├── README.md ├── packet_k8s_ubuntu_16.04_master.sh ├── packet_k8s_ubuntu_16.04_node.sh ├── amazon_k8s_debian_stretch_master.sh ├── amazon_k8s_debian_stretch_node.sh ├── google_compute_k8s_ubuntu_16.04_node.sh ├── amazon_k8s_ubuntu_16.04_node.sh ├── ecs_k8s_ubuntu_16.04_node.sh ├── ecs_k8s_ubuntu_16.04_master.sh ├── google_compute_k8s_ubuntu_16.04_master.sh ├── digitalocean_k8s_centos_7_node.sh ├── amazon_k8s_ubuntu_16.04_master.sh ├── ovh_k8s_ubuntu_16.04_node.sh ├── ovh_k8s_ubuntu_16.04_master.sh ├── amazon_k8s_centos_7_node.sh ├── digitalocean_k8s_ubuntu_16.04_node.sh ├── amazon_k8s_centos_7_master.sh ├── digitalocean_k8s_centos_7_master.sh └── digitalocean_k8s_ubuntu_16.04_master.sh /README.md: -------------------------------------------------------------------------------- 1 | # Bootstrap 2 | 3 | This repository contains bootstrap scripts used by [`kubicorn`](https://github.com/kubicorn/kubicorn) to provision cloud 4 | instances. 5 | 6 | We've decided to move scripts to this repository, so we can easier manage them for each `kubicorn` release. 7 | 8 | For every `kubicorn` release, there's an appropriate branch for bootstrap scripts in this repository. Currently, 9 | `kubicorn` is in the `pre-release` phase, so it'll use bootstrap scripts from the `pre-release` branch of this 10 | repository. 11 | 12 | The `master` branch repository can contain scripts that are in-development or not tested. 13 | 14 | ## Developing bootstrap scripts 15 | 16 | If you are running `kubicorn` in the though level directory of the repository set the following environmental variable to force parse the bootstrap scripts locally. 17 | 18 | ```bash 19 | $ KUBICORN_FORCE_LOCAL_BOOTSTRAP=1 kubicorn apply mycluster -v 4 20 | 21 | ``` 22 | 23 | These are the bootstrap scripts that ship with the default `kubicorn` profiles. 24 | 25 | Feel free to add your own, or modify these at any time. 26 | 27 | The scripts are effectively what we use as `user data` to initialize a VM 28 | 29 | ### I need to template out one of these bootstrap scripts 30 | 31 | No you don't. Write bash like a pro. 32 | 33 | ### I need more data in a bootstrap script what should I do? 34 | 35 | If you really can only get it from `kubicorn` and nowhere else, you can use the `Values{}` struct to define custom key/value pairs that will be injected into your script. 36 | This will be a code change, and is intended to be just that. 37 | -------------------------------------------------------------------------------- /packet_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # order is important: 12 | # 1. update 13 | # 2. install apt-transport-https 14 | # 3. add kubernetes repos to list 15 | # 4. update again 16 | # 5. install 17 | apt-get update -y 18 | apt-get install -y apt-transport-https 19 | 20 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 21 | touch /etc/apt/sources.list.d/kubernetes.list 22 | sh -c 'echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 23 | 24 | apt-get update -y 25 | 26 | apt-get install -y \ 27 | socat \ 28 | ebtables \ 29 | docker.io \ 30 | apt-transport-https \ 31 | kubelet=${KUBERNETES_VERSION}-00 \ 32 | kubeadm=${KUBERNETES_VERSION}-00 \ 33 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 34 | cloud-utils \ 35 | jq 36 | 37 | 38 | systemctl enable docker 39 | systemctl start docker 40 | 41 | # must disable swap for kubelet to work 42 | swapoff -a 43 | 44 | PUBLICIP=$(curl --silent https://metadata.packet.net/metadata | jq '.network.addresses[] | select(.address_family == 4 and .public == true) .address') 45 | PRIVATEIP=$(curl --silent https://metadata.packet.net/metadata | jq '.network.addresses[] | select(.address_family == 4 and .public == false) .address') 46 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 47 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.kubernetesAPI.port | tonumber') 48 | 49 | kubeadm reset 50 | kubeadm init --apiserver-bind-port ${PORT} --token ${TOKEN} --apiserver-advertise-address ${PUBLICIP} --apiserver-cert-extra-sans ${PUBLICIP} ${PRIVATEIP} --kubernetes-version ${KUBERNETES_VERSION} --ignore-preflight-errors=SystemVerification 51 | 52 | kubectl apply \ 53 | -f http://docs.projectcalico.org/v2.3/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml \ 54 | --kubeconfig /etc/kubernetes/admin.conf 55 | 56 | mkdir -p /root/.kube 57 | cp /etc/kubernetes/admin.conf /root/.kube/config 58 | -------------------------------------------------------------------------------- /packet_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | # order is important: 16 | # 1. update 17 | # 2. install apt-transport-https 18 | # 3. add kubernetes repos to list 19 | # 4. update again 20 | # 5. install 21 | apt-get update -y 22 | apt-get install -y apt-transport-https 23 | 24 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 25 | touch /etc/apt/sources.list.d/kubernetes.list 26 | sh -c 'echo "deb https://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 27 | 28 | apt-get update -y 29 | 30 | apt-get install -y \ 31 | socat \ 32 | ebtables \ 33 | docker.io \ 34 | apt-transport-https \ 35 | kubelet=${KUBERNETES_VERSION}-00 \ 36 | kubeadm=${KUBERNETES_VERSION}-00 \ 37 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 38 | jq 39 | 40 | systemctl enable docker 41 | systemctl start docker 42 | 43 | # must disable swap for kubelet to work 44 | swapoff -a 45 | 46 | 47 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 48 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 49 | 50 | systemctl daemon-reload 51 | systemctl restart kubelet.service 52 | 53 | # Reset before joining 54 | kubeadm reset 55 | 56 | # Delay kubeadm join until master is ready 57 | attempts=0 58 | response=000 59 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 60 | echo "Waiting for master to be ready(${MASTER})..." 