home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

commit 487c720309446d7e5731a51ceef5c0e3f15d3bcc
parent dddbe0304598f0a3e5757dc23c69ab89a0760bb7
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Fri, 25 Feb 2022 17:33:16 +0100

docs: add microk8s doc and generated files

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Adocs/kubernetes/microk8s.org | 260+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Adocs/kubernetes/microk8s/bootstrap.sh | 53+++++++++++++++++++++++++++++++++++++++++++++++++++++
Adocs/kubernetes/microk8s/ubnt1/preseed.cfg | 89+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Adocs/kubernetes/microk8s/ubnt2/preseed.cfg | 88+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
4 files changed, 490 insertions(+), 0 deletions(-)

diff --git a/docs/kubernetes/microk8s.org b/docs/kubernetes/microk8s.org @@ -0,0 +1,260 @@ + +#+TITLE: microk8s + +[[https://microk8s.io/][=microk8s=]] is a lightweight version of [[file:kubernetes.org][Kubernetes]] done by [[file:canonical.org][Canonical]]. + +* Setup on libvirt VMs +:LOGBOOK: +CLOCK: [2020-10-30 Fri 19:00]--[2020-10-31 Sat 00:20] => 5:20 +CLOCK: [2020-10-30 Fri 16:58]--[2020-10-30 Fri 18:59] => 2:01 +:END: + +#+begin_src text :tangle ./microk8s/ubnt1/preseed.cfg +### Localization +# Locale sets language and country. +d-i debian-installer/locale string en_US +# Keyboard selection. +d-i keyboard-configuration/layoutcode string fr +d-i keyboard-configuration/modelcode string bepo +d-i keyboard-configuration/variantcode string + +### Network configuration +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string ubnt1 +d-i netcfg/get_domain string home +# Disable that annoying WEP key dialog. +d-i netcfg/wireless_wep string + +### Mirror settings +d-i mirror/country string manual +d-i mirror/http/hostname string us.archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + +### Partitioning +# Encrypt your home directory? +d-i user-setup/encrypt-home boolean false +# Alternatively, you can specify a disk to partition. The device name +# can be given in either devfs or traditional non-devfs format. +d-i partman-auto/disk string /dev/vda +# In addition, you'll need to specify the method to use. +# The presently available methods are: "regular", "lvm" and "crypto" +d-i partman-auto/method string regular +# You can choose from any of the predefined partitioning recipes. +d-i partman-auto/choose_recipe select atomic +# This makes partman automatically partition without confirmation, provided +# that you told it what to do using one of the methods above. +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string Europe/Paris + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). +d-i passwd/root-login boolean false + +# To create a normal user account. +d-i passwd/user-fullname string Vincent +d-i passwd/username string vincent +# Normal user's password, either in clear text +# or encrypted using an MD5 hash. +d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/ + +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +d-i grub-installer/only_debian boolean true + +### Package selection +d-i tasksel/first multiselect standard +# Individual additional packages to install +d-i pkgsel/include string openssh-server snapd + +### Finishing up installation +d-i preseed/late_command string \ + mkdir -p /target/home/vincent/.ssh; \ + wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \ + chown -R 1000 /target/home/vincent/; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + mkdir -p /target/root/.ssh; \ + cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \ + chmod 440 /target/etc/sudoers.d/vincent ; + +### Finishing up the first stage install +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note +# How do you want to manage upgrades on this system? +d-i pkgsel/update-policy select none +#+end_src +#+begin_src text :tangle ./microk8s/ubnt2/preseed.cfg +### Localization +# Locale sets language and country. +d-i debian-installer/locale string en_US +# Keyboard selection. +d-i keyboard-configuration/layoutcode string fr +d-i keyboard-configuration/modelcode string bepo +d-i keyboard-configuration/variantcode string + +### Network configuration +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string ubnt2 +d-i netcfg/get_domain string home +# Disable that annoying WEP key dialog. +d-i netcfg/wireless_wep string + +### Mirror settings +d-i mirror/country string manual +d-i mirror/http/hostname string