This repository has been archived by the owner on Jun 6, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
fedora-kubernetes.yaml
118 lines (111 loc) · 4.23 KB
/
fedora-kubernetes.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
---
# This example requires Lima v0.7.0 or later.
arch: "default"
images:
- location: "https://download.fedoraproject.org/pub/fedora/linux/releases/35/Cloud/x86_64/images/Fedora-Cloud-Base-35-1.2.x86_64.qcow2"
arch: "x86_64"
digest: "sha256:fe84502779b3477284a8d4c86731f642ca10dd3984d2b5eccdf82630a9ca2de6"
- location: "https://download.fedoraproject.org/pub/fedora/linux/releases/35/Cloud/aarch64/images/Fedora-Cloud-Base-35-1.2.aarch64.qcow2"
arch: "aarch64"
digest: "sha256:c71f2e6ce75b516d565e2c297ea9994c69b946cb3eaa0a4bbea400dbd6f59ae6"
cpus: 2
memory: "2GiB"
mounts: []
containerd:
system: true
user: false
# See https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/
provision:
- mode: system
script: |
#!/bin/bash
set -eux -o pipefail
command -v kubectl >/dev/null 2>&1 && exit 0
# Installing kubeadm on your hosts
cat <<EOF | sudo tee /etc/modules-load.d/containerd.conf
overlay
br_netfilter
EOF
modprobe overlay
modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1
EOF
sysctl --system
cat <<EOF | sudo tee /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-\$basearch
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
exclude=kubelet kubeadm kubectl
EOF
# cri-tools
yum install -y cri-tools
cat <<EOF | sudo tee /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
EOF
# cni-plugins
yum install -y containernetworking-plugins
yum install -y kubernetes-cni --disableexcludes=kubernetes
rm -f /etc/cni/net.d/*.conf*
# Set SELinux in permissive mode (effectively disabling it)
setenforce 0
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes
systemctl enable --now kubelet
- mode: system
script: |
#!/bin/bash
set -eux -o pipefail
test -e /etc/kubernetes/admin.conf && exit 0
export KUBECONFIG=/etc/kubernetes/admin.conf
kubeadm config images list
kubeadm config images pull
# Initializing your control-plane node
echo "KUBELET_EXTRA_ARGS=--fail-swap-on=false" >/etc/sysconfig/kubelet
grep ${LIMA_CIDATA_NAME} /etc/hosts || echo "${LIMA_CIDATA_SLIRP_IP_ADDRESS:-192.168.5.15} lima-${LIMA_CIDATA_NAME}" >>/etc/hosts
kubeadm init --cri-socket=/run/containerd/containerd.sock --pod-network-cidr=10.244.0.0/16 --apiserver-cert-extra-sans 127.0.0.1 \
--ignore-preflight-errors=Swap # /dev/zram0
# Installing a Pod network add-on
kubectl apply -f https://raw.githubusercontent.com/flannel-io/flannel/v0.14.0/Documentation/kube-flannel.yml
# Control plane node isolation
kubectl taint nodes --all node-role.kubernetes.io/master-
sed -e "s/${LIMA_CIDATA_SLIRP_IP_ADDRESS:-192.168.5.15}/127.0.0.1/" -i $KUBECONFIG
mkdir -p ${HOME:-/root}/.kube && cp -f $KUBECONFIG ${HOME:-/root}/.kube/config
probes:
- description: "kubectl to be installed"
script: |
#!/bin/bash
set -eux -o pipefail
if ! timeout 30s bash -c "until command -v kubectl >/dev/null 2>&1; do sleep 3; done"; then
echo >&2 "kubectl is not installed yet"
exit 1
fi
hint: |
See "/var/log/cloud-init-output.log". in the guest
- description: "kubeadm to be completed"
script: |
#!/bin/bash
set -eux -o pipefail
if ! timeout 300s bash -c "until test -f /etc/kubernetes/admin.conf; do sleep 3; done"; then
echo >&2 "k8s is not running yet"
exit 1
fi
hint: |
The k8s kubeconfig file has not yet been created.
- description: "kubernetes cluster to be running"
script: |
#!/bin/bash
set -eux -o pipefail
if ! timeout 300s bash -c "until sudo kubectl version >/dev/null 2>&1; do sleep 3; done"; then
echo >&2 "kubernetes cluster is not up and running yet"
exit 1
fi
firmware:
legacyBIOS: true