61 | sleep $REATTEMPT_INTERVAL_SECONDS 62 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 63 | done 64 | 65 | # Join the cluster 66 | if [ "${response}" -ne "200" ]; then 67 | echo "Maximum attempts reached, giving up" 68 | exit 1 69 | else 70 | echo "Master seems to be up and running. Joining the node to the cluster..." 71 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 72 | fi 73 | -------------------------------------------------------------------------------- /amazon_k8s_debian_stretch_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | apt-get update -y 12 | apt-get install -y \ 13 | socat \ 14 | cloud-utils \ 15 | apt-transport-https \ 16 | ca-certificates \ 17 | curl \ 18 | software-properties-common \ 19 | jq 20 | 21 | curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add - 22 | 23 | add-apt-repository \ 24 | "deb https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ 25 | $(lsb_release -cs) \ 26 | stable" 27 | 28 | apt-get update && apt-get install -y docker-ce=$(apt-cache madison docker-ce | grep 17.03 | head -1 | awk '{print $3}') 29 | 30 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - 31 | 32 | cat << EOF > "/etc/apt/sources.list.d/kubernetes.list" 33 | deb http://apt.kubernetes.io/ kubernetes-xenial main 34 | EOF 35 | 36 | systemctl enable docker 37 | systemctl start docker 38 | 39 | apt-get update -y 40 | apt-get install -y \ 41 | kubelet=${KUBERNETES_VERSION}-00 \ 42 | kubeadm=${KUBERNETES_VERSION}-00 \ 43 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 44 | kubectl 45 | 46 | PUBLICIP=$(ec2metadata --public-ipv4 | cut -d " " -f 2) 47 | PRIVATEIP=$(ec2metadata --local-ipv4 | cut -d " " -f 2) 48 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 49 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 50 | 51 | mkdir -p /etc/kubicorn 52 | 53 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 54 | apiVersion: kubeadm.k8s.io/v1alpha1 55 | kind: MasterConfiguration 56 | token: ${TOKEN} 57 | kubernetesVersion: ${KUBERNETES_VERSION} 58 | api: 59 | advertiseAddress: ${PUBLICIP} 60 | bindPort: ${PORT} 61 | apiServerCertSANs: 62 | - ${PUBLICIP} 63 | - ${PRIVATEIP} 64 | authorizationModes: 65 | - Node 66 | - RBAC 67 | EOF 68 | 69 | kubeadm reset 70 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 71 | 72 | kubectl apply \ 73 | -f http://docs.projectcalico.org/v2.3/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml \ 74 | --kubeconfig /etc/kubernetes/admin.conf 75 | 76 | mkdir -p /home/admin/.kube 77 | cp /etc/kubernetes/admin.conf /home/admin/.kube/config 78 | chown -R admin:admin /home/admin/.kube 79 | -------------------------------------------------------------------------------- /amazon_k8s_debian_stretch_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | apt-get update -y 16 | apt-get install -y \ 17 | socat \ 18 | cloud-utils \ 19 | apt-transport-https \ 20 | ca-certificates \ 21 | curl \ 22 | software-properties-common \ 23 | jq 24 | 25 | curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg | sudo apt-key add - 26 | 27 | add-apt-repository \ 28 | "deb https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \ 29 | $(lsb_release -cs) \ 30 | stable" 31 | 32 | apt-get update && apt-get install -y docker-ce=$(apt-cache madison docker-ce | grep 17.03 | head -1 | awk '{print $3}') 33 | 34 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - 35 | 36 | cat << EOF > "/etc/apt/sources.list.d/kubernetes.list" 37 | deb http://apt.kubernetes.io/ kubernetes-xenial main 38 | EOF 39 | 40 | apt-get update -y 41 | apt-get install -y \ 42 | kubelet=${KUBERNETES_VERSION}-00 \ 43 | kubeadm=${KUBERNETES_VERSION}-00 \ 44 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 45 | kubectl 46 | 47 | systemctl enable docker 48 | systemctl start docker 49 | 50 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 51 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 52 | HOSTNAME=$(hostname -f) 53 | 54 | 55 | # Reset before joining 56 | kubeadm reset 57 | 58 | # Delay kubeadm join until master is ready 59 | attempts=0 60 | response=000 61 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 62 | echo "Waiting for master to be ready(${MASTER})..." 63 | sleep $REATTEMPT_INTERVAL_SECONDS 64 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 65 | done 66 | 67 | # Join the cluster 68 | if [ "${response}" -ne "200" ]; then 69 | echo "Maximum attempts reached, giving up" 70 | exit 1 71 | else 72 | echo "Master seems to be up and running. Joining the node to the cluster..." 73 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 74 | fi 75 | -------------------------------------------------------------------------------- /google_compute_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | # Obtain metadata. 16 | PRIVATEIP=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/network-interfaces/0/ip"` 17 | PUBLICIP=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip"` 18 | HOSTNAME=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/name"` 19 | echo $PRIVATEIP > /tmp/.ip 20 | 21 | # Add APT repository and GPG key. 22 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 23 | touch /etc/apt/sources.list.d/kubernetes.list 24 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 25 | 26 | # Install packages. 27 | apt-get update -y 28 | apt-get install -y \ 29 | socat \ 30 | ebtables \ 31 | docker.io \ 32 | apt-transport-https \ 33 | kubelet=${KUBERNETES_VERSION}-00 \ 34 | kubeadm=${KUBERNETES_VERSION}-00 \ 35 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 36 | cloud-utils \ 37 | jq 38 | 39 | # Enable and start Docker. 40 | systemctl enable docker 41 | systemctl start docker 42 | 43 | # Parse kubicorn configuration file. 44 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 45 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 46 | 47 | # Reset before joining 48 | kubeadm reset 49 | 50 | # Delay kubeadm join until master is ready 51 | attempts=0 52 | response=000 53 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 54 | echo "Waiting for master to be ready(${MASTER})..." 