yuvalif · August 29, 2018 08:11
diff --git a/install-k8s.sh b/install-k8s.sh
 # install k8s on a single node (centos7.4):
 # this is mostly based on: https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/

 # to run from outside the node:
 # scp install-k8s.sh root@<node>:~ && ssh root@<node> "bash ./install-k8s.sh"

 # install and enable docker
 yum install -y docker
 systemctl enable docker && systemctl start docker

 # permanently disable selinux
 setenforce 0
 sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config

 # permanently disable swap file
 swapoff -a
 sed -i.bak '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

 # open ports in firewalld
 # firewall-cmd --zone=public --permanent --add-port=6443/tcp
 # firewall-cmd --zone=public --permanent --add-port=10250/tcp
 # or better, just disable firewalld
 systemctl stop firewalld
 systemctl disable firewalld

 # set k8s repo
 if [ ! -f /etc/yum.repos.d/kubernetes.repo ]; then
    cat <<EOF > /etc/yum.repos.d/kubernetes.repo
 [kubernetes]
 name=Kubernetes
 baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
 enabled=1
 gpgcheck=1
 repo_gpgcheck=1
 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
 EOF
 fi

 # in Fedora28 socat package is not installed by default, should be installed manually, e.g.
 # dnf install -y http://dl.fedoraproject.org/pub/fedora/linux/releases/28/Everything/x86_64/os/Packages/s/socat-1.7.3.2-6.fc28.x86_64.rpm

 # install k8s
 yum install -y kubelet kubeadm kubectl
 systemctl enable kubelet && systemctl start kubelet

 # following may be needed:
 # echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

 # start cluster
 kubeadm init --pod-network-cidr=10.244.0.0/16

 # to run kubectl from inside the node first do:
 mkdir -p /$USER/.kube && cp /etc/kubernetes/admin.conf /$USER/.kube/config

 # deploy flannel - dns pod will be pending until a network plugin is set
 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
 # or alternatively, some other CNI, e.g. weave:
 # kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')"

 # taint master - since we have a single node cluster
 kubectl taint nodes --all node-role.kubernetes.io/master-

 # from outside the node:

 # install kubectl...

 # copy config locally:
 # scp root@<node>:/etc/kubernetes/admin.conf .

 # then use: kubectl --kubeconfig=./admin.conf ...

 # skydive

 # for better understanding of networking, run the skydive (http://skydive.network/) on the node (it runs inside docker):
 # docker run --restart unless-stopped -d --privileged --pid=host --net=host -p 8081:8081 -e SKYDIVE_ANALYZERS=localhost:8082 -v /var/run/docker.sock:/var/run/docker.sock skydive/skydive agent
 # docker run --restart unless-stopped -d -p 8082:8082 skydive/skydive analyzer

 # then to access, use: http://<node>:8082/topology
	# install k8s on a single node (centos7.4):
	# this is mostly based on: https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/

	# to run from outside the node:
	# scp install-k8s.sh root@<node>:~ && ssh root@<node> "bash ./install-k8s.sh"

	# install and enable docker
	yum install -y docker
	systemctl enable docker && systemctl start docker

	# permanently disable selinux
	setenforce 0
	sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config

	# permanently disable swap file
	swapoff -a
	sed -i.bak '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

	# open ports in firewalld
	# firewall-cmd --zone=public --permanent --add-port=6443/tcp
	# firewall-cmd --zone=public --permanent --add-port=10250/tcp
	# or better, just disable firewalld
	systemctl stop firewalld
	systemctl disable firewalld

	# set k8s repo
	if [ ! -f /etc/yum.repos.d/kubernetes.repo ]; then
	cat <<EOF > /etc/yum.repos.d/kubernetes.repo
	[kubernetes]
	name=Kubernetes
	baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
	enabled=1
	gpgcheck=1
	repo_gpgcheck=1
	gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
	EOF
	fi

	# in Fedora28 socat package is not installed by default, should be installed manually, e.g.
	# dnf install -y http://dl.fedoraproject.org/pub/fedora/linux/releases/28/Everything/x86_64/os/Packages/s/socat-1.7.3.2-6.fc28.x86_64.rpm

	# install k8s
	yum install -y kubelet kubeadm kubectl
	systemctl enable kubelet && systemctl start kubelet

	# following may be needed:
	# echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables

	# start cluster
	kubeadm init --pod-network-cidr=10.244.0.0/16

	# to run kubectl from inside the node first do:
	mkdir -p /$USER/.kube && cp /etc/kubernetes/admin.conf /$USER/.kube/config

	# deploy flannel - dns pod will be pending until a network plugin is set
	kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml
	# or alternatively, some other CNI, e.g. weave:
	# kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version \| base64 \| tr -d '\n')"

	# taint master - since we have a single node cluster
	kubectl taint nodes --all node-role.kubernetes.io/master-

	# from outside the node:

	# install kubectl...

	# copy config locally:
	# scp root@<node>:/etc/kubernetes/admin.conf .

	# then use: kubectl --kubeconfig=./admin.conf ...

	# skydive

	# for better understanding of networking, run the skydive (http://skydive.network/) on the node (it runs inside docker):
	# docker run --restart unless-stopped -d --privileged --pid=host --net=host -p 8081:8081 -e SKYDIVE_ANALYZERS=localhost:8082 -v /var/run/docker.sock:/var/run/docker.sock skydive/skydive agent
	# docker run --restart unless-stopped -d -p 8082:8082 skydive/skydive analyzer

	# then to access, use: http://<node>:8082/topology