diff --git a/master_node_install.sh b/master_node_install.sh index 6d8626d..2380484 100644 --- a/master_node_install.sh +++ b/master_node_install.sh @@ -1,29 +1,105 @@ -#!/bin/bash +#!/usr/bin/env bash +set -euo pipefail -read -p "Be sure to have disabled swap! Press enter to continue..." +# Arch Kubernetes control-plane install with containerd + kubeadm + Calico -sudo pacman -Syu --noconfirm -sudo pacman -S --needed --noconfirm \ +if [[ $EUID -ne 0 ]]; then + echo "Please run this script with sudo or as root." + exit 1 +fi + +read -r -p "Be sure swap is disabled. Press Enter to continue..." + +# Use the original invoking user when script is run via sudo +REAL_USER="${SUDO_USER:-root}" +REAL_HOME="$(getent passwd "$REAL_USER" | cut -d: -f6)" + +# ---- Package install ---- +pacman -Syu --noconfirm +pacman -S --needed --noconfirm \ ca-certificates \ curl \ - docker \ - docker-buildx \ - docker-compose \ + containerd \ + cni-plugins \ + crictl \ + iptables-nft \ kubeadm \ - kubelet \ kubectl \ - kubernetes-cnl + kubelet \ + socat \ + conntrack-tools \ + ethtool -# Build Kubernetes Clulster -kubeadm init -echo "Be sure to copy the join command for the workers!" +# ---- Kernel modules needed for Kubernetes networking ---- +cat >/etc/modules-load.d/k8s.conf <<'EOF' +overlay +br_netfilter +EOF -# Get Config -mkdir -p $HOME/.kube -sudo cp -l /etc/kubernetes/admin.conf $HOME/.kube/config -sudo chown $(id -u):$(id -g) $HOME/.kube/config +modprobe overlay +modprobe br_netfilter -#Deploy Container Networking -kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml -kubectl get nodes +# ---- Sysctl settings for Kubernetes networking ---- +cat >/etc/sysctl.d/99-kubernetes-cri.conf <<'EOF' +net.bridge.bridge-nf-call-iptables = 1 +net.bridge.bridge-nf-call-ip6tables = 1 +net.ipv4.ip_forward = 1 +EOF +sysctl --system + +# ---- Configure containerd ---- +mkdir -p /etc/containerd +containerd config default >/etc/containerd/config.toml + +# Use systemd cgroups for kubelet compatibility +sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml + +systemctl daemon-reload +systemctl enable --now containerd +systemctl enable --now kubelet + +echo +echo "Container runtime status:" +systemctl --no-pager --full status containerd || true +echo + +# ---- Initialize control plane ---- +# Calico commonly uses 192.168.0.0/16 for pod networking. +# Change this if it overlaps with your LAN. +POD_CIDR="192.168.0.0/16" + +kubeadm init --pod-network-cidr="${POD_CIDR}" + +echo +echo "IMPORTANT: Save the kubeadm join command shown above for worker nodes." +echo + +# ---- Configure kubectl for the invoking user ---- +mkdir -p "${REAL_HOME}/.kube" +cp /etc/kubernetes/admin.conf "${REAL_HOME}/.kube/config" +chown "${REAL_USER}:${REAL_USER}" "${REAL_HOME}/.kube/config" + +export KUBECONFIG=/etc/kubernetes/admin.conf + +# ---- Install Calico ---- +kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.31.4/manifests/calico.yaml + +# ---- Optional: allow workloads on single-node lab clusters ---- +# Uncomment if this is a one-node lab and you want to schedule normal pods on the control plane: +# kubectl taint nodes --all node-role.kubernetes.io/control-plane- + +echo +echo "Waiting briefly for node and system pods to settle..." +sleep 10 + +echo +echo "Cluster status:" +kubectl get nodes -o wide || true +echo +kubectl get pods -A || true + +echo +echo "Done." +echo "kubectl is configured for user: ${REAL_USER}" +echo "If this is a multi-node cluster, run the kubeadm join command on each worker." \ No newline at end of file