55 | sleep $REATTEMPT_INTERVAL_SECONDS 56 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 57 | done 58 | 59 | # Join the cluster 60 | if [ "${response}" -ne "200" ]; then 61 | echo "Maximum attempts reached, giving up" 62 | exit 1 63 | else 64 | echo "Master seems to be up and running. Joining the node to the cluster..." 65 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 66 | fi 67 | -------------------------------------------------------------------------------- /amazon_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 16 | touch /etc/apt/sources.list.d/kubernetes.list 17 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 18 | 19 | # Has to be configured before installing kubelet, or kubelet has to be restarted to pick up changes 20 | mkdir -p /etc/systemd/system/kubelet.service.d 21 | touch /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 22 | cat << EOF > /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 23 | [Service] 24 | Environment="KUBELET_EXTRA_ARGS=--cloud-provider=aws" 25 | EOF 26 | 27 | chmod 0600 /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 28 | 29 | apt-get update -y 30 | apt-get install -y \ 31 | socat \ 32 | ebtables \ 33 | docker.io \ 34 | apt-transport-https \ 35 | kubelet=${KUBERNETES_VERSION}-00 \ 36 | kubeadm=${KUBERNETES_VERSION}-00 \ 37 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 38 | jq 39 | 40 | systemctl enable docker 41 | systemctl start docker 42 | 43 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 44 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 45 | 46 | systemctl daemon-reload 47 | systemctl restart kubelet.service 48 | 49 | # Necessary for joining a cluster with the AWS information 50 | HOSTNAME=$(hostname -f) 51 | 52 | # Reset before joining 53 | kubeadm reset 54 | 55 | # Delay kubeadm join until master is ready 56 | attempts=0 57 | response=000 58 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 59 | echo "Waiting for master to be ready(${MASTER})..." 60 | sleep $REATTEMPT_INTERVAL_SECONDS 61 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 62 | done 63 | 64 | # Join the cluster 65 | if [ "${response}" -ne "200" ]; then 66 | echo "Maximum attempts reached, giving up" 67 | exit 1 68 | else 69 | echo "Master seems to be up and running. Joining the node to the cluster..." 70 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 71 | fi 72 | -------------------------------------------------------------------------------- /ecs_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | # Obtain IP addresses. 16 | HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname | cut -d '.' -f 1) 17 | PUBLICIP=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4 ) 18 | PRIVATEIP=$(ip -f inet -o addr show ens3|cut -d\ -f 7 | cut -d/ -f 1) 19 | 20 | # Add Kubernetes repository. 21 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 22 | touch /etc/apt/sources.list.d/kubernetes.list 23 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 24 | 25 | # Install packages. 26 | apt-get update -y 27 | apt-get install -y \ 28 | socat \ 29 | ebtables \ 30 | docker.io \ 31 | apt-transport-https \ 32 | kubelet=${KUBERNETES_VERSION}-00 \ 33 | kubeadm=${KUBERNETES_VERSION}-00 \ 34 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 35 | cloud-utils \ 36 | jq 37 | 38 | # Enable and start Docker. 39 | systemctl enable docker 40 | systemctl start docker 41 | 42 | # Specify node IP for kubelet. 43 | echo "Environment=\"KUBELET_EXTRA_ARGS=--node-ip=${PRIVATEIP}\"" >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 44 | systemctl daemon-reload 45 | systemctl restart kubelet 46 | 47 | # Parse kubicorn configuration file. 48 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 49 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 50 | 51 | # Reset before joining 52 | kubeadm reset 53 | 54 | # Delay kubeadm join until master is ready 55 | attempts=0 56 | response=000 57 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 58 | echo "Waiting for master to be ready(${MASTER})..." 59 | sleep $REATTEMPT_INTERVAL_SECONDS 60 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 61 | done 62 | 63 | # Join the cluster 64 | if [ "${response}" -ne "200" ]; then 65 | echo "Maximum attempts reached, giving up" 66 | exit 1 67 | else 68 | echo "Master seems to be up and running. Joining the node to the cluster..." 69 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 70 | fi 71 | -------------------------------------------------------------------------------- /ecs_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Obtain IP addresses 12 | HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname | cut -d '.' -f 1) 13 | PUBLICIP=$(curl -s http://169.254.169.254/latest/meta-data/public-ipv4 ) 14 | PRIVATEIP=$(ip -f inet -o addr show ens3|cut -d\ -f 7 | cut -d/ -f 1) 15 | 16 | # Add Kubernetes repository. 17 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 18 | touch /etc/apt/sources.list.d/kubernetes.list 19 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 20 | 21 | # Install packages. 22 | apt-get update -y 23 | apt-get install -y \ 24 | socat \ 25 | ebtables \ 26 | docker.io \ 27 | apt-transport-https \ 28 | kubelet=${KUBERNETES_VERSION}-00 \ 29 | kubeadm=${KUBERNETES_VERSION}-00 \ 30 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 31 | cloud-utils \ 32 | jq 33 | 34 | # Enable and start Docker. 35 | systemctl enable docker 36 | systemctl start docker 37 | 38 | # Specify node IP for kubelet. 39 | echo "Environment=\"KUBELET_EXTRA_ARGS=--node-ip=${PRIVATEIP}\"" >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 40 | systemctl daemon-reload 41 | systemctl restart kubelet 42 | 43 | # Parse kubicorn configuration file. 44 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 45 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 46 | 47 | # Create kubeadm configuration file. 48 | touch /etc/kubicorn/kubeadm-config.yaml 49 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 50 | apiVersion: kubeadm.k8s.io/v1alpha1 51 | kind: MasterConfiguration 52 | token: ${TOKEN} 53 | kubernetesVersion: ${KUBERNETES_VERSION} 54 | nodeName: ${HOSTNAME} 55 | api: 56 | advertiseAddress: ${PRIVATEIP} 57 | bindPort: ${PORT} 58 | apiServerCertSANs: 59 | - ${PRIVATEIP} 60 | - ${PUBLICIP} 61 | - ${HOSTNAME} 62 | authorizationModes: 63 | - Node 64 | - RBAC 65 | EOF 66 | 67 | # Initialize cluster. 68 | kubeadm reset 69 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 70 | 71 | # Weave CNI plugin. 72 | curl -SL "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&env.IPALLOC_RANGE=172.16.6.64/27" \ 73 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 74 | 75 | mkdir -p /home/ubuntu/.kube 76 | cp /etc/kubernetes/admin.conf /home/ubuntu/.kube/config 77 | chown -R ubuntu:ubuntu /home/ubuntu/.kube 78 | -------------------------------------------------------------------------------- /google_compute_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Obtain metadata. 12 | PRIVATEIP=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/network-interfaces/0/ip"` 13 | PUBLICIP=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/network-interfaces/0/access-configs/0/external-ip"` 14 | HOSTNAME=`curl --retry 5 -sfH "Metadata-Flavor: Google" "http://metadata/computeMetadata/v1/instance/name"` 15 | echo $PRIVATEIP > /tmp/.ip 16 | 17 | # Add APT repository and GPG key. 18 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 19 | touch /etc/apt/sources.list.d/kubernetes.list 20 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 21 | 22 | # Install packages. 23 | apt-get update -y 24 | apt-get install -y \ 25 | socat \ 26 | ebtables \ 27 | docker.io \ 28 | apt-transport-https \ 29 | kubelet=${KUBERNETES_VERSION}-00 \ 30 | kubeadm=${KUBERNETES_VERSION}-00 \ 31 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 32 | cloud-utils \ 33 | jq 34 | 35 | # Enable and start Docker. 36 | systemctl enable docker 37 | systemctl start docker 38 | 39 | # Parse kubicorn configuration file. 40 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 41 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 42 | 43 | # Create kubeadm configuration file. 44 | touch /etc/kubicorn/kubeadm-config.yaml 45 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 46 | apiVersion: kubeadm.k8s.io/v1alpha1 47 | kind: MasterConfiguration 48 | token: ${TOKEN} 49 | kubernetesVersion: ${KUBERNETES_VERSION} 50 | nodeName: ${HOSTNAME} 51 | api: 52 | advertiseAddress: ${PUBLICIP} 53 | bindPort: ${PORT} 54 | apiServerCertSANs: 55 | - ${PRIVATEIP} 56 | - ${PUBLICIP} 57 | - ${HOSTNAME} 58 | authorizationModes: 59 | - Node 60 | - RBAC 61 | EOF 62 | 63 | # Initialize cluster. 64 | kubeadm reset 65 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 66 | 67 | # Weave CNI plugin. 68 | curl -SL "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&env.IPALLOC_RANGE=172.16.6.64/27" \ 69 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 70 | 71 | # Prepare kubeconfig file. 72 | mkdir -p /home/ubuntu/.kube 73 | cp /etc/kubernetes/admin.conf /home/ubuntu/.kube/config 74 | chown -R ubuntu:ubuntu /home/ubuntu/.kube 75 | -------------------------------------------------------------------------------- /digitalocean_k8s_centos_7_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | 16 | # Import GPG keys and add repository entries for Kuberenetes. 17 | rpm --import https://packages.cloud.google.com/yum/doc/yum-key.gpg 18 | rpm --import https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 19 | 20 | cat < /etc/yum.repos.d/kubernetes.repo 21 | [kubernetes] 22 | name=Kubernetes 23 | baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64 24 | enabled=1 25 | gpgcheck=1 26 | repo_gpgcheck=1 27 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg 28 | https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 29 | EOF 30 | 31 | yum makecache -y 32 | yum install -y \ 33 | docker \ 34 | socat \ 35 | ebtables \ 36 | kubelet-${KUBERNETES_VERSION}-0 \ 37 | kubeadm-${KUBERNETES_VERSION}-0 \ 38 | kubernetes-cni-${KUBERNETES_CNI}-0 \ 39 | epel-release 40 | 41 | # "jq" depends on epel-release, so it needs its own yum install command. 42 | yum install -y jq 43 | 44 | # Enable Docker and Kubelet services. 45 | sudo systemctl enable docker 46 | sudo systemctl enable kubelet 47 | sudo systemctl start docker 48 | 49 | # Required by kubeadm. 50 | sysctl -w net.bridge.bridge-nf-call-iptables=1 51 | sysctl -p 52 | 53 | # Specify node IP for kubelet. 54 | echo "KUBELET_EXTRA_ARGS=--node-ip=${PUBLICIP} --cloud-provider=external" > /etc/default/kubelet 55 | systemctl daemon-reload 56 | systemctl restart kubelet 57 | 58 | # Parse kubicorn configuration file. 59 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 60 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 61 | 62 | # Reset before joining 63 | kubeadm reset 64 | 65 | # Delay kubeadm join until master is ready 66 | attempts=0 67 | response=000 68 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 69 | echo "Waiting for master to be ready(${MASTER})..." 70 | sleep $REATTEMPT_INTERVAL_SECONDS 71 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 72 | done 73 | 74 | # Join the cluster 75 | if [ "${response}" -ne "200" ]; then 76 | echo "Maximum attempts reached, giving up" 77 | exit 1 78 | else 79 | echo "Master seems to be up and running. Joining the node to the cluster..." 