cluster_script/cluster_script.sh at main · aerOS-Project/cluster_script · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
#!/bin/bash
: '
Description:
  This script installs a Kubernetes cluster with the following specifications:
    - Kubeadm: Utilized for cluster creation, configured without kube-proxy.
    - Container Runtime Interface (CRI): Containerd is used as the container runtime.
    - Helm: Integrated for managing Kubernetes applications.
    - Storage Class: OpenEBS is set up to manage storage.
    - CNI (Container Network Interface): Cilium is used, replacing the traditional kube-proxy.
    - Monitoring: Prometheus is included for monitoring cluster performance and health.
'


###Text colors###
GREEN="\033[0;32m"
RED='\033[0;31m'
YELLOW="\033[0;33m"
NC='\033[0m'

function install_pre() {
    echo -e "${RED}***Installing system pre-reguirements***${NC}"
    sudo swapoff -a
    sudo apt update
    sudo apt install ebtables ethtool -y
    sudo apt install curl
    sudo apt install ca-certificates curl gnupg
    sudo install -m 0755 -d /etc/apt/keyrings
}

function install_docker() {
    echo -e "${RED}***Installing Docker***${NC}"
    # Add Docker's official GPG key:
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
    chmod a+r /etc/apt/keyrings/docker.gpg
    # Add the repository to Apt sources:
    echo \
      "deb [arch="$(dpkg --print-architecture)" signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
      "$(. /etc/os-release && echo "$VERSION_CODENAME")" stable" | \
      sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
    sudo apt update
    sudo apt install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin -y
    sudo docker version
}

function containerd_systemd_service() {
    echo -e "${RED}***Configuring contairerd***${NC}"
    sudo install -m 0755 -d /etc/containerd
    sudo containerd config default > /etc/containerd/config.toml
    sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml
    sudo systemctl daemon-reload
    sudo systemctl enable --now containerd
}

function install_kubeadm() {
    echo -e "${RED}***Installing kubeadm***${NC}"
    K8S_VERSION=1.28.3-1.1
    sudo apt update && sudo apt install -y apt-transport-https
    curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
    echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
    sudo apt update -y
    echo "Installing Kubernetes Packages ..."
    sudo apt install -y kubelet=${K8S_VERSION} kubeadm=${K8S_VERSION} kubectl=${K8S_VERSION}
    sudo apt-mark hold kubelet kubeadm kubectl
    sudo systemctl restart containerd.service
}

function init_kubeadm() {
    echo -e "${RED}***Initiating kubeadm***${NC}"
    sed -i.bak '/.*none.*swap/s/^\(.*\)$/#\1/g' /etc/fstab
    cat <<EOF > /tmp/kubeadm-init-args.conf
apiVersion: kubeadm.k8s.io/v1beta3
kind: InitConfiguration
skipPhases:
  - addon/kube-proxy

---

apiVersion: kubeadm.k8s.io/v1beta3
kind: ClusterConfiguration
apiServer:
  extraArgs:
    service-node-port-range: 30000-32767
networking:
  serviceSubnet: "$SERVICE_IP"
  podSubnet: "$POD_CIDR"
  clusterName: "$CLUSTER_NAME"
clusterName: "$CLUSTER_NAME"
---

kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
cgroupDriver: systemd
EOF
    sudo systemctl restart containerd.service
    sudo kubeadm init --config /tmp/kubeadm-init-args.conf --v=5
    sleep 5
}

function kube_config_dir() {
    K8S_MANIFEST_DIR="/etc/kubernetes/manifests"
    mkdir -p $HOME/.kube
    sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
    sudo chown $(id -u):$(id -g) $HOME/.kube/config

}


function install_helm() {
    echo -e "${RED}***Installing Helm***${NC}"
    HELM_VERSION="v3.12.1"
    if ! [[ "$(helm version --short 2>/dev/null)" =~ ^v3.* ]]; then
        echo "Helm3 is not installed, installing ..."
        curl https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz --output helm-${HELM_VERSION}.tar.gz
        tar -zxvf helm-${HELM_VERSION}.tar.gz
        sudo mv linux-amd64/helm /usr/local/bin/helm
        rm -r linux-amd64
        rm helm-${HELM_VERSION}.tar.gz
    else
        echo "Helm3 is already installed. Skipping installation..."
    fi
}

function untaint_control_plane_node() {
    K8S_MASTER=$(sudo kubectl get nodes -o jsonpath='{.items[*].metadata.name}')
    kubectl taint node $K8S_MASTER node-role.kubernetes.io/control-plane-
    sleep 5
}

function install_k8s_storageclass() {
    echo -e "${RED}***Installing OpenEBS***${NC}"
    echo "Installing open-iscsi"
    sudo apt update -y
    sudo apt install open-iscsi -y
    sudo systemctl enable --now iscsid
    OPENEBS_VERSION="3.1.0"
    echo "Installing OpenEBS"
    helm repo add openebs https://openebs.github.io/charts
    helm repo update
    helm install --create-namespace --namespace openebs openebs openebs/openebs --version ${OPENEBS_VERSION}
    helm ls -n openebs
    local storageclass_timeout=400
    local counter=0
    local storageclass_ready=""
    echo "Waiting for storageclass"
    while (( counter < storageclass_timeout ))
    do
        kubectl get storageclass openebs-hostpath &> /dev/null

        if [ $? -eq 0 ] ; then
            echo "Storageclass available"
            storageclass_ready="y"
            break
        else
            counter=$((counter + 15))
            sleep 15
        fi
    done
    [ -n "$storageclass_ready" ] || FATAL "Storageclass not ready after $storageclass_timeout seconds. Cannot install openebs"
    kubectl patch storageclass openebs-hostpath -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'
}

