#!/bin/bash yum update -y cat < /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg EOF yum install docker kubelet-1.9.3 kubeadm-1.9.3 kubectl-1.9.3 -y systemctl enable docker kubelet systemctl start docker kubelet sed s/SELINUX=enforcing/SELINUX=permissive/ /etc/selinux/config -i setenforce 0 grep KUBECONFIG /root/.bashrc || echo "export KUBECONFIG=/etc/kubernetes/admin.conf" >> /root/.bashrc export KUBECONFIG=/etc/kubernetes/admin.conf cat < /etc/kubernetes/manifests/etcd.yaml apiVersion: v1 kind: Pod metadata: name: etcd-tls namespace: kube-system spec: hostNetwork: true containers: - name: etcd command: - etcd - --name=\$(NODE_NAME) - --data-dir=/var/lib/etcd/ - --wal-dir=/var/lib/etcd/wal/ - --listen-peer-urls=https://0.0.0.0:7001 - --listen-client-urls=https://0.0.0.0:2379 - --advertise-client-urls=https://\$(NODE_NAME):2379 - --initial-advertise-peer-urls=https://\$(NODE_NAME):7001 - --initial-cluster=\$(NODE_NAME)=https://\$(NODE_NAME):7001 - --initial-cluster-state=new - --client-cert-auth=true - --peer-client-cert-auth=true - --peer-auto-tls=true - --trusted-ca-file=/etc/kubernetes/pki/ca.crt - --cert-file=/etc/kubernetes/pki/apiserver.crt - --key-file=/etc/kubernetes/pki/apiserver.key image: gcr.io/google_containers/etcd-amd64:3.0.17 env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName livenessProbe: failureThreshold: 8 tcpSocket: port: 2379 initialDelaySeconds: 15 timeoutSeconds: 15 volumeMounts: - mountPath: /var/lib/etcd name: etcd - mountPath: /etc/kubernetes/ name: k8s readOnly: true securityContext: seLinuxOptions: type: spc_t volumes: - hostPath: path: /var/lib/etcd name: etcd - hostPath: path: /etc/kubernetes name: k8s EOF cat < kubeadmin_conf.yaml apiVersion: kubeadm.k8s.io/v1alpha1 kind: MasterConfiguration kubernetesVersion: $(kubeadm version -o short) networking: podSubnet: 10.240.0.0/13 serviceSubnet: 10.255.0.0/22 etcd: endpoints: - https://$HOSTNAME:2379 caFile: /etc/kubernetes/pki/ca.crt certFile: /etc/kubernetes/pki/apiserver-kubelet-client.crt keyFile: /etc/kubernetes/pki/apiserver-kubelet-client.key EOF kubeadm init --config ./kubeadmin_conf.yaml --skip-preflight-checks kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/v0.10.0/Documentation/kube-flannel.yml