Monday, August 18, 2025

Kubernetes - script for setting up master and worker

 


We’ll create two scripts:

1. k8s-node-setup.sh → run on all nodes (control-plane + workers)

2. k8s-master-init.sh → run only on the control-plane to initialize the cluster



1. k8s-node-setup.sh (all nodes)


This script prepares Ubuntu for Kubernetes, installs containerd, kubeadm, kubelet, kubectl.


#!/bin/bash

set -e


echo "[Step 0] Updating system..."

sudo apt-get update -y


echo "[Step 1] Disabling swap..."

sudo swapoff -a

sudo sed -ri '/\sswap\s/s/^/#/' /etc/fstab


echo "[Step 2] Loading kernel modules..."

cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf

overlay

br_netfilter

EOF


sudo modprobe overlay

sudo modprobe br_netfilter


echo "[Step 3] Setting sysctl params..."

cat <<EOF | sudo tee /etc/sysctl.d/kubernetes.conf

net.bridge.bridge-nf-call-iptables  = 1

net.bridge.bridge-nf-call-ip6tables = 1

net.ipv4.ip_forward                 = 1

EOF

sudo sysctl --system


echo "[Step 4] Installing containerd..."

sudo apt-get install -y containerd

sudo mkdir -p /etc/containerd

containerd config default | sudo tee /etc/containerd/config.toml >/dev/null

sudo sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml

sudo systemctl enable --now containerd

sudo systemctl restart containerd


echo "[Step 5] Installing kubeadm, kubelet, kubectl..."

sudo apt-get install -y apt-transport-https ca-certificates curl gpg

sudo mkdir -p /etc/apt/keyrings

curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.33/deb/Release.key \

  | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg


echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] \

https://pkgs.k8s.io/core:/stable:/v1.33/deb/ /" \

| sudo tee /etc/apt/sources.list.d/kubernetes.list


sudo apt-get update

sudo apt-get install -y kubelet kubeadm kubectl

sudo apt-mark hold kubelet kubeadm kubectl


echo "✅ Node prep complete. Ready for kubeadm init (control-plane) or join (workers)."




2. k8s-master-init.sh (control-plane only)

This initializes the control-plane with Calico networking.


#!/bin/bash

set -e


POD_CIDR="192.168.0.0/16"

API_ADVERTISE_IP=$(hostname -I | awk '{print $1}')


echo "[Step 1] Initializing Kubernetes control-plane..."

sudo kubeadm init \

  --pod-network-cidr=${POD_CIDR} \

  --apiserver-advertise-address=${API_ADVERTISE_IP}


echo "[Step 2] Setting up kubeconfig for current user..."

mkdir -p $HOME/.kube

sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config

sudo chown $(id -u):$(id -g) $HOME/.kube/config


echo "[Step 3] Installing Calico CNI..."

kubectl apply -f https://docs.projectcalico.org/manifests/tigera-operator.yaml

kubectl apply -f https://docs.projectcalico.org/manifests/custom-resources.yaml


echo "✅ Control-plane initialized. Workers can now join using the kubeadm join command printed above."


3. Worker join command

After running the master init script, copy the kubeadm join ... line that is printed and run it on each worker node.

If you need a new token later:


sudo kubeadm token create --print-join-command


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)