us.archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + +### Partitioning +# Encrypt your home directory? +d-i user-setup/encrypt-home boolean false +# Alternatively, you can specify a disk to partition. The device name +# can be given in either devfs or traditional non-devfs format. +d-i partman-auto/disk string /dev/vda +# In addition, you'll need to specify the method to use. +# The presently available methods are: "regular", "lvm" and "crypto" +d-i partman-auto/method string regular +# You can choose from any of the predefined partitioning recipes. +d-i partman-auto/choose_recipe select atomic +# This makes partman automatically partition without confirmation, provided +# that you told it what to do using one of the methods above. +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string Europe/Paris + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). +d-i passwd/root-login boolean false + +# To create a normal user account. +d-i passwd/user-fullname string Vincent +d-i passwd/username string vincent +# Normal user's password, either in clear text +# or encrypted using an MD5 hash. +d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/ + +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +d-i grub-installer/only_debian boolean true + +### Package selection +d-i tasksel/first multiselect standard +# Individual additional packages to install +d-i pkgsel/include string openssh-server snapd + +### Finishing up installation +d-i preseed/late_command string \ + mkdir -p /target/home/vincent/.ssh; \ + wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \ + chown -R 1000 /target/home/vincent/; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + mkdir -p /target/root/.ssh; \ + cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \ + chmod 440 /target/etc/sudoers.d/vincent +### Finishing up the first stage install +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note +# How do you want to manage upgrades on this system? +d-i pkgsel/update-policy select none +#+end_src + +#+begin_src bash :dir ./microk8s :tangle ./microk8s/bootstrap.sh :tangle-mode (identity #o755) +#!/usr/bin/env bash +set -euxo pipefail +QEMU_URI=${QEMU_URI:-qemu+ssh://wakasu.home/system} +declare -A addrs=( ["ubnt1"]="30" ["ubnt2"]="31") + +token="$(pwgen -1 32)" + +bootstrap() { + machine=$1 + virt-install --connect="${QEMU_URI}" \ + --name="${machine}" --vcpus=4 --ram=4192 \ + --disk path=/var/lib/libvirt/images/${machine}.qcow2,bus=virtio,size=120 \ + --network bridge=br1,mac.address=52:54:00:dd:a3:${addrs[${machine}]} \ + --os-variant ubuntu20.04 \ + --location 'http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/' \ + --initrd-inject ${machine}/preseed.cfg \ + --video=vga \ + --wait=-1 \ + --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial' +# --graphics none \ +# --console pty,target_type=serial \ +# --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial' +} + +configure-ubnt1() { + ssh -o "StrictHostKeyChecking=no" -t vincent@192.168.1.130 sudo snap install microk8s --classic --channel=1.22 + ssh -t root@192.168.1.130 microk8s status --wait-ready + ssh -t root@192.168.1.130 usermod -a -G microk8s vincent + ssh -t root@192.168.1.130 microk8s enable dns ingress storage registry rbac + ssh -t root@192.168.1.130 mkdir -p /root/.kube + # ssh -t root@192.168.1.130 microk8s config > /root/.kube/config.microk8s + # FIXME: Parse the output to get the full url to join + ssh -t root@192.168.1.130 microk8s add-node --token-ttl=-1 --token=${token} +} + +configure-ubnt2() { + ssh -o "StrictHostKeyChecking=no" -t root@192.168.1.131 sudo snap install microk8s --classic --channel=1.22 + ssh -t root@192.168.1.130 microk8s status --wait-ready + ssh -t root@192.168.1.130 usermod -a -G microk8s vincent + ssh -t root@192.168.1.131 microk8s join 192.168.1.130:250000/${token} +} + +for m in ubnt*; do + set +e + virsh --connect="${QEMU_URI}" list | grep $m + if [[ $? -gt 0 ]]; then + set -e + bootstrap $m + echo "bootstrap machine $m" + sleep 60 + configure-$m + fi +done + +#+end_src + +I need to move this into a git repository, it's gonna be better, maybe even in =~home=. + +** References + +- [[https://pancho.dev/posts/multipass-microk8s-cluster/][Multipass Microk8s Cluster on Multiple Nodes | pancho.dev]] +- [[https://dev.to/musabhusaini/remote-development-with-multi-node-microk8s-cluster-and-scaffold-4o1d][Remote development with multi-node MicroK8s cluster and Skaffold - DEV]] +- [[https://microk8s.io/docs/clustering][MicroK8s - Clustering with MicroK8s]] +- [[https://www.debuntu.org/how-to-unattended-ubuntu-deployment-over-network-page-5-preseed-file/][How-To: Unattended Ubuntu Deployment over Network — page 5 — Preseed File - Debuntu]] +- [[https://agilesysadmin.wordpress.com/2013/09/09/simple-unattended-ubuntu-install-in-a-vm/][Simple unattended Ubuntu install in a VM | Agile sysadmin]] +- [[https://www.cyberciti.biz/faq/how-to-install-kvm-on-ubuntu-20-04-lts-headless-server/][How to install KVM on Ubuntu 20.04 LTS Headless Server - nixCraft]] diff --git a/docs/kubernetes/microk8s/bootstrap.sh b/docs/kubernetes/microk8s/bootstrap.