Update master_node_install.sh
This commit is contained in:
parent
9a902be4fc
commit
6a37b7a682
|
|
@ -1,29 +1,105 @@
|
||||||
#!/bin/bash
|
#!/usr/bin/env bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
read -p "Be sure to have disabled swap! Press enter to continue..."
|
# Arch Kubernetes control-plane install with containerd + kubeadm + Calico
|
||||||
|
|
||||||
sudo pacman -Syu --noconfirm
|
if [[ $EUID -ne 0 ]]; then
|
||||||
sudo pacman -S --needed --noconfirm \
|
echo "Please run this script with sudo or as root."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
read -r -p "Be sure swap is disabled. Press Enter to continue..."
|
||||||
|
|
||||||
|
# Use the original invoking user when script is run via sudo
|
||||||
|
REAL_USER="${SUDO_USER:-root}"
|
||||||
|
REAL_HOME="$(getent passwd "$REAL_USER" | cut -d: -f6)"
|
||||||
|
|
||||||
|
# ---- Package install ----
|
||||||
|
pacman -Syu --noconfirm
|
||||||
|
pacman -S --needed --noconfirm \
|
||||||
ca-certificates \
|
ca-certificates \
|
||||||
curl \
|
curl \
|
||||||
docker \
|
containerd \
|
||||||
docker-buildx \
|
cni-plugins \
|
||||||
docker-compose \
|
crictl \
|
||||||
|
iptables-nft \
|
||||||
kubeadm \
|
kubeadm \
|
||||||
kubelet \
|
|
||||||
kubectl \
|
kubectl \
|
||||||
kubernetes-cnl
|
kubelet \
|
||||||
|
socat \
|
||||||
|
conntrack-tools \
|
||||||
|
ethtool
|
||||||
|
|
||||||
# Build Kubernetes Clulster
|
# ---- Kernel modules needed for Kubernetes networking ----
|
||||||
kubeadm init
|
cat >/etc/modules-load.d/k8s.conf <<'EOF'
|
||||||
echo "Be sure to copy the join command for the workers!"
|
overlay
|
||||||
|
br_netfilter
|
||||||
|
EOF
|
||||||
|
|
||||||
# Get Config
|
modprobe overlay
|
||||||
mkdir -p $HOME/.kube
|
modprobe br_netfilter
|
||||||
sudo cp -l /etc/kubernetes/admin.conf $HOME/.kube/config
|
|
||||||
sudo chown $(id -u):$(id -g) $HOME/.kube/config
|
|
||||||
|
|
||||||
#Deploy Container Networking
|
# ---- Sysctl settings for Kubernetes networking ----
|
||||||
kubectl apply -f https://docs.projectcalico.org/manifests/calico.yaml
|
cat >/etc/sysctl.d/99-kubernetes-cri.conf <<'EOF'
|
||||||
kubectl get nodes
|
net.bridge.bridge-nf-call-iptables = 1
|
||||||
|
net.bridge.bridge-nf-call-ip6tables = 1
|
||||||
|
net.ipv4.ip_forward = 1
|
||||||
|
EOF
|
||||||
|
|
||||||
|
sysctl --system
|
||||||
|
|
||||||
|
# ---- Configure containerd ----
|
||||||
|
mkdir -p /etc/containerd
|
||||||
|
containerd config default >/etc/containerd/config.toml
|
||||||
|
|
||||||
|
# Use systemd cgroups for kubelet compatibility
|
||||||
|
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
|
||||||
|
|
||||||
|
systemctl daemon-reload
|
||||||
|
systemctl enable --now containerd
|
||||||
|
systemctl enable --now kubelet
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "Container runtime status:"
|
||||||
|
systemctl --no-pager --full status containerd || true
|
||||||
|
echo
|
||||||
|
|
||||||
|
# ---- Initialize control plane ----
|
||||||
|
# Calico commonly uses 192.168.0.0/16 for pod networking.
|
||||||
|
# Change this if it overlaps with your LAN.
|
||||||
|
POD_CIDR="192.168.0.0/16"
|
||||||
|
|
||||||
|
kubeadm init --pod-network-cidr="${POD_CIDR}"
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "IMPORTANT: Save the kubeadm join command shown above for worker nodes."
|
||||||
|
echo
|
||||||
|
|
||||||
|
# ---- Configure kubectl for the invoking user ----
|
||||||
|
mkdir -p "${REAL_HOME}/.kube"
|
||||||
|
cp /etc/kubernetes/admin.conf "${REAL_HOME}/.kube/config"
|
||||||
|
chown "${REAL_USER}:${REAL_USER}" "${REAL_HOME}/.kube/config"
|
||||||
|
|
||||||
|
export KUBECONFIG=/etc/kubernetes/admin.conf
|
||||||
|
|
||||||
|
# ---- Install Calico ----
|
||||||
|
kubectl apply -f https://raw.githubusercontent.com/projectcalico/calico/v3.31.4/manifests/calico.yaml
|
||||||
|
|
||||||
|
# ---- Optional: allow workloads on single-node lab clusters ----
|
||||||
|
# Uncomment if this is a one-node lab and you want to schedule normal pods on the control plane:
|
||||||
|
# kubectl taint nodes --all node-role.kubernetes.io/control-plane-
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "Waiting briefly for node and system pods to settle..."
|
||||||
|
sleep 10
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "Cluster status:"
|
||||||
|
kubectl get nodes -o wide || true
|
||||||
|
echo
|
||||||
|
kubectl get pods -A || true
|
||||||
|
|
||||||
|
echo
|
||||||
|
echo "Done."
|
||||||
|
echo "kubectl is configured for user: ${REAL_USER}"
|
||||||
|
echo "If this is a multi-node cluster, run the kubeadm join command on each worker."
|
||||||
Loading…
Reference in New Issue