Difference between revisions of "Kubeadm kubernetes cluster Ubuntu 24.04"
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
# Kubeadm Cluster Scripts | # Kubeadm Cluster Scripts | ||
| − | ## | + | ## Prep k8s node |
``` | ``` | ||
#!/bin/bash | #!/bin/bash | ||
| Line 8: | Line 8: | ||
k8s_minor_version=1.31 | k8s_minor_version=1.31 | ||
| − | + | prep_k8s_node(){ | |
sudo apt update && sudo apt upgrade -y | sudo apt update && sudo apt upgrade -y | ||
sudo apt install apt-transport-https curl -y | sudo apt install apt-transport-https curl -y | ||
| Line 44: | Line 44: | ||
} | } | ||
| − | + | prep_k8s_node | |
| + | ``` | ||
| + | |||
| + | ## kubeadm init | ||
| + | ``` | ||
| + | # sudo kubeadm init --pod-network-cidr=${k8s_subnet} --v=5 | ||
| + | sudo kubeadm init --v=5 | ||
``` | ``` | ||
| Line 95: | Line 101: | ||
``` | ``` | ||
sudo kubeadm token create --print-join-command --certificate-key $(sudo kubeadm init phase upload-certs --upload-certs | sed -n '3p') | sudo kubeadm token create --print-join-command --certificate-key $(sudo kubeadm init phase upload-certs --upload-certs | sed -n '3p') | ||
| + | ``` | ||
| + | |||
| + | ## Install Cilium on init Controller | ||
| + | ``` | ||
| + | set -eu | ||
| + | install_cilium(){ | ||
| + | # https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/ | ||
| + | CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt) | ||
| + | CLI_ARCH=amd64 | ||
| + | if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi | ||
| + | curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} | ||
| + | sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum | ||
| + | sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin | ||
| + | rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} | ||
| + | |||
| + | export KUBECONFIG=/etc/kubernetes/admin.conf | ||
| + | cilium install --version 1.16.5 | ||
| + | cilium status --wait | ||
| + | } | ||
| + | install_cilium | ||
``` | ``` | ||
Revision as of 19:36, 27 December 2024
Kubeadm Cluster Scripts
Prep k8s node
#!/bin/bash
set -eu
k8s_minor_version=1.31
prep_k8s_node(){
sudo apt update && sudo apt upgrade -y
sudo apt install apt-transport-https curl -y
sudo apt install containerd -y
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
sudo modprobe overlay
sudo modprobe br_netfilter
echo -e "br_netfilter\noverlay" | sudo tee /etc/modules-load.d/kubernetes-cni.conf
lsmod | grep overlay
lsmod | grep br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
EOF
sudo sysctl --system
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
sudo reboot
}
prep_k8s_node
kubeadm init
# sudo kubeadm init --pod-network-cidr=${k8s_subnet} --v=5
sudo kubeadm init --v=5
Upgrade node Kubernetes version
#!/bin/bash
set -eu
k8s_minor_version=1.31
update_kubeadm_version(){
k8s_minor_version=1.31
k8s_keyring_file="/etc/apt/keyrings/kubernetes-apt-keyring.gpg"
if [ ! -f "${k8s_keyring_file}" ]; then
curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key 2>/dev/null | sudo gpg --dearmor -o ${k8s_keyring_file}
fi
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt-get update
sudo apt-mark unhold kubeadm kubectl kubelet && \
sudo apt-get install -y kubelet=${k8s_minor_version}.* kubeadm=${k8s_minor_version}.* kubectl=${k8s_minor_version}.* && \
sudo apt-mark hold kubeadm kubectl kubelet && \
sudo systemctl restart kubelet
sudo apt-get -y dist-upgrade
kubeadm version -o short
echo "Reboot in 10 seconds"; sleep 10
sudo reboot
}
update_kubeadm_version
Upgrade primary controller
k8s_patch_version=$(kubeadm version -o short)
echo "Updating to version ${k8s_patch_version} in 10 seconds."; sleep 10
sudo kubeadm upgrade plan
sudo killall -s SIGTERM kube-apiserver # trigger a graceful kube-apiserver shutdown
sleep 20 # wait a little bit to permit completing in-flight requests
kubeadm upgrade apply -y ${k8s_patch_version}
Get Worker Join Command - token expires 24h default
sudo kubeadm token create --print-join-command --ttl 1h
Get Controller Join Command (must be ran from existing controller. token expires 2h default)
sudo kubeadm token create --print-join-command --certificate-key $(sudo kubeadm init phase upload-certs --upload-certs | sed -n '3p')
Install Cilium on init Controller
set -eu
install_cilium(){
# https://docs.cilium.io/en/stable/gettingstarted/k8s-install-default/
CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt)
CLI_ARCH=amd64
if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi
curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin
rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
export KUBECONFIG=/etc/kubernetes/admin.conf
cilium install --version 1.16.5
cilium status --wait
}
install_cilium