Difference between revisions of "Cka kubeadm init upgrade"
Jump to navigation
Jump to search
(Created page with "## Init Ubuntu 24.04 & 22.04 ``` #!/bin/bash set -eu k8s_minor_version=1.31 prep_k8s_node(){ sudo apt update && sudo apt upgrade -y sudo apt install apt-transport-https...") |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | ## | + | ## Prep Ubuntu 24.04 & 22.04 Node |
``` | ``` | ||
| Line 11: | Line 11: | ||
sudo apt install apt-transport-https curl -y | sudo apt install apt-transport-https curl -y | ||
| + | # https://kubernetes.io/docs/setup/production-environment/container-runtimes/ | ||
sudo apt install containerd -y | sudo apt install containerd -y | ||
sudo mkdir -p /etc/containerd | sudo mkdir -p /etc/containerd | ||
| Line 17: | Line 18: | ||
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml | sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml | ||
sudo systemctl restart containerd | sudo systemctl restart containerd | ||
| + | echo "net.ipv4.ip_forward = 1" | /etc/sysctl.d/k8s.conf | ||
| + | sudo sysctl --system | ||
| + | # https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl | ||
curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | ||
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list | echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list | ||
| Line 24: | Line 28: | ||
sudo apt-mark hold kubelet kubeadm kubectl | sudo apt-mark hold kubelet kubeadm kubectl | ||
| + | swapon -s # returns summary text if swap is enabled | ||
sudo swapoff -a | sudo swapoff -a | ||
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab | sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab | ||
| − | # overlay is modprobed by containerd | + | # overlay is already modprobed by containerd |
sudo modprobe br_netfilter | sudo modprobe br_netfilter | ||
echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf | echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf | ||
lsmod | grep overlay | lsmod | grep overlay | ||
lsmod | grep br_netfilter | lsmod | grep br_netfilter | ||
| − | |||
| − | |||
| − | |||
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc | echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc | ||
| Line 41: | Line 43: | ||
prep_k8s_node | prep_k8s_node | ||
| + | ``` | ||
| + | |||
| + | ## Install kubeadm kubectl kubelet | ||
| + | |||
| + | https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl | ||
| + | |||
| + | ``` | ||
| + | sudo apt-get update | ||
| + | # apt-transport-https may be a dummy package; if so, you can skip that package | ||
| + | sudo apt-get install -y apt-transport-https ca-certificates curl gpg | ||
| + | |||
| + | # If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below. | ||
| + | # sudo mkdir -p -m 755 /etc/apt/keyrings | ||
| + | curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg | ||
| + | |||
| + | # This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list | ||
| + | echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list | ||
| + | |||
| + | sudo apt-get update | ||
| + | sudo apt-get install -y kubelet kubeadm kubectl | ||
| + | sudo apt-mark hold kubelet kubeadm kubectl | ||
| + | ``` | ||
| + | |||
| + | ## Init Control Plane | ||
| + | |||
| + | https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm/#initializing-your-control-plane-node | ||
| + | |||
| + | HA with LB for control see - https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ - --control-plane-endpoint | ||
| + | |||
| + | ``` | ||
| + | kubeadm init --apiserver-advertise-address <local ip> | ||
| + | |||
| + | ``` | ||
| + | |||
| + | ## Cilium | ||
| + | |||
| + | https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/ | ||
| + | |||
| + | ``` | ||
| + | https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/ | ||
| + | sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin | ||
| + | rm cilium-linux-amd64.tar.gz | ||
| + | cilium install && cilium wait status | ||
| + | ``` | ||
| + | |||
| + | ## Join worker node | ||
| + | ``` | ||
| + | kubeadm join | ||
| + | ``` | ||
| + | |||
| + | ## Enable metrics-server api for kubectl top node | ||
| + | |||
| + | ``` | ||
| + | helm search hub metrics-server -o yaml | ||
| + | helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ | ||
| + | helm install metrics-server metrics-server/metrics-server --set args[0]='--kubelet-insecure-tls' | ||
``` | ``` | ||
Latest revision as of 17:43, 4 January 2025
Prep Ubuntu 24.04 & 22.04 Node
#!/bin/bash
set -eu
k8s_minor_version=1.31
prep_k8s_node(){
sudo apt update && sudo apt upgrade -y
sudo apt install apt-transport-https curl -y
# https://kubernetes.io/docs/setup/production-environment/container-runtimes/
sudo apt install containerd -y
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
# Instruct containerd to use the Systemd cgroup hierarchy (typically cgroupv2) for managing container resources.
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
echo "net.ipv4.ip_forward = 1" | /etc/sysctl.d/k8s.conf
sudo sysctl --system
# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
swapon -s # returns summary text if swap is enabled
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# overlay is already modprobed by containerd
sudo modprobe br_netfilter
echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
lsmod | grep overlay
lsmod | grep br_netfilter
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
sudo reboot
}
prep_k8s_node
Install kubeadm kubectl kubelet
sudo apt-get update # apt-transport-https may be a dummy package; if so, you can skip that package sudo apt-get install -y apt-transport-https ca-certificates curl gpg # If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below. # sudo mkdir -p -m 755 /etc/apt/keyrings curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg # This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
Init Control Plane
HA with LB for control see - https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ - --control-plane-endpoint
kubeadm init --apiserver-advertise-address <local ip>
Cilium
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/ sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin rm cilium-linux-amd64.tar.gz cilium install && cilium wait status
Join worker node
kubeadm join
Enable metrics-server api for kubectl top node
helm search hub metrics-server -o yaml helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ helm install metrics-server metrics-server/metrics-server --set args[0]='--kubelet-insecure-tls'