Last active
July 4, 2025 10:25
-
-
Save k4mrul/a8e0753d90a9b6e07cd1844aae94d47d to your computer and use it in GitHub Desktop.
cloud init script with kubernetes, helm, kubectl
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| package_update: true | |
| packages: | |
| - bash-completion | |
| - make | |
| - vim | |
| - iptables | |
| - g++ | |
| - jq | |
| - fzf | |
| - kubectx | |
| write_files: | |
| - path: /root/setup.sh | |
| permissions: '0755' | |
| content: | | |
| #!/bin/bash | |
| set -e | |
| ARCH=$(dpkg --print-architecture) | |
| EXTERNAL_IP=$(curl -s ifconfig.me) | |
| # Install yq | |
| wget "https://github.com/mikefarah/yq/releases/latest/download/yq_linux_${ARCH}" -O /usr/bin/yq && chmod +x /usr/bin/yq | |
| # Install kubectl | |
| wget -q "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${ARCH}/kubectl" | |
| install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl | |
| rm kubectl | |
| # Install fluxcd | |
| curl -s https://fluxcd.io/install.sh | sudo bash | |
| # Enable bash completion for kubectl | |
| echo "source /usr/share/bash-completion/bash_completion" >> /home/ubuntu/.bashrc | |
| echo "source <(kubectl completion bash)" >> /home/ubuntu/.bashrc | |
| echo "complete -F __start_kubectl k" >> /home/ubuntu/.bashrc | |
| echo "alias k=kubectl" >> /home/ubuntu/.bashrc | |
| # Upgrade k0s | |
| curl --proto '=https' --tlsv1.2 -sSf https://get.k0s.sh | sudo sh | |
| # Install kubernetes | |
| k0s config create > /root/k0s.yaml | |
| ## we will setup cilium cni | |
| sed -i 's/provider: kuberouter/provider: custom/' /root/k0s.yaml | |
| ## disable kubeproxy (maybe not needed but necessary for laaaarge cluster) for cilium handle routing with eBPF | |
| ##yq eval '.spec.network.kubeProxy.disabled = true' -i /root/k0s.yaml | |
| ## Changing to ipvs mode | |
| yq e '.spec.network.kubeProxy.mode = "ipvs"' -i /root/k0s.yaml | |
| ## add vm ip to sans | |
| yq e ".spec.api.sans += [\"${EXTERNAL_IP}\"]" -i /root/k0s.yaml | |
| ## Install k8s | |
| k0s install controller --enable-worker --no-taints -c /root/k0s.yaml | |
| k0s start | |
| sleep 120 | |
| mkdir -p /home/ubuntu/.kube/ | |
| k0s kubectl config rename-context Default $HOSTNAME | |
| yq e ".users[0].name = \"$(hostname)\"" -i /var/lib/k0s/pki/admin.conf | |
| yq e '.contexts[].context.user = "'$(hostname)'"' -i /var/lib/k0s/pki/admin.conf | |
| yq e '(.clusters[].name, .contexts[].context.cluster) |= "'$(hostname)'"' -i /var/lib/k0s/pki/admin.conf | |
| k0s kubeconfig admin > /home/ubuntu/.kube/config | |
| chown ubuntu:ubuntu /home/ubuntu/.kube/ -R | |
| # Install Helm | |
| curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash | |
| # install kustomize | |
| curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash | |
| mv kustomize /usr/local/bin/kustomize | |
| # Install Cilium CLI | |
| #CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/main/stable.txt) | |
| #CLI_ARCH=amd64 | |
| #if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi | |
| #curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} | |
| #sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum | |
| #sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin | |
| #rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum} | |
| #cilium install --version 1.17.4 | |
| ##Install cilium via helm (recommended) | |
| helm repo add cilium https://helm.cilium.io/ | |
| helm repo update | |
| helm upgrade --install cilium cilium/cilium --namespace kube-system -f https://gist.githubusercontent.com/k4mrul/c3b93fc6619b6de307d3ee11d536e0d7/raw | |
| sleep 60 | |
| k0s kubectl apply -f https://gist.githubusercontent.com/k4mrul/e462957521e4d0714a2e50090e9eccfd/raw | |
| ##forward request to cilium bgp | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.42.42.0:80 | |
| iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 10.42.42.0:443 | |
| iptables-save | |
| ##Install ingress-nginx | |
| helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx | |
| helm repo update | |
| helm upgrade --install ingress-nginx ingress-nginx \ | |
| --repo https://kubernetes.github.io/ingress-nginx \ | |
| --namespace ingress-nginx --create-namespace \ | |
| --version 4.11.7 \ | |
| --set controller.service.type=LoadBalancer | |
| ##Cert-manager | |
| helm repo add jetstack https://charts.jetstack.io | |
| helm repo update | |
| helm install \ | |
| cert-manager jetstack/cert-manager \ | |
| --namespace cert-manager \ | |
| --create-namespace \ | |
| --version v1.17.2 \ | |
| --set crds.enabled=true | |
| ## install longhorn storage class | |
| # k0s kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/v1.8.1/deploy/longhorn.yaml | |
| # Install Go | |
| #wget -q https://go.dev/dl/go1.24.2.linux-${ARCH}.tar.gz | |
| #tar -xvf go1.24.2.linux-${ARCH}.tar.gz | |
| #mv go /usr/local | |
| #echo "export GOROOT=/usr/local/go" >> /etc/bash.bashrc | |
| #echo "export PATH=\$GOPATH/bin:\$GOROOT/bin:\$PATH" >> /etc/bash.bashrc | |
| #ln -sf /usr/local/go/bin/go /bin/go | |
| # Install Docker | |
| #curl -fsSL get.docker.com -o get-docker.sh | |
| #sudo sh get-docker.sh | |
| #sudo systemctl start docker | |
| #sudo systemctl enable docker | |
| # Add ubuntu user to docker group | |
| sudo usermod -aG docker ubuntu | |
| runcmd: | |
| - [ bash, /root/setup.sh ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment