89 lines
2.6 KiB
Bash
89 lines
2.6 KiB
Bash
#! /usr/bin/env bash
|
|
|
|
# make sure we're root
|
|
if [ "$EUID" -ne 0 ]; then
|
|
echo "Please run as root."
|
|
exit 1
|
|
fi
|
|
|
|
USER_NAME=virgil
|
|
CRICTL_VERSION="v1.30.0" # check latest version in /releases page
|
|
|
|
|
|
#sudo/ssh configuration
|
|
printf "${USER_NAME} ALL=(ALL) NOPASSWD:ALL" | tee /etc/sudoers.d/passwordless > /dev/null
|
|
printf "PasswordAuthentication no\nChallengeResponseAuthentication no\nUsePAM no\nPermitRootLogin no" | tee /etc/ssh/sshd_config.d/passwordless.conf > /dev/null
|
|
|
|
if [ -z "$(which docker)" ]; then
|
|
|
|
if [ ! -e "/etc/apt/keyrings/docker.asc" ]; then
|
|
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
|
|
chmod a+r /etc/apt/keyrings/docker.asc
|
|
fi
|
|
|
|
# Add the repository to Apt sources:
|
|
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu noble stable" | \
|
|
tee /etc/apt/sources.list.d/docker.list > /dev/null
|
|
|
|
apt-get update
|
|
apt-get install -y docker-ce docker-ce-cli containerd.io apt-transport-https
|
|
usermod -aG docker ${USER_NAME}
|
|
|
|
mkdir -p /etc/containerd
|
|
containerd config default > /etc/containerd/config.toml
|
|
sed -i -e 's,SystemdCgroup = false,SystemdCgroup = true,g' /etc/containerd/config.toml
|
|
fi
|
|
|
|
if [ "arm64" == "$(dpkg --print-architecture)" ]; then
|
|
echo "{\"exec-opts\": [\"native.cgroupdriver=systemd\"],\"log-driver\": \"json-file\",\"log-opts\": {\"max-size\": \"100m\"},\"storage-driver\": \"overlay2\"}" | tee /etc/docker/daemon.json > /dev/null
|
|
fi
|
|
|
|
if [ ! -e "/etc/modules-load.d/containerd.conf" ]; then
|
|
|
|
#todo we need to handle kvm for intel/amd/arm64 here
|
|
cat <<EOF | tee /etc/modules-load.d/containerd.conf
|
|
overlay
|
|
br_netfilter
|
|
EOF
|
|
modprobe overlay
|
|
modprobe br_netfilter
|
|
|
|
cat <<EOF | tee /etc/sysctl.d/99-kubernetes-cri.conf
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
net.ipv4.ip_forward = 1
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
EOF
|
|
sysctl --system
|
|
fi
|
|
|
|
# make good and sure swap is disabled
|
|
swapoff -a
|
|
swapoff -a
|
|
sed -i.bak -r 's/(.+ swap .+)/#\1/' /etc/fstab
|
|
|
|
#kubeadm install
|
|
systemctl enable --now containerd
|
|
|
|
if [ -z "$(which kubeadm)" ]; then
|
|
|
|
systemctl restart containerd
|
|
|
|
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
|
|
|
|
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
|
|
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /
|
|
EOF
|
|
|
|
|
|
apt-get update && apt-get install -y kubelet kubeadm kubectl
|
|
apt-mark hold kubelet kubeadm kubectl
|
|
systemctl enable kubelet && systemctl start kubelet
|
|
|
|
|
|
kubeadm config images pull
|
|
fi
|
|
|
|
|
|
apt-get upgrade -y
|
|
apt-get autoremove -y
|