Cka kubeadm init upgrade
Jump to navigation
Jump to search
Prep Ubuntu 24.04 & 22.04 Node
#!/bin/bash
set -eu
k8s_minor_version=1.31
prep_k8s_node(){
sudo apt update && sudo apt upgrade -y
sudo apt install apt-transport-https curl -y
# https://kubernetes.io/docs/setup/production-environment/container-runtimes/
sudo apt install containerd -y
sudo mkdir -p /etc/containerd
containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
# Instruct containerd to use the Systemd cgroup hierarchy (typically cgroupv2) for managing container resources.
sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
sudo systemctl restart containerd
echo "net.ipv4.ip_forward = 1" | /etc/sysctl.d/k8s.conf
sudo sysctl --system
# https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl
curl -fsSL https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v${k8s_minor_version}/deb/ /" | sudo tee /etc/apt/sources.list.d/kubernetes.list
sudo apt update
sudo apt install -y kubelet kubeadm kubectl
sudo apt-mark hold kubelet kubeadm kubectl
swapon -s # returns summary text if swap is enabled
sudo swapoff -a
sudo sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab
# overlay is already modprobed by containerd
sudo modprobe br_netfilter
echo -e "br_netfilter" | sudo tee /etc/modules-load.d/k8s.conf
lsmod | grep overlay
lsmod | grep br_netfilter
echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> ~/.bashrc
sudo reboot
}
prep_k8s_node
Install kubeadm kubectl kubelet
sudo apt-get update # apt-transport-https may be a dummy package; if so, you can skip that package sudo apt-get install -y apt-transport-https ca-certificates curl gpg # If the directory `/etc/apt/keyrings` does not exist, it should be created before the curl command, read the note below. # sudo mkdir -p -m 755 /etc/apt/keyrings curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg # This overwrites any existing configuration in /etc/apt/sources.list.d/kubernetes.list echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list sudo apt-get update sudo apt-get install -y kubelet kubeadm kubectl sudo apt-mark hold kubelet kubeadm kubectl
Init Control Plane
HA with LB for control see - https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/high-availability/ - --control-plane-endpoint
kubeadm init --apiserver-advertise-address <local ip>
Join worker node
kubeadm join
Cilium
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/
https://kubernetes.io/docs/tasks/administer-cluster/network-policy-provider/cilium-network-policy/ sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin rm cilium-linux-amd64.tar.gz cilium install && cilium wait status