Difference between revisions of "Cka kubeadm init upgrade"

From UVOO Tech Wiki
Jump to navigation Jump to search
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
## Init Ubuntu 24.04 & 22.04
+
## Prep Ubuntu 24.04 & 22.04 Node
  
 
```
 
```
Line 11: Line 11:
 
   sudo apt install apt-transport-https curl -y
 
   sudo apt install apt-transport-https curl -y
  
 +
  # https://kubernetes.io/docs/setup/production-environment/container-runtimes/
 
   sudo apt install containerd -y
 
   sudo apt install containerd -y
 
   sudo mkdir -p /etc/containerd
 
   sudo mkdir -p /etc/containerd
Line 17: Line 18:
 
   sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
 
   sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
 
   sudo systemctl restart containerd
 
   sudo systemctl restart containerd
 +
  echo "net.ipv4.ip_forward = 1" | /etc/sysctl.d/k8s.conf
 +
  sudo sysctl --system
  
 +
  # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
 
   curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
 
   curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
 
   echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
 
   echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
Line 28: Line 32:
 
   sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
 
   sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
  
   # overlay is modprobed by containerd
+
   # overlay is already modprobed by containerd
 
   sudo modprobe br_netfilter
 
   sudo modprobe br_netfilter
 
   echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
 
   echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
 
   lsmod | grep overlay
 
   lsmod | grep overlay
 
   lsmod | grep br_netfilter
 
   lsmod | grep br_netfilter
 
  echo "net.ipv4.ip_forward                = 1" | /etc/sysctl.d/k8s.conf
 
  sudo sysctl --system
 
  
 
   echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
 
   echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
Line 42: Line 43:
  
 
prep_k8s_node
 
prep_k8s_node
 +
```
 +
 +
## Install kubeadm kubectl kubelet
 +
 +
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
 +
 +
```
 +
sudo apt-get update
 +
# apt-transport-https may be a dummy package; if so, you can skip that package
 +
sudo apt-get install -y apt-transport-https ca-certificates curl gpg
 +
 +
# If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
 +
# sudo mkdir -p -m 755 /etc/apt/keyrings
 +
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
 +
 +
# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
 +
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
 +
 +
sudo apt-get update
 +
sudo apt-get install -y kubelet kubeadm kubectl
 +
sudo apt-mark hold kubelet kubeadm kubectl
 +
```
 +
 +
## Init Control Plane
 +
 +
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/#initializing-your-control-plane-node
 +
 +
HA with LB for control see - https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ - --control-plane-endpoint
 +
 +
```
 +
kubeadm init --apiserver-advertise-address <local ip>
 +
 +
```
 +
 +
## Cilium
 +
 +
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/
 +
 +
```
 +
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/
 +
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
 +
rm cilium-linux-amd64.tar.gz
 +
cilium install && cilium wait status
 +
```
 +
 +
## Join worker node
 +
```
 +
kubeadm join
 +
```
 +
 +
## Enable metrics-server api for kubectl top node
 +
 +
```
 +
helm search hub metrics-server -o yaml
 +
helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
 +
helm install metrics-server metrics-server/metrics-server --set args[0]='--kubelet-insecure-tls'
 
```
 
```

Latest revision as of 17:43, 4 January 2025

Prep Ubuntu 24.04 & 22.04 Node

#!/bin/bash
set -eu

k8s_minor_version=1.31

prep_k8s_node(){
  sudo apt update && sudo apt upgrade -y
  sudo apt install apt-transport-https curl -y

  # https://kubernetes.io/docs/setup/production-environment/container-runtimes/
  sudo apt install containerd -y
  sudo mkdir -p /etc/containerd
  containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
  #  Instruct containerd to use the Systemd cgroup hierarchy (typically cgroupv2) for managing container resources.
  sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
  sudo systemctl restart containerd
  echo "net.ipv4.ip_forward = 1" | /etc/sysctl.d/k8s.conf
  sudo sysctl --system

  # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
  curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
  echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
  sudo apt update
  sudo apt install -y kubelet kubeadm kubectl
  sudo apt-mark hold kubelet kubeadm kubectl

  swapon -s # returns summary text if swap is enabled
  sudo swapoff -a
  sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab

  # overlay is already modprobed by containerd
  sudo modprobe br_netfilter
  echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
  lsmod | grep overlay
  lsmod | grep br_netfilter

  echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
  sudo reboot
}

prep_k8s_node

Install kubeadm kubectl kubelet

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl

sudo apt-get update
# apt-transport-https may be a dummy package; if so, you can skip that package
sudo apt-get install -y apt-transport-https ca-certificates curl gpg

# If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below.
# sudo mkdir -p -m 755 /etc/apt/keyrings
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg

# This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

sudo apt-get update
sudo apt-get install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl

Init Control Plane

https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/#initializing-your-control-plane-node

HA with LB for control see - https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ - --control-plane-endpoint

kubeadm init --apiserver-advertise-address <local ip>

Cilium

https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/

https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
rm cilium-linux-amd64.tar.gz
cilium install && cilium wait status

Join worker node

kubeadm join

Enable metrics-server api for kubectl top node

helm search hub metrics-server -o yaml
helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
helm install metrics-server metrics-server/metrics-server --set args[0]='--kubelet-insecure-tls'