function install_cilium(){
    echo -e "${RED}***Installing Cilium CNI***${NC}"
    CILIUM_CLI_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/cilium-cli/master/stable.txt)
    CLI_ARCH=amd64
    if [ "$(uname -m)" = "aarch64" ]; then CLI_ARCH=arm64; fi
    curl -L --fail --remote-name-all https://github.com/cilium/cilium-cli/releases/download/${CILIUM_CLI_VERSION}/cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}
    sha256sum --check cilium-linux-${CLI_ARCH}.tar.gz.sha256sum
    sudo tar xzvfC cilium-linux-${CLI_ARCH}.tar.gz /usr/local/bin
    rm cilium-linux-${CLI_ARCH}.tar.gz{,.sha256sum}

    cilium install --version 1.14.3 --set cluster.name=${CLUSTER_NAME} --set cluster.id=${CLUSTER_ID} --helm-set-string ipam.operator.clusterPoolIPv4PodCIDRList=$POD_CIDR

    cilium status --wait
    cilium hubble enable

}

function install_hubble() {
  echo -e "${RED}***Installing Hubble***${NC}"
  HUBBLE_VERSION=$(curl -s https://raw.githubusercontent.com/cilium/hubble/master/stable.txt)
  HUBBLE_ARCH=amd64
  if [ "$(uname -m)" = "aarch64" ]; then HUBBLE_ARCH=arm64; fi
  curl -L --fail --remote-name-all https://github.com/cilium/hubble/releases/download/$HUBBLE_VERSION/hubble-linux-${HUBBLE_ARCH}.tar.gz{,.sha256sum}
  sha256sum --check hubble-linux-${HUBBLE_ARCH}.tar.gz.sha256sum
  sudo tar xzvfC hubble-linux-${HUBBLE_ARCH}.tar.gz /usr/local/bin
  rm hubble-linux-${HUBBLE_ARCH}.tar.gz{,.sha256sum}
  echo "Starting hubble port-forward in the background."
  sudo nohup cilium hubble port-forward > /dev/null 2>&1 &
  sleep 7
  cilium status
}


function install_prometheus(){
    echo -e "${RED}***Installing Prometheus***${NC}"
    helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
    helm repo update
    kubectl create ns monitoring;
    helm install prometheus-community/kube-prometheus-stack --generate-name --set grafana.service.type=NodePort --set prometheus.service.type=NodePort --set prometheus.prometheusSpec.scrapeInterval="5s" --namespace monitoring
}


# Function to validate IP address in CIDR format
function is_valid_cidr() {
    local cidr=$1
    if [[ $cidr =~ ^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$ ]]; then
        return 0 # valid
    else
        return 1 # invalid
    fi
}

# Check for root privileges
if [ "$EUID" -ne 0 ]; then
    echo "Must run as sudo"
    exit 1
fi

while true; do
    read -p "Enter the type of Kubernetes component (AGENT or SERVER): " KUBETYPE
    if [ "$KUBETYPE" = "AGENT" ]; then
        echo "Proceeding with AGENT installation..."
        install_pre
        install_docker
        containerd_systemd_service
        install_kubeadm
        echo -e "${GREEN}Setup for worker node Completed${NC}"
        echo -e "${GREEN}***Join the cluster with the command generated in join_agent.sh file***${NC}"
        break
    elif [ "$KUBETYPE" = "SERVER" ]; then

        # Cluster Name
        read -p "Please enter the name of the cluster: " input_cluster_name
        if [ -z "$input_cluster_name" ]; then
            CLUSTER_NAME="kubernetes"
        else
            CLUSTER_NAME="$input_cluster_name"
        fi

        # Cluster ID
        while true; do
            read -p "Please enter the ID of the cluster (numeric only): " input_cluster_id
            if [ -z "$input_cluster_id" ]; then
                CLUSTER_ID="0"
                break
            elif [[ "$input_cluster_id" =~ ^[0-9]+$ ]]; then
                CLUSTER_ID="$input_cluster_id"
                break
            else
                echo -e "${RED}Error: Cluster ID must be a numeric value${NC}."
            fi
        done

        # Pod CIDR Network
        while true; do
            read -p "Enter the Pod CIDR Network (e.g., 10.244.0.0/16): " POD_CIDR
            if is_valid_cidr "$POD_CIDR"; then
                break
            else
                echo -e "${RED}Error: Invalid CIDR format. Please enter a valid CIDR (e.g., 10.244.0.0/16).${NC}"
            fi
        done

        # Service IP
        while true; do
            read -p "Enter the Service IP (e.g., 10.96.0.0/16): " SERVICE_IP
            if is_valid_cidr "$SERVICE_IP"; then
                break
            else
                echo -e "${RED}Error: Invalid CIDR format. Please enter a valid CIDR address (e.g., 10.96.0.0/16).${NC}"
            fi
        done

        echo "Proceeding with SERVER installation..."
            install_pre
            install_docker
            containerd_systemd_service
            install_kubeadm
            init_kubeadm
            kube_config_dir
            install_helm
            untaint_control_plane_node
            install_k8s_storageclass
            install_cilium
            install_prometheus
            install_hubble
            echo -e "${GREEN}Setup Completed${NC}"
            echo -e "${GREEN}***Use the kubeadm command generated in join_worker.sh file to add a worker in the cluster***${NC}"
            sudo kubeadm token create --print-join-command > join_worker.sh
        break
    else
        echo -e "${RED}Error: TYPE must be SERVER or AGENT${NC}"
    fi
done