Kube manual install

1.15.4

# Setup env
export MASTER_HOST="10.0.0.1"
export SYSTEM_BUCKET_NAME="cloud-pipeline-etc"
export REGISTRY_BUCKET_NAME="cloud-pipeline-registry"

# NOTE: Proxies if needed
# export http_proxy=http://proxy.domain.com:3128
# export https_proxy=http://proxy.domain.com:3128
# export no_proxy="domain.com,.domain.com,localhost,169.254.169.254,${MASTER_HOST},127.0.0.1,.cluster.local,cluster.local,s3.amazonaws.com,.s3.amazonaws.com,s3-external-1.amazonaws.com,.s3-external-1.amazonaws.com,s3.dualstack.us-east-1.amazonaws.com,.s3.dualstack.us-east-1.amazonaws.com,.s3.amazonaws.com,s3.amazonaws.com,.s3-external-1.amazonaws.com,s3-external-1.amazonaws.com,10.96.0.1"
# NON_PROXIED_HOSTS="domain.com|*.domain.com|localhost|169.254.169.254|${MASTER_HOST}|127.0.0.1|*.cluster.local|*.cluster.local|s3.amazonaws.com|*.s3.amazonaws.com|s3-external-1.amazonaws.com|*.s3-external-1.amazonaws.com|s3.dualstack.us-east-1.amazonaws.com|*.s3.dualstack.us-east-1.amazonaws.com|*.s3.amazonaws.com|s3.amazonaws.com|*.s3-external-1.amazonaws.com|s3-external-1.amazonaws.com|10.96.0.1"
# CP_API_SRV_JAVA_OPTS="-Dhttp.proxyHost=proxy.domain.com -Dhttp.proxyPort=3128 -Dhttps.proxyHost=proxy.domain.com -Dhttps.proxyPort=3128 -Dhttp.nonProxyHosts=\"$NON_PROXIED_HOSTS\" -Dhttps.nonProxyHosts=\"$NON_PROXIED_HOSTS\""
# CP_SEARCH_JAVA_OPTS="$CP_API_SRV_JAVA_OPTS"

# Install docker
rm -f /etc/yum.repos.d/docker-ce.repo
yum install -y docker-20.10*

# Deploy kube
cat <<EOF >/etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
 
setenforce 0 || true
sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
 
mkdir -p /etc/docker
cat <<EOT > /etc/docker/daemon.json
{
  $DOCKER_DATA_ROOT_ENTRY
  "exec-opts": ["native.cgroupdriver=systemd"],
  "storage-driver": "overlay2",
  "storage-opts": [
    "overlay2.override_kernel_check=true"
  ]
}
EOT
 
if [ "$http_proxy" ] || [ "$https_proxy" ]; then
  mkdir -p /etc/systemd/system/docker.service.d
cat > /etc/systemd/system/docker.service.d/http-proxy.conf << EOF
  [Service]
  Environment="http_proxy=$http_proxy" "https_proxy=$https_proxy" "no_proxy=$no_proxy"
EOF
fi
 
# NOTE: If custom certificates are required to access public registries - put ca.crt into these directories
# mkdir -p /etc/docker/certs.d/docker.io
# mkdir -p /etc/docker/certs.d/quay.io
# mkdir -p /etc/docker/certs.d/k8s.gcr.io
# mkdir -p /etc/docker/certs.d/gcr.io
# cp ca.crt /etc/docker/certs.d/docker.io/
# cp ca.crt /etc/docker/certs.d/quay.io/
# cp ca.crt /etc/docker/certs.d/k8s.gcr.io/
# cp ca.crt /etc/docker/certs.d/gcr.io/
 
 
modprobe br_netfilter
cat <<EOF >/etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sysctl --system
 
wget --no-check-certificate https://cloud-pipeline-oss-builds.s3.amazonaws.com/tools/kube/1.15.4/rpm/kube-1.15.4.el7.tgz -O kube.tgz && \
     tar -xf kube.tgz && \
     cd kube && yum localinstall *kube*.rpm *cri-tools*.rpm -y && \
     cd .. && rm -rf kube/ && rm -rf kube.tgz
 
 
systemctl daemon-reload
systemctl enable docker
systemctl enable kubelet
systemctl start docker
systemctl start kubelet
 
bkp_http_proxy="$http_proxy"
bkp_https_proxy="$https_proxy"
bkp_no_proxy="$no_proxy"
if [ "$CP_KUBE_KEEP_KUBEADM_PROXIES" != "1" ]; then
  unset http_proxy https_proxy no_proxy
fi
 
export CP_KUBE_FLANNEL_CIDR=${CP_KUBE_FLANNEL_CIDR:-"10.244.0.0/16"}
export CP_KUBE_NODE_CIDR_MASK=${CP_KUBE_NODE_CIDR_MASK:-"26"}
export CP_KUBE_KUBELET_PORT="${CP_KUBE_KUBELET_PORT:-10250}"
 
wget --no-check-certificate "https://raw.githubusercontent.com/epam/cloud-pipeline/refs/heads/release/0.16/deploy/contents/k8s/kube-system/kubeadm-init-config.yaml"
CP_KUBEADM_INIT_CONFIG_YAML="kubeadm-init-config.yaml"
CP_KUBEADM_INIT_CONFIG_YAML_TMP="/tmp/$(basename $CP_KUBEADM_INIT_CONFIG_YAML)"
envsubst '${CP_KUBE_FLANNEL_CIDR} ${CP_KUBE_KUBELET_PORT} ${CP_KUBE_NODE_CIDR_MASK}' < "$CP_KUBEADM_INIT_CONFIG_YAML" > "$CP_KUBEADM_INIT_CONFIG_YAML_TMP"
kubeadm init --config "$CP_KUBEADM_INIT_CONFIG_YAML_TMP"
 
mkdir -p $HOME/.kube
\cp /etc/kubernetes/admin.conf $HOME/.kube/config
 
export http_proxy="$bkp_http_proxy"
export https_proxy="$bkp_https_proxy"
export no_proxy="$bkp_no_proxy"
unset bkp_http_proxy bkp_https_proxy bkp_no_proxy
 
wget --no-check-certificate https://raw.githubusercontent.com/epam/cloud-pipeline/refs/heads/release/0.16/deploy/contents/k8s/kube-system/canal.yaml
CP_KUBE_NETWORK_YAML="canal.yaml"
envsubst '${CP_KUBE_FLANNEL_CIDR}' < "$CP_KUBE_NETWORK_YAML" | kubectl apply -f -
 
kubectl create clusterrolebinding owner-cluster-admin-binding \
    --clusterrole cluster-admin \
    --user system:serviceaccount:default:default
 
sed -i '/- kube-apiserver/a \    \- --service-node-port-range=80-32767' /etc/kubernetes/manifests/kube-apiserver.yaml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Kube manual install

1.15.4

Clone this wiki locally