Last active
August 27, 2024 06:59
-
-
Save mariuszjedrzejewski/173ca167c1aa1a5d6703295326f66cc2 to your computer and use it in GitHub Desktop.
K8s (kubeadm) install on OpenSUSE 15 with Flannel, MetalLB, ingress-nginx, NFS storage and monitoring tools
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // On master node: | |
| # firewall-cmd --add-port=6443/tcp --add-port=2379-2380/tcp --add-port=10250/tcp --add-port=8285/udp --add-port=8472/udp --permanent | |
| // On worker node: | |
| # firewall-cmd --add-port=10250/tcp --add-port=8285/udp --add-port=8472/udp --permanent | |
| # firewall-cmd --add-masquerade --permanent | |
| # firewall-cmd --reload | |
| # swapoff -a | |
| # sed -i '/ swap / s/^\(.*\)$/#\1/g' /etc/fstab | |
| # tee /etc/modules-load.d/cri-o.conf <<EOF | |
| overlay | |
| br_netfilter | |
| EOF | |
| # modprobe overlay | |
| # modprobe br_netfilter | |
| # tee /etc/sysctl.d/kubernetes.conf<<EOF | |
| net.bridge.bridge-nf-call-ip6tables = 1 | |
| net.bridge.bridge-nf-call-iptables = 1 | |
| net.ipv4.ip_forward = 1 | |
| EOF | |
| # sysctl --system | |
| # cat <<EOF > /etc/zypp/repos.d/cri-o.repo | |
| [cri-o] | |
| name=CRI-O | |
| baseurl=https://pkgs.k8s.io/addons:/cri-o:/stable:/v1.30/rpm/ | |
| enabled=1 | |
| gpgcheck=1 | |
| gpgkey=https://pkgs.k8s.io/addons:/cri-o:/stable:/v1.30/rpm/repodata/repomd.xml.key | |
| EOF | |
| # zypper install cri-o | |
| # cat <<EOF > /etc/crio/crio.conf.d/99-change-root.conf | |
| [crio] | |
| root = "/data/cri-o" | |
| EOF | |
| # systemctl enable crio | |
| # systemctl start crio | |
| # systemctl status crio | |
| # cat <<EOF > /etc/zypp/repos.d/kubernetes.repo | |
| [Kubernetes] | |
| name=Kubernetes | |
| enabled=1 | |
| baseurl=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/ | |
| gpgcheck=1 | |
| gpgkey=https://pkgs.k8s.io/core:/stable:/v1.31/rpm/repodata/repomd.xml.key | |
| EOF | |
| # zypper install conntrack-tools | |
| # zypper install kubelet kubeadm kubectl | |
| # systemctl enable kubelet.service | |
| # systemctl start kubelet.service | |
| // On master node: | |
| # kubeadm init --pod-network-cidr=10.244.0.0/16 --kubernetes-version=${KUBE_VERSION} | |
| # cp /etc/kubernetes/admin.conf /home/<admin_user>/.kube/config | |
| // On worker node: | |
| # kubeadm join [...] | |
| $ kubectl label node <node> node-role.kubernetes.io/worker=worker | |
| // Install flannel | |
| $ kubectl apply -f https://github.com/coreos/flannel/raw/master/Documentation/kube-flannel.yml | |
| // Install dnsutils | |
| $ kubectl apply -f https://k8s.io/examples/admin/dns/dnsutils.yaml | |
| $ kubectl exec dnsutils -- nslookup kubernetes.default | |
| $ kubectl exec dnsutils -- nslookup onet.pl | |
| // Install helm | |
| # curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | |
| # chmod 700 get_helm.sh | |
| # ./get_helm.sh | |
| // Install metrics-server | |
| # helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/ | |
| # helm upgrade --install --namespace=kube-system --set args={--kubelet-insecure-tls} metrics-server metrics-server/metrics-server | |
| // Install MetalLB | |
| $ helm repo add metallb https://metallb.github.io/metallb | |
| $ helm upgrade --install --create-namespace --namespace metallb-system metallb metallb/metallb | |
| // Configuration MetalLB | |
| $ cat 00001-metallb-config.yaml | |
| apiVersion: metallb.io/v1beta1 | |
| kind: IPAddressPool | |
| metadata: | |
| name: ip-pool | |
| namespace: metallb-system | |
| spec: | |
| addresses: | |
| - 192.168.1.90-192.168.1.90 | |
| --- | |
| apiVersion: metallb.io/v1beta1 | |
| kind: L2Advertisement | |
| metadata: | |
| name: l2-advertisement | |
| namespace: metallb-system | |
| $ kubectl apply -f 00001-metallb-config.yaml | |
| // Install nginx-ingress-external | |
| $ helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx | |
| $ helm repo update | |
| $ helm upgrade --install --create-namespace --namespace ingress-nginx ingress-nginx ingress-nginx/ingress-nginx | |
| $ kubectl get svc -n ingress-nginx | |
| // Install NFS storage class | |
| $ helm repo add nfs-subdir-external-provisioner https://kubernetes-sigs.github.io/nfs-subdir-external-provisioner | |
| $ helm upgrade --install --namespace nfs-system --create-namespace nfs-x.x.x.x nfs-subdir-external-provisioner/nfs-subdir-external-provisioner --set storageClass.archiveOnDelete=false --set nfs.server=x.x.x.x --set nfs.path=/export | |
| // Install monitoring tools | |
| $ helm upgrade --install --create-namespace --namespace=monitoring bitnami-kube-state-metrics oci://registry-1.docker.io/bitnamicharts/kube-state-metrics | |
| $ helm upgrade --install --create-namespace --namespace=monitoring bitnami-node-exporter oci://registry-1.docker.io/bitnamicharts/node-exporter | |
| $ helm repo add ckotzbauer https://ckotzbauer.github.io/helm-charts | |
| $ helm upgrade --install --create-namespace --namespace=monitoring --set hostNetwork=true --set container.port=9101 --set image.tag=v0.47.2 --set container.additionalArgs[6]="--port=9101" cadvisor ckotzbauer/cadvisor |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment