroup = true" "/etc/containerd/config.toml"; then
  echo "Config found, skip rewriting..."
 else
  sed -i -e "s/SystemdCgroup \= false/SystemdCgroup \= true/g" /etc/containerd/config.toml
 fi

 # Restart containerd
 systemctl restart containerd

 cat <<EOF | tee /etc/sysctl.d/k8s.conf
 net.bridge.bridge-nf-call-ip6tables = 1
 net.bridge.bridge-nf-call-iptables = 1
 vm.overcommit_memory = 1
 vm.panic_on_oom = 0
 kernel.panic = 10
 kernel.panic_on_oops = 1
 kernel.keys.root_maxkeys = 1000000
 kernel.keys.root_maxbytes = 25000000
 EOF
 sysctl --system

 KUBERNETES_VERSION=v1.30

 apt-get update && apt-get install -y apt-transport-https curl
 curl -fsSL https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
 cat <<EOF | tee /etc/apt/sources.list.d/kubernetes.list
 deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/ /
 EOF
 apt-get update
 apt-get install -y kubelet kubeadm kubectl
 apt-mark hold kubelet kubeadm kubectl

 # Set kubeadm config
 cat > ~/init_kubelet.yaml <<EOF
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: InitConfiguration
 bootstrapTokens:
 - token: "$(openssl rand -hex 3).$(openssl rand -hex 8)"
  description: "kubeadm bootstrap token"
  ttl: "24h"
 nodeRegistration:
  criSocket: "unix:///var/run/containerd/containerd.sock"
 ---
 apiVersion: kubeadm.k8s.io/v1beta3
 kind: ClusterConfiguration
 controllerManager:
  extraArgs:
    bind-address: "0.0.0.0" # Used by Prometheus Operator
 scheduler:
  extraArgs:
    bind-address: "0.0.0.0" # Used by Prometheus Operator
 ---
 apiVersion: kubelet.config.k8s.io/v1beta1
 kind: KubeletConfiguration
 cgroupDriver: "systemd"
 protectKernelDefaults: true
 EOF

 # Create a Kubernetes cluster
 kubeadm init --config init_kubelet.yaml

 mkdir -p $HOME/.kube
 cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
 chown $(id -u):$(id -g) $HOME/.kube/config

 curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash

 helm repo add cilium https://helm.cilium.io/

 sleep 10

 helm install cilium cilium/cilium \
    --namespace kube-system
	#/bin/bash -eu

	cat /etc/fstab \| sed /swap/d \| tee /etc/fstab
	swapoff -a

	# Install Containerd
	cat <<EOF \| tee /etc/modules-load.d/containerd.conf
	overlay
	br_netfilter
	EOF

	modprobe overlay
	modprobe br_netfilter

	# Setup required sysctl params, these persist across reboots.
	cat <<EOF \| tee /etc/sysctl.d/99-kubernetes-cri.conf
	net.bridge.bridge-nf-call-iptables = 1
	net.ipv4.ip_forward = 1
	net.bridge.bridge-nf-call-ip6tables = 1
	EOF

	# Apply sysctl params without reboot
	sysctl --system

	## Install containerd

	apt-get update
	apt-get install ca-certificates curl gnupg lsb-release
	mkdir -m 0755 -p /etc/apt/keyrings
	curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| gpg --dearmor -o /etc/apt/keyrings/docker.gpg
	echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \| tee /etc/apt/sources.list.d/docker.list > /dev/null
	apt-get update
	apt-get install -y containerd.io

	# Configure containerd
	mkdir -p /etc/containerd
	containerd config default > /etc/containerd/config.toml

	if grep -q "SystemdCgroup = true" "/etc/containerd/config.toml"; then
	echo "Config found, skip rewriting..."
	else
	sed -i -e "s/SystemdCgroup \= false/SystemdCgroup \= true/g" /etc/containerd/config.toml
	fi

	# Restart containerd
	systemctl restart containerd

	cat <<EOF \| tee /etc/sysctl.d/k8s.conf
	net.bridge.bridge-nf-call-ip6tables = 1
	net.bridge.bridge-nf-call-iptables = 1
	vm.overcommit_memory = 1
	vm.panic_on_oom = 0
	kernel.panic = 10
	kernel.panic_on_oops = 1
	kernel.keys.root_maxkeys = 1000000
	kernel.keys.root_maxbytes = 25000000
	EOF
	sysctl --system

	KUBERNETES_VERSION=v1.30

	apt-get update && apt-get install -y apt-transport-https curl
	curl -fsSL https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/Release.key \| sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
	cat <<EOF \| tee /etc/apt/sources.list.d/kubernetes.list
	deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/$KUBERNETES_VERSION/deb/ /
	EOF
	apt-get update
	apt-get install -y kubelet kubeadm kubectl
	apt-mark hold kubelet kubeadm kubectl

	# Set kubeadm config
	cat > ~/init_kubelet.yaml <<EOF
	apiVersion: kubeadm.k8s.io/v1beta3
	kind: InitConfiguration
	bootstrapTokens:
	- token: "$(openssl rand -hex 3).$(openssl rand -hex 8)"
	description: "kubeadm bootstrap token"
	ttl: "24h"
	nodeRegistration:
	criSocket: "unix:///var/run/containerd/containerd.sock"
	---
	apiVersion: kubeadm.k8s.io/v1beta3
	kind: ClusterConfiguration
	controllerManager:
	extraArgs:
	bind-address: "0.0.0.0" # Used by Prometheus Operator
	scheduler:
	extraArgs:
	bind-address: "0.0.0.0" # Used by Prometheus Operator
	---
	apiVersion: kubelet.config.k8s.io/v1beta1
	kind: KubeletConfiguration
	cgroupDriver: "systemd"
	protectKernelDefaults: true
	EOF

	# Create a Kubernetes cluster
	kubeadm init --config init_kubelet.yaml

	mkdir -p $HOME/.kube
	cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
	chown $(id -u):$(id -g) $HOME/.kube/config

	curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 \| bash

	helm repo add cilium https://helm.cilium.io/

	sleep 10

	helm install cilium cilium/cilium \
	--namespace kube-system