ungleich-k8s/v1/README.md

# Kubernetes on alpine linux

Note: the kubeadm and cilium config files where created for use with asus3.place10.ungleich.ch


## Configure OS

```
sysctl -w net.ipv6.conf.all.accept_ra=2
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv4.ip_forward=1

modprobe br_netfilter

apk update
apk add ip6tables
apk add git

# for cilium
mount --make-shared /sys
mount bpffs /sys/fs/bpf -t bpf

```

---

## Install and configure container runtime

```
apk add cri-o

cat > /etc/crio/crio.conf.d/override.conf << DONE
[crio.runtime]
# pivot_root does not work on tmpfs
no_pivot = true

# Overide defaults to not use systemd cgroups.
conmon_cgroup = "pod"
cgroup_manager = "cgroupfs"
DONE

rc-update add crio default
service start crio

# Make sure OS packages and cilium use the same cni-bin dir
rm -rf /opt/cni/bin
cd /opt/cni
ln -s ../../usr/libexec/cni bin
```

### Optional cri tools.

```
apk add cri-tools

cat > /etc/crictl.yaml << DONE
runtime-endpoint: unix:///run/crio/crio.sock
image-endpoint: unix:///run/crio/crio.sock
timeout: 10
debug: false
DONE
```

### Test if we can talk to cri-o

```
crictl info
```

---

## Install kubeadm and friends

```
apk add kubeadm
apk add kubelet

# Save yourself lot's of typing
cd /usr/local/bin/
ln -s ../../bin/kubectl k
```

## Install kubelet

```
apk add kubectl
apk add kubelet
rc-update add kubelet default
# Start kubelet as kubeadm can not do that on alpine
service start kubelet
```


---

## Bootstrap kubernetes cluster (only on the first control plane node)

```
kubeadm init phase preflight --config ./kubeadm-config.yaml
kubeadm config images pull --config ./kubeadm-config.yaml
kubeadm init --config ./kubeadm-config.yaml --skip-phases=addon/kube-proxy

# Untaint master to allow running workloads on master nodes (for POC)
kubectl taint nodes --all node-role.kubernetes.io/master-
```

---

## Configure cluster (ideally from laptop/external machine)

```
# install helm (the version from alpine causes problems with helmfile)
cd /tmp
wget https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz
tar -xvzf helm-v3.5.2-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/
chmod +x /usr/local/bin/helm

# install helm diff plugin
helm plugin install https://github.com/databus23/helm-diff

# install helmfile (usually on laptop/external node)
cd /tmp
wget https://github.com/roboll/helmfile/releases/download/v0.138.4/helmfile_linux_amd64
mv /usr/bin/helmfile_linux_amd64 /usr/local/bin/
chmod +x /usr/local/bin/helmfile


# Setup KUBECONFIG when running on the master node.
# Configure ~/.kube/config when running from laptop.
export KUBECONFIG=/etc/kubernetes/admin.conf

# Install cilium using helmfile and local values file
cd cilium/
helmfile diff
helmfile sync

```
Add v1 (thanks to a good friend) Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2021-03-21 17:12:20 +00:00			`# Kubernetes on alpine linux`

			`Note: the kubeadm and cilium config files where created for use with asus3.place10.ungleich.ch`


			`## Configure OS`

			```
			`sysctl -w net.ipv6.conf.all.accept_ra=2`
			`sysctl -w net.ipv6.conf.all.forwarding=1`
			`sysctl -w net.ipv4.ip_forward=1`

			`modprobe br_netfilter`

			`apk update`
			`apk add ip6tables`
			`apk add git`

			`# for cilium`
			`mount --make-shared /sys`
			`mount bpffs /sys/fs/bpf -t bpf`

			```

			`---`

			`## Install and configure container runtime`

			```
			`apk add cri-o`

			`cat > /etc/crio/crio.conf.d/override.conf << DONE`
			`[crio.runtime]`
			`# pivot_root does not work on tmpfs`
			`no_pivot = true`

			`# Overide defaults to not use systemd cgroups.`
			`conmon_cgroup = "pod"`
			`cgroup_manager = "cgroupfs"`
			`DONE`

			`rc-update add crio default`
			`service start crio`

			`# Make sure OS packages and cilium use the same cni-bin dir`
			`rm -rf /opt/cni/bin`
			`cd /opt/cni`
			`ln -s ../../usr/libexec/cni bin`
			```

			`### Optional cri tools.`

			```
			`apk add cri-tools`

			`cat > /etc/crictl.yaml << DONE`
			`runtime-endpoint: unix:///run/crio/crio.sock`
			`image-endpoint: unix:///run/crio/crio.sock`
			`timeout: 10`
			`debug: false`
			`DONE`
			```

			`### Test if we can talk to cri-o`

			```
			`crictl info`
			```

			`---`

			`## Install kubeadm and friends`

			```
			`apk add kubeadm`
			`apk add kubelet`

			`# Save yourself lot's of typing`
			`cd /usr/local/bin/`
			`ln -s ../../bin/kubectl k`
			```

			`## Install kubelet`

			```
			`apk add kubectl`
			`apk add kubelet`
			`rc-update add kubelet default`
			`# Start kubelet as kubeadm can not do that on alpine`
			`service start kubelet`
			```


			`---`

			`## Bootstrap kubernetes cluster (only on the first control plane node)`

			```
			`kubeadm init phase preflight --config ./kubeadm-config.yaml`
			`kubeadm config images pull --config ./kubeadm-config.yaml`
			`kubeadm init --config ./kubeadm-config.yaml --skip-phases=addon/kube-proxy`

			`# Untaint master to allow running workloads on master nodes (for POC)`
			`kubectl taint nodes --all node-role.kubernetes.io/master-`
			```

			`---`

			`## Configure cluster (ideally from laptop/external machine)`

			```
			`# install helm (the version from alpine causes problems with helmfile)`
			`cd /tmp`
			`wget https://get.helm.sh/helm-v3.5.2-linux-amd64.tar.gz`
			`tar -xvzf helm-v3.5.2-linux-amd64.tar.gz`
			`mv linux-amd64/helm /usr/local/bin/`
			`chmod +x /usr/local/bin/helm`

			`# install helm diff plugin`
			`helm plugin install https://github.com/databus23/helm-diff`

			`# install helmfile (usually on laptop/external node)`
			`cd /tmp`
			`wget https://github.com/roboll/helmfile/releases/download/v0.138.4/helmfile_linux_amd64`
			`mv /usr/bin/helmfile_linux_amd64 /usr/local/bin/`
			`chmod +x /usr/local/bin/helmfile`


			`# Setup KUBECONFIG when running on the master node.`
			`# Configure ~/.kube/config when running from laptop.`
			`export KUBECONFIG=/etc/kubernetes/admin.conf`

			`# Install cilium using helmfile and local values file`
			`cd cilium/`
			`helmfile diff`
			`helmfile sync`

			```