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash +set -euxo pipefail +QEMU_URI=${QEMU_URI:-qemu+ssh://wakasu.home/system} +declare -A addrs=( ["ubnt1"]="30" ["ubnt2"]="31") + +token="$(pwgen -1 32)" + +bootstrap() { + machine=$1 + virt-install --connect="${QEMU_URI}" \ + --name="${machine}" --vcpus=4 --ram=4192 \ + --disk path=/var/lib/libvirt/images/${machine}.qcow2,bus=virtio,size=120 \ + --network bridge=br1,mac.address=52:54:00:dd:a3:${addrs[${machine}]} \ + --os-variant ubuntu20.04 \ + --location 'http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/' \ + --initrd-inject ${machine}/preseed.cfg \ + --video=vga \ + --wait=-1 \ + --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial' +# --graphics none \ +# --console pty,target_type=serial \ +# --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial' +} + +configure-ubnt1() { + ssh -o "StrictHostKeyChecking=no" -t vincent@192.168.1.130 sudo snap install microk8s --classic --channel=1.22 + ssh -t root@192.168.1.130 microk8s status --wait-ready + ssh -t root@192.168.1.130 usermod -a -G microk8s vincent + ssh -t root@192.168.1.130 microk8s enable dns ingress storage registry rbac + ssh -t root@192.168.1.130 mkdir -p /root/.kube + # ssh -t root@192.168.1.130 microk8s config > /root/.kube/config.microk8s + # FIXME: Parse the output to get the full url to join + ssh -t root@192.168.1.130 microk8s add-node --token-ttl=-1 --token=${token} +} + +configure-ubnt2() { + ssh -o "StrictHostKeyChecking=no" -t root@192.168.1.131 sudo snap install microk8s --classic --channel=1.22 + ssh -t root@192.168.1.130 microk8s status --wait-ready + ssh -t root@192.168.1.130 usermod -a -G microk8s vincent + ssh -t root@192.168.1.131 microk8s join 192.168.1.130:250000/${token} +} + +for m in ubnt*; do + set +e + virsh --connect="${QEMU_URI}" list | grep $m + if [[ $? -gt 0 ]]; then + set -e + bootstrap $m + echo "bootstrap machine $m" + sleep 60 + configure-$m + fi +done diff --git a/docs/kubernetes/microk8s/ubnt1/preseed.cfg b/docs/kubernetes/microk8s/ubnt1/preseed.cfg @@ -0,0 +1,89 @@ +### Localization +# Locale sets language and country. +d-i debian-installer/locale string en_US +# Keyboard selection. +d-i keyboard-configuration/layoutcode string fr +d-i keyboard-configuration/modelcode string bepo +d-i keyboard-configuration/variantcode string + +### Network configuration +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string ubnt1 +d-i netcfg/get_domain string home +# Disable that annoying WEP key dialog. +d-i netcfg/wireless_wep string + +### Mirror settings +d-i mirror/country string manual +d-i mirror/http/hostname string us.archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + +### Partitioning +# Encrypt your home directory? +d-i user-setup/encrypt-home boolean false +# Alternatively, you can specify a disk to partition. The device name +# can be given in either devfs or traditional non-devfs format. +d-i partman-auto/disk string /dev/vda +# In addition, you'll need to specify the method to use. +# The presently available methods are: "regular", "lvm" and "crypto" +d-i partman-auto/method string regular +# You can choose from any of the predefined partitioning recipes. +d-i partman-auto/choose_recipe select atomic +# This makes partman automatically partition without confirmation, provided +# that you told it what to do using one of the methods above. +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string Europe/Paris + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). +d-i passwd/root-login boolean false + +# To create a normal user account. +d-i passwd/user-fullname string Vincent +d-i passwd/username string vincent +# Normal user's password, either in clear text +# or encrypted using an MD5 hash. +d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/ + +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +d-i grub-installer/only_debian boolean true + +### Package selection +d-i tasksel/first multiselect standard +# Individual additional packages to install +d-i pkgsel/include string openssh-server snapd + +### Finishing up installation +d-i preseed/late_command string \ + mkdir -p /target/home/vincent/.ssh; \ + wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \ + chown -R 1000 /target/home/vincent/; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + mkdir -p /target/root/.ssh; \ + cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \ + chmod 440 /target/etc/sudoers.d/vincent ; + +### Finishing up the first stage install +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note +# How do you want to manage upgrades on this system? +d-i pkgsel/update-policy select none diff --git a/docs/kubernetes/microk8s/ubnt2/preseed.cfg b/docs/kubernetes/microk8s/ubnt2/preseed.cfg @@ -0,0 +1,88 @@ +### Localization +# Locale sets language and country. +d-i debian-installer/locale string en_US +# Keyboard selection. +d-i keyboard-configuration/layoutcode string fr +d-i keyboard-configuration/modelcode string bepo +d-i keyboard-configuration/variantcode string + +### Network configuration +# netcfg will choose an interface that has link if possible. This makes it +# skip displaying a list if there is more than one interface. +d-i netcfg/choose_interface select auto +# Any hostname and domain names assigned from dhcp take precedence over +# values set here. However, setting the values still prevents the questions +# from being shown, even if values come from dhcp. +d-i netcfg/get_hostname string ubnt2 +d-i netcfg/get_domain string home +# Disable that annoying WEP key dialog. +d-i netcfg/wireless_wep string + +### Mirror settings +d-i mirror/country string manual +d-i mirror/http/hostname string us.archive.ubuntu.com +d-i mirror/http/directory string /ubuntu +d-i mirror/http/proxy string + +### Partitioning +# Encrypt your home directory? +d-i user-setup/encrypt-home boolean false +# Alternatively, you can specify a disk to partition. The device name +# can be given in either devfs or traditional non-devfs format. +d-i partman-auto/disk string /dev/vda +# In addition, you'll need to specify the method to use. +# The presently available methods are: "regular", "lvm" and "crypto" +d-i partman-auto/method string regular +# You can choose from any of the predefined partitioning recipes. +d-i partman-auto/choose_recipe select atomic +# This makes partman automatically partition without confirmation, provided +# that you told it what to do using one of the methods above. +d-i partman-partitioning/confirm_write_new_label boolean true +d-i partman/choose_partition select finish +d-i partman/confirm boolean true +d-i partman/confirm_nooverwrite boolean true + +### Clock and time zone setup +# Controls whether or not the hardware clock is set to UTC. +d-i clock-setup/utc boolean true +# You may set this to any valid setting for $TZ; see the contents of +# /usr/share/zoneinfo/ for valid values. +d-i time/zone string Europe/Paris + +### Account setup +# Skip creation of a root account (normal user account will be able to +# use sudo). +d-i passwd/root-login boolean false + +# To create a normal user account. +d-i passwd/user-fullname string Vincent +d-i passwd/username string vincent +# Normal user's password, either in clear text +# or encrypted using an MD5 hash. +d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/ + +# This is fairly safe to set, it makes grub install automatically to the MBR +# if no other operating system is detected on the machine. +d-i grub-installer/only_debian boolean true + +### Package selection +d-i tasksel/first multiselect standard +# Individual additional packages to install +d-i pkgsel/include string openssh-server snapd + +### Finishing up installation +d-i preseed/late_command string \ + mkdir -p /target/home/vincent/.ssh; \ + wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \ + chown -R 1000 /target/home/vincent/; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + mkdir -p /target/root/.ssh; \ + cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \ + chmod 600 /target/home/vincent/.ssh/authorized_keys; \ + echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \ + chmod 440 /target/etc/sudoers.d/vincent +### Finishing up the first stage install +# Avoid that last message about the install being complete. +d-i finish-install/reboot_in_progress note +# How do you want to manage upgrades on this system? +d-i pkgsel/update-policy select none