80 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 81 | fi 82 | -------------------------------------------------------------------------------- /amazon_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 12 | touch /etc/apt/sources.list.d/kubernetes.list 13 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 14 | 15 | # Has to be configured before installing kubelet, or kubelet has to be restarted to pick up changes 16 | mkdir -p /etc/systemd/system/kubelet.service.d 17 | touch /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 18 | cat << EOF > /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 19 | [Service] 20 | Environment="KUBELET_EXTRA_ARGS=--cloud-provider=aws" 21 | EOF 22 | 23 | chmod 0600 /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 24 | 25 | apt-get update -y 26 | apt-get install -y \ 27 | socat \ 28 | ebtables \ 29 | docker.io \ 30 | apt-transport-https \ 31 | kubelet=${KUBERNETES_VERSION}-00 \ 32 | kubeadm=${KUBERNETES_VERSION}-00 \ 33 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 34 | cloud-utils \ 35 | jq 36 | 37 | 38 | systemctl enable docker 39 | systemctl start docker 40 | 41 | PUBLICIP=$(ec2metadata --public-ipv4 | cut -d " " -f 2) 42 | PRIVATEIP=$(ec2metadata --local-ipv4 | cut -d " " -f 2) 43 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 44 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 45 | 46 | # Necessary for joining a cluster with AWS information 47 | HOSTNAME=$(hostname -f) 48 | 49 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 50 | apiVersion: kubeadm.k8s.io/v1alpha1 51 | kind: MasterConfiguration 52 | cloudProvider: aws 53 | token: ${TOKEN} 54 | kubernetesVersion: ${KUBERNETES_VERSION} 55 | nodeName: ${HOSTNAME} 56 | api: 57 | advertiseAddress: ${PUBLICIP} 58 | bindPort: ${PORT} 59 | apiServerCertSANs: 60 | - ${PUBLICIP} 61 | - ${HOSTNAME} 62 | - ${PRIVATEIP} 63 | authorizationModes: 64 | - Node 65 | - RBAC 66 | EOF 67 | 68 | kubeadm reset 69 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 70 | 71 | kubectl apply \ 72 | -f http://docs.projectcalico.org/v2.3/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml \ 73 | --kubeconfig /etc/kubernetes/admin.conf 74 | 75 | kubectl apply \ 76 | -f https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.8/cluster/addons/storage-class/aws/default.yaml \ 77 | --kubeconfig /etc/kubernetes/admin.conf 78 | 79 | mkdir -p /home/ubuntu/.kube 80 | cp /etc/kubernetes/admin.conf /home/ubuntu/.kube/config 81 | chown -R ubuntu:ubuntu /home/ubuntu/.kube 82 | -------------------------------------------------------------------------------- /ovh_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | # Acquire private IP address 16 | cat << EOF >> "/etc/network/interfaces.d/50-cloud-init.cfg" 17 | auto ens4 18 | iface ens4 inet dhcp 19 | post-up ip route add 10.96.0.0/12 dev ens4 20 | pre-down ip route del 10.96.0.0/12 dev ens4 21 | EOF 22 | systemctl restart networking 23 | 24 | # Obtain IP addresses. 25 | HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) 26 | PUBLICIP=$(ip -f inet -o addr show ens3|cut -d\ -f 7 | cut -d/ -f 1) 27 | PRIVATEIP=$(ip -f inet -o addr show ens4|cut -d\ -f 7 | cut -d/ -f 1) 28 | 29 | # Add Kubernetes repository. 30 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 31 | touch /etc/apt/sources.list.d/kubernetes.list 32 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 33 | 34 | # Install packages. 35 | apt-get update -y 36 | apt-get install -y \ 37 | socat \ 38 | ebtables \ 39 | docker.io \ 40 | apt-transport-https \ 41 | kubelet=${KUBERNETES_VERSION}-00 \ 42 | kubeadm=${KUBERNETES_VERSION}-00 \ 43 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 44 | cloud-utils \ 45 | jq 46 | 47 | # Enable and start Docker. 48 | systemctl enable docker 49 | systemctl start docker 50 | 51 | # Specify node IP for kubelet. 52 | echo "Environment=\"KUBELET_EXTRA_ARGS=--node-ip=${PRIVATEIP}\"" >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 53 | systemctl daemon-reload 54 | systemctl restart kubelet 55 | 56 | # Parse kubicorn configuration file. 57 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 58 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 59 | 60 | # Reset before joining 61 | kubeadm reset 62 | 63 | # Delay kubeadm join until master is ready 64 | attempts=0 65 | response=000 66 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 67 | echo "Waiting for master to be ready(${MASTER})..." 68 | sleep $REATTEMPT_INTERVAL_SECONDS 69 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 70 | done 71 | 72 | # Join the cluster 73 | if [ "${response}" -ne "200" ]; then 74 | echo "Maximum attempts reached, giving up" 75 | exit 1 76 | else 77 | echo "Master seems to be up and running. Joining the node to the cluster..." 78 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 79 | fi 80 | -------------------------------------------------------------------------------- /ovh_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Acquire private IP address 12 | cat << EOF >> "/etc/network/interfaces.d/50-cloud-init.cfg" 13 | auto ens4 14 | iface ens4 inet dhcp 15 | post-up ip route add 10.96.0.0/12 dev ens4 16 | pre-down ip route del 10.96.0.0/12 dev ens4 17 | EOF 18 | systemctl restart networking 19 | 20 | # Obtain IP addresses 21 | HOSTNAME=$(curl -s http://169.254.169.254/latest/meta-data/hostname) 22 | PUBLICIP=$(ip -f inet -o addr show ens3|cut -d\ -f 7 | cut -d/ -f 1) 23 | PRIVATEIP=$(ip -f inet -o addr show ens4|cut -d\ -f 7 | cut -d/ -f 1) 24 | 25 | # Add Kubernetes repository. 26 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 27 | touch /etc/apt/sources.list.d/kubernetes.list 28 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 29 | 30 | # Install packages. 31 | apt-get update -y 32 | apt-get install -y \ 33 | socat \ 34 | ebtables \ 35 | docker.io \ 36 | apt-transport-https \ 37 | kubelet=${KUBERNETES_VERSION}-00 \ 38 | kubeadm=${KUBERNETES_VERSION}-00 \ 39 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 40 | cloud-utils \ 41 | jq 42 | 43 | # Enable and start Docker. 44 | systemctl enable docker 45 | systemctl start docker 46 | 47 | # Specify node IP for kubelet. 48 | echo "Environment=\"KUBELET_EXTRA_ARGS=--node-ip=${PRIVATEIP}\"" >> /etc/systemd/system/kubelet.service.d/10-kubeadm.conf 49 | systemctl daemon-reload 50 | systemctl restart kubelet 51 | 52 | # Parse kubicorn configuration file. 53 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 54 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 55 | 56 | # Create kubeadm configuration file. 57 | touch /etc/kubicorn/kubeadm-config.yaml 58 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 59 | apiVersion: kubeadm.k8s.io/v1alpha1 60 | kind: MasterConfiguration 61 | token: ${TOKEN} 62 | kubernetesVersion: ${KUBERNETES_VERSION} 63 | nodeName: ${HOSTNAME} 64 | api: 65 | advertiseAddress: ${PRIVATEIP} 66 | bindPort: ${PORT} 67 | apiServerCertSANs: 68 | - ${PRIVATEIP} 69 | - ${PUBLICIP} 70 | - ${HOSTNAME} 71 | authorizationModes: 72 | - Node 73 | - RBAC 74 | EOF 75 | 76 | # Initialize cluster. 77 | kubeadm reset 78 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 79 | 80 | # Weave CNI plugin. 81 | curl -SL "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&env.IPALLOC_RANGE=172.16.6.64/27" \ 82 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 83 | 84 | mkdir -p /home/ubuntu/.kube 85 | cp /etc/kubernetes/admin.conf /home/ubuntu/.kube/config 86 | sed "s/${PRIVATEIP}/${PUBLICIP}/g" -i /home/ubuntu/.kube/config 87 | chown -R ubuntu:ubuntu /home/ubuntu/.kube 88 | -------------------------------------------------------------------------------- /amazon_k8s_centos_7_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Controls delay before attempting to join the master 12 | MAX_ATTEMPTS=50 13 | REATTEMPT_INTERVAL_SECONDS=30 14 | 15 | # Disabling SELinux is not recommended and will be fixed later. 16 | sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux 17 | sudo sed -i 's/--selinux-enabled /--selinux-enabled=false /g' /etc/sysconfig/docker 18 | sudo setenforce 0 19 | 20 | sudo rpm --import https://packages.cloud.google.com/yum/doc/yum-key.gpg 21 | sudo rpm --import https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 22 | 23 | sudo sh -c 'cat < /etc/yum.repos.d/kubernetes.repo 24 | [kubernetes] 25 | name=Kubernetes 26 | baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64 27 | enabled=1 28 | gpgcheck=1 29 | repo_gpgcheck=1 30 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg 31 | https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 32 | EOF' 33 | 34 | # SELinux is disabled in DO. This is not recommended and will be fixed later. 35 | 36 | sudo yum makecache -y 37 | sudo yum install -y \ 38 | docker \ 39 | socat \ 40 | ebtables \ 41 | kubelet-${KUBERNETES_VERSION}-0 \ 42 | kubeadm-${KUBERNETES_VERSION}-0 \ 43 | kubernetes-cni-${KUBERNETES_CNI}-0 \ 44 | epel-release 45 | 46 | # jq needs its own special yum install as it depends on epel-release 47 | sudo yum install -y jq 48 | 49 | # Has to be configured before starting kubelet, or kubelet has to be restarted to pick up changes 50 | sudo sh -c 'cat < /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 51 | [Service] 52 | Environment="KUBELET_EXTRA_ARGS=--cloud-provider=aws" 53 | EOF' 54 | 55 | sudo systemctl enable docker 56 | sudo systemctl enable kubelet 57 | sudo systemctl start docker 58 | 59 | # Required by kubeadm 60 | sysctl -w net.bridge.bridge-nf-call-iptables=1 61 | sysctl -p 62 | 63 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 64 | MASTER=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 65 | # Necessary for joining a cluster with the AWS information 66 | HOSTNAME=$(hostname -f) 67 | 68 | # Reset before joining 69 | sudo -E kubeadm reset 70 | 71 | # Delay kubeadm join until master is ready 72 | attempts=0 73 | response=000 74 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 75 | echo "Waiting for master to be ready(${MASTER})..." 76 | sleep $REATTEMPT_INTERVAL_SECONDS 77 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 78 | done 79 | 80 | # Join the cluster 81 | if [ "${response}" -ne "200" ]; then 82 | echo "Maximum attempts reached, giving up" 83 | exit 1 84 | else 85 | echo "Master seems to be up and running. Joining the node to the cluster..." 86 | sudo -E kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 87 | fi 88 | -------------------------------------------------------------------------------- /digitalocean_k8s_ubuntu_16.04_node.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | DOCKER_VERSION="17.03" 11 | 12 | # Controls delay before attempting to join the master 13 | MAX_ATTEMPTS=50 14 | REATTEMPT_INTERVAL_SECONDS=30 15 | 16 | # Obtain Droplet IP addresses. 17 | HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname) 18 | PRIVATEIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address) 19 | PUBLICIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 20 | 21 | # Add Kubernetes repository. 22 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 23 | touch /etc/apt/sources.list.d/kubernetes.list 24 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 25 | 26 | # Add Docker repository 27 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 28 | sh -c 'echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list' 29 | 30 | # Update apt cache 31 | apt-get update -y 32 | 33 | # Get docker version 34 | pkg_pattern="$(echo "$DOCKER_VERSION" | sed "s/-ce-/~ce~/g" | sed "s/-/.*/g").*-0~ubuntu" 35 | search_command="apt-cache madison 'docker-ce' | grep '$pkg_pattern' | head -1 | cut -d' ' -f 4" 36 | pkg_version="$(sh -c "$search_command")" 37 | 38 | # Install packages. 39 | apt-get install -y \ 40 | socat \ 41 | ebtables \ 42 | docker-ce="${pkg_version}" \ 43 | apt-transport-https \ 44 | kubelet=${KUBERNETES_VERSION}-00 \ 45 | kubeadm=${KUBERNETES_VERSION}-00 \ 46 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 47 | cloud-utils \ 48 | jq 49 | 50 | # Enable and start Docker. 51 | systemctl enable docker 52 | systemctl start docker 53 | 54 | # Specify node IP for kubelet. 