Last active
December 14, 2018 11:55
-
-
Save veny/61cdf0bb9e072df9ddede04ba81342a5 to your computer and use it in GitHub Desktop.
Vagrant based K8s cluster on CentOS/7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Author: vaclav.sykora@oracle.com | |
# Description: Installs Docker Engine and setup Kubernetes cluster | |
# | |
# Optional plugins: | |
# vagrant-proxyconf (if you don't have direct access to the Internet) | |
# see https://github.com/tmatilai/vagrant-proxyconf for configuration | |
# | |
# Usage: | |
# > vagrant plugin install vagrant-proxyconf # optional, in case you are behind a corporate proxy server | |
# > vagrant init # optional, just to initialize the current directory to be a Vagrant environment | |
# > vagrant up | |
# > vagrant ssh-config >> ~/.ssh/config | |
# > sudo vi /etc/hosts | |
# * add '127.0.0.1 master node1 node2' | |
nodes = [ | |
{ :hostname => 'master', :ip => '10.0.0.10', :id => '10' }, # use two digits id(s) | |
{ :hostname => 'node1', :ip => '10.0.0.11', :id => '11' }, | |
{ :hostname => 'node2', :ip => '10.0.0.12', :id => '12' }, | |
] | |
memory = 2000 | |
domain = 'kube' | |
hosts = nodes.map { |h| "#{h[:ip]} #{h[:hostname]} #{h[:hostname]}.#{domain}" }.join('\n') | |
$script = <<-SCRIPT | |
echo -e "127.0.0.1 localhost localhost.localdomain\\n#{hosts}" > /etc/hosts | |
echo "--->>> Disable SELinux" | |
setenforce 0 | |
sed -i --follow-symlinks 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/sysconfig/selinux | |
echo "--->>> Disable Swap" | |
swapoff -a | |
sed -i '/^.* swap /s/^#*/#/g' /etc/fstab | |
echo "--->>> Enable br_netfilter" | |
modprobe br_netfilter | |
echo -e "net.bridge.bridge-nf-call-iptables = 1\nnet.ipv4.ip_forward = 1" >> /etc/sysctl.conf | |
sysctl -p | |
echo "--->>> Install Docker" | |
yum install -y yum-utils device-mapper-persistent-data lvm2 | |
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo | |
yum install -y docker-ce | |
systemctl start docker && systemctl enable docker | |
gpasswd -a vagrant docker | |
echo "--->>> Install Kubernetes" | |
cat <<EOF > /etc/yum.repos.d/kubernetes.repo | |
[kubernetes] | |
name=Kubernetes | |
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 | |
enabled=1 | |
gpgcheck=1 | |
repo_gpgcheck=1 | |
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg | |
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg | |
EOF | |
yum install -y kubelet kubeadm kubectl | |
echo "--->>> Bootstrap a secure Kubernetes cluster" | |
if [ "$HOSTNAME" = master ]; then | |
echo "--->>> Initializing the master" | |
kubeadm reset --force | |
kubeadm init --apiserver-advertise-address=10.0.0.10 --pod-network-cidr=10.244.0.0/16 | tee /var/tmp/kubeadm_init.stdout | |
echo "--->>> Installing a pod network add-on" | |
export KUBECONFIG=/etc/kubernetes/admin.conf | |
kubectl apply -f "https://cloud.weave.works/k8s/net?k8s-version=$(kubectl version | base64 | tr -d '\n')" | |
else | |
echo "--->>> Joining the node(s)" | |
cmd=$(ssh -o StrictHostKeyChecking=no -i /home/vagrant/.ssh/id_rsa vagrant@master "cat /var/tmp/kubeadm_init.stdout | grep 'kubeadm join ' | sed -e 's/^[ \t]*//'") | |
[ -z "$cmd" ] && echo "---!!! Failed to get command (join new node)" && exit 1 | |
echo "Starting: $cmd" | |
eval $cmd | |
fi | |
chmod o+r /etc/kubernetes/admin.conf | |
grep KUBECONFIG /home/vagrant/.bashrc; if [[ $? != 0 ]]; then echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /home/vagrant/.bashrc; fi | |
grep KUBECONFIG /root/.bashrc; if [[ $? != 0 ]]; then echo 'export KUBECONFIG=/etc/kubernetes/admin.conf' >> /root/.bashrc; fi | |
systemctl start kubelet && systemctl enable kubelet | |
SCRIPT | |
Vagrant.configure('2') do |config| | |
config.ssh.insert_key = false | |
if Vagrant.has_plugin?('vagrant-proxyconf') | |
['http_proxy', 'HTTP_PROXY', 'https_proxy', 'HTTPS_PROXY', 'no_proxy', 'NO_PROXY'].each do |var| | |
if proxy = ENV[var] | |
case var.downcase | |
when 'http_proxy' | |
config.proxy.http = proxy | |
when 'https_proxy' | |
config.proxy.https = proxy | |
when 'no_proxy' | |
cluster_no_proxy = [".#{domain}"] | |
cluster_no_proxy.push(nodes.map { |h| h[:hostname] }).push(nodes.map { |h| h[:ip] }) | |
proxy += ",#{cluster_no_proxy.flatten.join(',')}" | |
config.proxy.no_proxy = proxy | |
end | |
puts "#{var}: #{proxy}" | |
end | |
end | |
end | |
nodes.each do |node| | |
config.vm.define node[:hostname] do |nodeconfig| | |
nodeconfig.vm.box = 'centos/7' | |
nodeconfig.vm.hostname = node[:hostname] | |
nodeconfig.vm.network :private_network, ip: node[:ip], virtualbox__intnet: domain | |
nodeconfig.vm.provider :virtualbox do |vb| | |
vb.name = "#{node[:hostname]}.#{domain}" | |
vb.memory = memory | |
vb.cpus = 1 | |
vb.customize ['modifyvm', :id, '--natdnshostresolver1', 'on'] | |
vb.customize ['modifyvm', :id, '--natdnsproxy1', 'on'] | |
vb.customize ['modifyvm', :id, '--macaddress1', "5CA1AB1E00#{node[:id]}"] | |
vb.customize ['modifyvm', :id, '--natnet1', '192.168/16'] | |
end | |
nodeconfig.vm.provision 'file', source: '~/.vagrant.d/insecure_private_key', destination: '/home/vagrant/.ssh/id_rsa' | |
nodeconfig.vm.provision 'shell', inline: $script, run: 'once' | |
end | |
end | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment