tookeyman/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
74fde30eeb
infra/ubuntu/bootstrap-ubuntu.sh
dtookey 74fde30eeb Initital commit
2024-09-03 09:25:22 -04:00

90 lines
3.0 KiB
Bash
Raw Blame History

#! /usr/bin/env bash
# make sure we're root
if [ "$EUID" -ne 0 ]; then
echo "Please run as root."
exit 1
fi
USER_NAME=virgil
CRICTL_VERSION="v1.30.0" # check latest version in /releases page
#sudo/ssh configuration
printf "${USER_NAME} ALL=(ALL) NOPASSWD:ALL" | tee /etc/sudoers.d/passwordless > /dev/null
printf "PasswordAuthentication no\nChallengeResponseAuthentication no\nUsePAM no\nPermitRootLogin no" | tee /etc/ssh/sshd_config.d/passwordless.conf > /dev/null
if [ -z "$(which docker)" ]; then
if [ ! -e "/etc/apt/keyrings/docker.asc" ]; then
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
chmod a+r /etc/apt/keyrings/docker.asc
fi
# Add the repository to Apt sources:
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu noble stable" | \
tee /etc/apt/sources.list.d/docker.list > /dev/null
apt-get update
apt-get install -y docker-ce docker-ce-cli containerd.io apt-transport-https
usermod -aG docker ${USER_NAME}
mkdir -p /etc/containerd
containerd config default > /etc/containerd/config.toml
sed -i -e 's,SystemdCgroup = false,SystemdCgroup = true,g' /etc/containerd/config.toml
fi
if [ "arm64" == "$(dpkg --print-architecture)" ]; then
echo "{\"exec-opts\": [\"native.cgroupdriver=systemd\"],\"log-driver\": \"json-file\",\"log-opts\": {\"max-size\": \"100m\"},\"storage-driver\": \"overlay2\"}" | tee /etc/docker/daemon.json > /dev/null
fi
if [ ! -e "/etc/modules-load.d/containerd.conf" ]; then
#todo we need to handle kvm for intel/amd/arm64 here
cat <<EOF | tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
cat <<EOF | tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
fi
# make good and sure swap is disabled
swapoff -a
swapoff -a
sed -i.bak -r 's/(.+ swap .+)/#\1/' /etc/fstab
#kubeadm install
systemctl enable --now containerd
if [ -z "$(which kubeadm)" ]; then
systemctl restart containerd
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list
deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /
EOF
apt-get update && apt-get install -y kubelet kubeadm kubectl
apt-mark hold kubelet kubeadm kubectl
systemctl enable kubelet && systemctl start kubelet
kubeadm config images pull
fi
if [ -z "$(which helm)" ]; then
curl https://baltocdn.com/helm/signing.asc | gpg --dearmor | sudo tee /etc/apt/keyrings/helm.gpg > /dev/null
sudo chmod 644 /etc/apt/keyrings/helm.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/helm.gpg] https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install -y helm
fi
Reference in New Issue View Git Blame Copy Permalink