55 | echo "KUBELET_EXTRA_ARGS=--node-ip=${PUBLICIP} --cloud-provider=external" > /etc/default/kubelet 56 | systemctl daemon-reload 57 | systemctl restart kubelet 58 | 59 | # Enable Flannel Networking 60 | sysctl net.bridge.bridge-nf-call-iptables=1 61 | 62 | # Parse kubicorn configuration file. 63 | TOKEN=$(< /etc/kubicorn/cluster.json jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 64 | MASTER=$(< /etc/kubicorn/cluster.json jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDMASTER') 65 | 66 | # Reset before joining 67 | kubeadm reset --force 68 | 69 | # Delay kubeadm join until master is ready 70 | attempts=0 71 | response=000 72 | while [ "${response}" -ne "200" ] && [ $(( attempts++ )) -lt $MAX_ATTEMPTS ]; do 73 | echo "Waiting for master to be ready(${MASTER})..." 74 | sleep $REATTEMPT_INTERVAL_SECONDS 75 | response=$(curl --write-out "%{http_code}" --output /dev/null --silent --connect-timeout 10 -k "https://${MASTER}/healthz" || true) 76 | done 77 | 78 | # Join the cluster 79 | if [ "${response}" -ne "200" ]; then 80 | echo "Maximum attempts reached, giving up" 81 | exit 1 82 | else 83 | echo "Master seems to be up and running. Joining the node to the cluster..." 84 | kubeadm join --node-name "${HOSTNAME}" --token "${TOKEN}" "${MASTER}" --discovery-token-unsafe-skip-ca-verification --ignore-preflight-errors=SystemVerification 85 | fi 86 | -------------------------------------------------------------------------------- /amazon_k8s_centos_7_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Disabling SELinux is not recommended and will be fixed later. 12 | sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux 13 | sudo sed -i 's/--selinux-enabled /--selinux-enabled=false /g' /etc/sysconfig/docker 14 | sudo setenforce 0 15 | 16 | sudo rpm --import https://packages.cloud.google.com/yum/doc/yum-key.gpg 17 | sudo rpm --import https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 18 | 19 | sudo sh -c 'cat < /etc/yum.repos.d/kubernetes.repo 20 | [kubernetes] 21 | name=Kubernetes 22 | baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64 23 | enabled=1 24 | gpgcheck=1 25 | repo_gpgcheck=1 26 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg 27 | https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 28 | EOF' 29 | 30 | sudo yum makecache -y 31 | sudo yum install -y \ 32 | docker \ 33 | socat \ 34 | ebtables \ 35 | kubelet-${KUBERNETES_VERSION}-0 \ 36 | kubeadm-${KUBERNETES_VERSION}-0 \ 37 | kubernetes-cni-${KUBERNETES_CNI}-0 \ 38 | cloud-utils \ 39 | epel-release 40 | 41 | # jq needs its own special yum install as it depends on epel-release 42 | sudo yum install -y jq 43 | 44 | # Has to be configured before starting kubelet, or kubelet has to be restarted to pick up changes 45 | sudo sh -c 'cat < /etc/systemd/system/kubelet.service.d/20-cloud-provider.conf 46 | [Service] 47 | Environment="KUBELET_EXTRA_ARGS=--cloud-provider=aws" 48 | EOF' 49 | 50 | sudo systemctl enable docker 51 | sudo systemctl enable kubelet.service 52 | sudo systemctl start docker 53 | 54 | PUBLICIP=$(ec2metadata --public-ipv4 | cut -d " " -f 2) 55 | PRIVATEIP=$(ip addr show dev eth0 | awk '/inet / {print $2}' | cut -d"/" -f1) 56 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 57 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 58 | # Necessary for joining a cluster with the AWS information 59 | HOSTNAME=$(hostname -f) 60 | 61 | # Required by kubeadm 62 | sudo sysctl -w net.bridge.bridge-nf-call-iptables=1 63 | sudo sysctl -p 64 | 65 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 66 | apiVersion: kubeadm.k8s.io/v1alpha1 67 | kind: MasterConfiguration 68 | cloudProvider: aws 69 | token: ${TOKEN} 70 | kubernetesVersion: ${KUBERNETES_VERSION} 71 | nodeName: ${HOSTNAME} 72 | api: 73 | advertiseAddress: ${PUBLICIP} 74 | bindPort: ${PORT} 75 | apiServerCertSANs: 76 | - ${PUBLICIP} 77 | - ${HOSTNAME} 78 | - ${PRIVATEIP} 79 | authorizationModes: 80 | - Node 81 | - RBAC 82 | EOF 83 | 84 | kubeadm reset 85 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 86 | 87 | kubectl apply \ 88 | -f http://docs.projectcalico.org/v2.3/getting-started/kubernetes/installation/hosted/kubeadm/1.6/calico.yaml \ 89 | --kubeconfig /etc/kubernetes/admin.conf 90 | 91 | kubectl apply \ 92 | -f https://raw.githubusercontent.com/kubernetes/kubernetes/release-1.8/cluster/addons/storage-class/aws/default.yaml \ 93 | --kubeconfig /etc/kubernetes/admin.conf 94 | 95 | # Default centos user 96 | mkdir -p /home/centos/.kube 97 | cp /etc/kubernetes/admin.conf /home/centos/.kube/config 98 | chown -R centos:centos /home/centos/.kube 99 | 100 | -------------------------------------------------------------------------------- /digitalocean_k8s_centos_7_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | 11 | # Import GPG keys and add repository entries for Kuberenetes. 12 | rpm --import https://packages.cloud.google.com/yum/doc/yum-key.gpg 13 | rpm --import https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 14 | 15 | cat < /etc/yum.repos.d/kubernetes.repo 16 | [kubernetes] 17 | name=Kubernetes 18 | baseurl=http://yum.kubernetes.io/repos/kubernetes-el7-x86_64 19 | enabled=1 20 | gpgcheck=1 21 | repo_gpgcheck=1 22 | gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg 23 | https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg 24 | EOF 25 | 26 | # Install packages. 27 | yum makecache -y 28 | yum install -y \ 29 | docker \ 30 | socat \ 31 | ebtables \ 32 | kubelet-${KUBERNETES_VERSION}-0 \ 33 | kubeadm-${KUBERNETES_VERSION}-0 \ 34 | kubernetes-cni-${KUBERNETES_CNI}-0 \ 35 | cloud-utils \ 36 | epel-release 37 | 38 | # "jq" depends on epel-release, so it needs its own yum install command. 39 | sudo yum install -y jq 40 | 41 | # Enable Docker and Kubelet services. 42 | systemctl enable docker 43 | systemctl enable kubelet 44 | systemctl start docker 45 | 46 | # Obtain Droplet IP addresses. 47 | HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname) 48 | PRIVATEIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address) 49 | PUBLICIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 50 | echo $PRIVATEIP > /tmp/.ip 51 | 52 | # Specify node IP for kubelet. 53 | echo "KUBELET_EXTRA_ARGS=--node-ip=${PUBLICIP}" > /etc/default/kubelet 54 | systemctl daemon-reload 55 | systemctl restart kubelet 56 | 57 | # Parse Kubicorn configuration file. 58 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 59 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 60 | 61 | # Required by kubeadm. 62 | sysctl -w net.bridge.bridge-nf-call-iptables=1 63 | sysctl -p 64 | 65 | # Create kubeadm configuration file. 66 | touch /etc/kubicorn/kubeadm-config.yaml 67 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 68 | apiVersion: kubeadm.k8s.io/v1alpha1 69 | kind: MasterConfiguration 70 | token: ${TOKEN} 71 | kubernetesVersion: ${KUBERNETES_VERSION} 72 | nodeName: ${HOSTNAME} 73 | api: 74 | advertiseAddress: ${PUBLICIP} 75 | bindPort: ${PORT} 76 | apiServerCertSANs: 77 | - ${PRIVATEIP} 78 | - ${PUBLICIP} 79 | - ${HOSTNAME} 80 | authorizationModes: 81 | - Node 82 | - RBAC 83 | EOF 84 | 85 | # Initialize cluster. 86 | kubeadm reset 87 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 88 | 89 | # Weave CNI plugin. 90 | curl -SL "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')&env.IPALLOC_RANGE=172.16.6.64/27" \ 91 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 92 | 93 | # DigitalOcean Cloud-Manager 94 | curl -SL "https://raw.githubusercontent.com/digitalocean/digitalocean-cloud-controller-manager/master/releases/v0.1.7.yml" | kubectl apply -f - 95 | curl -SL "https://raw.githubusercontent.com/digitalocean/csi-digitalocean/master/deploy/kubernetes/releases/csi-digitalocean-v0.2.0.yaml" | kubectl apply -f - 96 | 97 | mkdir -p /root/.kube 98 | cp /etc/kubernetes/admin.conf /root/.kube/config 99 | chown -R root:root /root/.kube 100 | -------------------------------------------------------------------------------- /digitalocean_k8s_ubuntu_16.04_master.sh: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------------------------------------------------ 2 | # We are explicitly not using a templating language to inject the values as to encourage the user to limit their 3 | # use of templating logic in these files. By design all injected values should be able to be set at runtime, 4 | # and the shell script real work. If you need conditional logic, write it in bash or make another shell script. 5 | # ------------------------------------------------------------------------------------------------------------------------ 6 | 7 | # Specify the Kubernetes version to use. 8 | KUBERNETES_VERSION="1.10.11" 9 | KUBERNETES_CNI="0.6.0" 10 | DOCKER_VERSION="17.03" 11 | 12 | # Obtain Droplet IP addresses. 13 | HOSTNAME=$(curl -s http://169.254.169.254/metadata/v1/hostname) 14 | PRIVATEIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/private/0/ipv4/address) 15 | PUBLICIP=$(curl -s http://169.254.169.254/metadata/v1/interfaces/public/0/ipv4/address) 16 | 17 | # Add Kubernetes repository. 18 | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | sudo apt-key add - 19 | touch /etc/apt/sources.list.d/kubernetes.list 20 | sh -c 'echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" > /etc/apt/sources.list.d/kubernetes.list' 21 | 22 | # Add Docker repository 23 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - 24 | sh -c 'echo "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list' 25 | 26 | # Update apt cache 27 | apt-get update -y 28 | 29 | # Get docker version 30 | pkg_pattern="$(echo "$DOCKER_VERSION" | sed "s/-ce-/~ce~/g" | sed "s/-/.*/g").*-0~ubuntu" 31 | search_command="apt-cache madison 'docker-ce' | grep '$pkg_pattern' | head -1 | cut -d' ' -f 4" 32 | pkg_version="$(sh -c "$search_command")" 33 | 34 | # Install packages. 35 | apt-get install -y \ 36 | socat \ 37 | ebtables \ 38 | docker-ce="${pkg_version}" \ 39 | apt-transport-https \ 40 | kubelet=${KUBERNETES_VERSION}-00 \ 41 | kubeadm=${KUBERNETES_VERSION}-00 \ 42 | kubernetes-cni=${KUBERNETES_CNI}-00 \ 43 | cloud-utils \ 44 | jq 45 | 46 | # Enable and start Docker. 47 | systemctl enable docker 48 | systemctl start docker 49 | 50 | # Parse kubicorn configuration file. 51 | CLUSTER_NAME=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.metadata.name') 52 | TOKEN=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDTOKEN') 53 | PORT=$(cat /etc/kubicorn/cluster.json | jq -r '.clusterAPI.spec.providerConfig' | jq -r '.values.itemMap.INJECTEDPORT | tonumber') 54 | 55 | # Create kubeadm configuration file. 56 | touch /etc/kubicorn/kubeadm-config.yaml 57 | cat << EOF > "/etc/kubicorn/kubeadm-config.yaml" 58 | apiVersion: kubeadm.k8s.io/v1alpha2 59 | kind: MasterConfiguration 60 | bootstrapTokens: 61 | - token: ${TOKEN} 62 | kubernetesVersion: ${KUBERNETES_VERSION} 63 | nodeName: ${HOSTNAME} 64 | clusterName: ${CLUSTER_NAME} 65 | api: 66 | advertiseAddress: ${PUBLICIP} 67 | bindPort: ${PORT} 68 | apiServerCertSANs: 69 | - ${PRIVATEIP} 70 | - ${PUBLICIP} 71 | - ${HOSTNAME} 72 | authorizationModes: 73 | - Node 74 | - RBAC 75 | networking: 76 | podSubnet: "10.244.0.0/16" 77 | EOF 78 | 79 | # Initialize cluster. 80 | kubeadm reset --force 81 | kubeadm init --config /etc/kubicorn/kubeadm-config.yaml --ignore-preflight-errors=SystemVerification 82 | 83 | # Flannel CNI plugin 84 | sysctl net.bridge.bridge-nf-call-iptables=1 85 | curl -SL "https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml" \ 86 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 87 | 88 | # DigitalOcean Cloud-Manager 89 | curl -SL "https://raw.githubusercontent.com/digitalocean/digitalocean-cloud-controller-manager/master/releases/v0.1.7.yml" \ 90 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 91 | curl -SL "https://raw.githubusercontent.com/digitalocean/csi-digitalocean/master/deploy/kubernetes/releases/csi-digitalocean-v0.2.0.yaml" \ 92 | | kubectl apply --kubeconfig /etc/kubernetes/admin.conf -f - 93 | 94 | mkdir -p /root/.kube 95 | cp /etc/kubernetes/admin.conf /root/.kube/config 96 | chown -R root:root /root/.kube 97 | --------------------------------------------------------------------------------