Skip to content

Instantly share code, notes, and snippets.

@harrytang

harrytang/pi-ubuntu-k8s-base.sh

Last active October 27, 2024 11:25
Show Gist options
  • Save harrytang/ae0ae928f805b541cfbb13b07735d4e4 to your computer and use it in GitHub Desktop.
Save harrytang/ae0ae928f805b541cfbb13b07735d4e4 to your computer and use it in GitHub Desktop.
Download ZIP
Pi Ubuntu K8s base
Raw
pi-ubuntu-k8s-base.sh
#!/usr/bin/env bash
# Function to validate IPv4 and IPv6 addresses or CIDR notation
validate_ip() {
local ip="$1"
if [[ "$ip" =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}(/[0-9]{1,2})?$ ]]; then
# Validate IPv4 octets and CIDR range
IFS='.' read -r -a octets <<< "$(echo "$ip" | cut -d '/' -f1)"
for octet in "${octets[@]}"; do
if ((octet < 0 || octet > 255)); then
return 1
fi
done
return 0
elif [[ "$ip" =~ ^([a-fA-F0-9:]+:+)+[a-fA-F0-9]+(/[0-9]{1,3})?$ ]]; then
# Validate IPv6 format and CIDR range
return 0
else
return 1
fi
}
# Prompt the user for an IP or CIDR range to allow through the firewall
prompt_for_ip() {
while true; do
read -rp "Enter the IP address or range to allow through the firewall: " user_ip
if validate_ip "$user_ip"; then
echo "Valid IP address or CIDR range."
break
else
echo "Invalid IP address or CIDR range. Please enter a valid IP."
fi
done
}
# Prompt the user for the Kubernetes version
prompt_for_k8s_version() {
read -rp "Enter the Kubernetes version (e.g., v1.31): " kubernetes_version
kubernetes_version=${kubernetes_version:-v1.31} # Default to v1.31 if empty
echo "Using Kubernetes version: $kubernetes_version"
}
# Function to configure the firewall
configure_firewall() {
sudo ufw allow ssh
sudo ufw default allow routed # Allow routed traffic
sudo ufw allow from "$user_ip"
sudo ufw allow from fe80::/10 # Allow traffic from private network
sudo ufw enable
sudo ufw status verbose
}
# Function to install required packages
install_packages() {
sudo apt-get update && sudo apt-get upgrade -y
sudo apt-get install -y net-tools iputils-ping ufw vim socat
}
# Function to enable kernel modules and IP forwarding
configure_kernel() {
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
br_netfilter
overlay
EOF
sudo modprobe br_netfilter
sudo modprobe overlay
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.ipv4.ip_forward=1
net.ipv6.conf.all.forwarding=1
EOF
sudo sysctl --system
}
# Function to install Kubernetes components and CRI-O
install_kubernetes_crio() {
local crio_version="$kubernetes_version"
# Add Kubernetes and CRI-O apt repositories
curl -fsSL "https://pkgs.k8s.io/core:/stable:/$kubernetes_version/deb/Release.key" \
| sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/$kubernetes_version/deb/ /" \
| sudo tee /etc/apt/sources.list.d/kubernetes.list
curl -fsSL "https://pkgs.k8s.io/addons:/cri-o:/stable:/$crio_version/deb/Release.key" \
| sudo gpg --dearmor -o /etc/apt/keyrings/cri-o-apt-keyring.gpg
echo "deb [signed-by=/etc/apt/keyrings/cri-o-apt-keyring.gpg] https://pkgs.k8s.io/addons:/cri-o:/stable:/$crio_version/deb/ /" \
| sudo tee /etc/apt/sources.list.d/cri-o.list
# Install Kubernetes and CRI-O packages
sudo apt-get update
local k8s_version=$(apt-cache madison kubeadm | awk '{print $3}' | head -1)
local crio_version=$(apt-cache madison cri-o | awk '{print $3}' | head -1)
sudo apt-get install -y kubeadm="$k8s_version" kubelet="$k8s_version" kubectl="$k8s_version" cri-o="$crio_version"
sudo apt-mark hold kubeadm kubelet kubectl cri-o
sudo systemctl enable --now crio
}
# Main script execution
prompt_for_ip
prompt_for_k8s_version
install_packages
configure_firewall
configure_kernel
install_kubernetes_crio
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment