home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

microk8s.org (11135B)


      1 #+TITLE: microk8s
      2 
      3 [[https://microk8s.io/][=microk8s=]] is a lightweight version of [[file:kubernetes.org][Kubernetes]] done by [[file:canonical.org][Canonical]].
      4 
      5 * Setup on libvirt VMs
      6 :LOGBOOK:
      7 CLOCK: [2020-10-30 Fri 19:00]--[2020-10-31 Sat 00:20] =>  5:20
      8 CLOCK: [2020-10-30 Fri 16:58]--[2020-10-30 Fri 18:59] =>  2:01
      9 :END:
     10 
     11 #+begin_src text :mkdirp yes :tangle ../../ops/k8s/microk8s/ubnt1/preseed.cfg
     12 ### Localization
     13 # Locale sets language and country.
     14 d-i debian-installer/locale string en_US
     15 # Keyboard selection.
     16 d-i keyboard-configuration/layoutcode string fr
     17 d-i keyboard-configuration/modelcode string bepo
     18 d-i keyboard-configuration/variantcode string
     19 
     20 ### Network configuration
     21 # netcfg will choose an interface that has link if possible. This makes it
     22 # skip displaying a list if there is more than one interface.
     23 d-i netcfg/choose_interface select auto
     24 # Any hostname and domain names assigned from dhcp take precedence over
     25 # values set here. However, setting the values still prevents the questions
     26 # from being shown, even if values come from dhcp.
     27 d-i netcfg/get_hostname string ubnt1.home
     28 d-i netcfg/get_domain string home
     29 # Disable that annoying WEP key dialog.
     30 d-i netcfg/wireless_wep string
     31 
     32 ### Mirror settings
     33 d-i mirror/country string manual
     34 d-i mirror/http/hostname string us.archive.ubuntu.com
     35 d-i mirror/http/directory string /ubuntu
     36 d-i mirror/http/proxy string
     37 
     38 ### Partitioning
     39 # Encrypt your home directory?
     40 d-i user-setup/encrypt-home boolean false
     41 # Alternatively, you can specify a disk to partition. The device name
     42 # can be given in either devfs or traditional non-devfs format.
     43 d-i partman-auto/disk string /dev/vda
     44 # In addition, you'll need to specify the method to use.
     45 # The presently available methods are: "regular", "lvm" and "crypto"
     46 d-i partman-auto/method string regular
     47 # You can choose from any of the predefined partitioning recipes.
     48 d-i partman-auto/choose_recipe select atomic
     49 # This makes partman automatically partition without confirmation, provided
     50 # that you told it what to do using one of the methods above.
     51 d-i partman-partitioning/confirm_write_new_label boolean true
     52 d-i partman/choose_partition select finish
     53 d-i partman/confirm boolean true
     54 d-i partman/confirm_nooverwrite boolean true
     55 
     56 ### Clock and time zone setup
     57 # Controls whether or not the hardware clock is set to UTC.
     58 d-i clock-setup/utc boolean true
     59 # You may set this to any valid setting for $TZ; see the contents of
     60 # /usr/share/zoneinfo/ for valid values.
     61 d-i time/zone string Europe/Paris
     62 
     63 ### Account setup
     64 # Skip creation of a root account (normal user account will be able to
     65 # use sudo).
     66 d-i passwd/root-login boolean false
     67 
     68 # To create a normal user account.
     69 d-i passwd/user-fullname string Vincent
     70 d-i passwd/username string vincent
     71 # Normal user's password, either in clear text
     72 # or encrypted using an MD5 hash.
     73 d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/
     74 
     75 # This is fairly safe to set, it makes grub install automatically to the MBR
     76 # if no other operating system is detected on the machine.
     77 d-i grub-installer/only_debian boolean true
     78 
     79 ### Package selection
     80 d-i tasksel/first multiselect standard
     81 # Individual additional packages to install
     82 d-i pkgsel/include string openssh-server snapd
     83 
     84 ### Finishing up installation
     85 d-i preseed/late_command string \
     86     mkdir -p /target/home/vincent/.ssh; \
     87     wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \
     88     chown -R 1000 /target/home/vincent/; \
     89     chmod 600 /target/home/vincent/.ssh/authorized_keys; \
     90     mkdir -p /target/root/.ssh; \
     91     cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \
     92     chmod 600 /target/home/vincent/.ssh/authorized_keys; \
     93     echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \
     94     chmod 440 /target/etc/sudoers.d/vincent ;
     95 
     96 ### Finishing up the first stage install
     97 # Avoid that last message about the install being complete.
     98 d-i finish-install/reboot_in_progress note
     99 # How do you want to manage upgrades on this system?
    100 d-i pkgsel/update-policy select none
    101 #+end_src
    102 #+begin_src text :mkdirp yes :tangle ../../ops/k8s/microk8s/ubnt2/preseed.cfg
    103 ### Localization
    104 # Locale sets language and country.
    105 d-i debian-installer/locale string en_US
    106 # Keyboard selection.
    107 d-i keyboard-configuration/layoutcode string fr
    108 d-i keyboard-configuration/modelcode string bepo
    109 d-i keyboard-configuration/variantcode string
    110 
    111 ### Network configuration
    112 # netcfg will choose an interface that has link if possible. This makes it
    113 # skip displaying a list if there is more than one interface.
    114 d-i netcfg/choose_interface select auto
    115 # Any hostname and domain names assigned from dhcp take precedence over
    116 # values set here. However, setting the values still prevents the questions
    117 # from being shown, even if values come from dhcp.
    118 d-i netcfg/get_hostname string ubnt2.home
    119 d-i netcfg/get_domain string home
    120 # Disable that annoying WEP key dialog.
    121 d-i netcfg/wireless_wep string
    122 
    123 ### Mirror settings
    124 d-i mirror/country string manual
    125 d-i mirror/http/hostname string us.archive.ubuntu.com
    126 d-i mirror/http/directory string /ubuntu
    127 d-i mirror/http/proxy string
    128 
    129 ### Partitioning
    130 # Encrypt your home directory?
    131 d-i user-setup/encrypt-home boolean false
    132 # Alternatively, you can specify a disk to partition. The device name
    133 # can be given in either devfs or traditional non-devfs format.
    134 d-i partman-auto/disk string /dev/vda
    135 # In addition, you'll need to specify the method to use.
    136 # The presently available methods are: "regular", "lvm" and "crypto"
    137 d-i partman-auto/method string regular
    138 # You can choose from any of the predefined partitioning recipes.
    139 d-i partman-auto/choose_recipe select atomic
    140 # This makes partman automatically partition without confirmation, provided
    141 # that you told it what to do using one of the methods above.
    142 d-i partman-partitioning/confirm_write_new_label boolean true
    143 d-i partman/choose_partition select finish
    144 d-i partman/confirm boolean true
    145 d-i partman/confirm_nooverwrite boolean true
    146 
    147 ### Clock and time zone setup
    148 # Controls whether or not the hardware clock is set to UTC.
    149 d-i clock-setup/utc boolean true
    150 # You may set this to any valid setting for $TZ; see the contents of
    151 # /usr/share/zoneinfo/ for valid values.
    152 d-i time/zone string Europe/Paris
    153 
    154 ### Account setup
    155 # Skip creation of a root account (normal user account will be able to
    156 # use sudo).
    157 d-i passwd/root-login boolean false
    158 
    159 # To create a normal user account.
    160 d-i passwd/user-fullname string Vincent
    161 d-i passwd/username string vincent
    162 # Normal user's password, either in clear text
    163 # or encrypted using an MD5 hash.
    164 d-i passwd/user-password-crypted password $6$4Puk4u221EHgeLBK$gVYPwH3b6OW0Ic1aZUNYkSrFcfj6mbgigGenACVUVxnO3V6MKgV0mTq4COZGtoZLdlIhy1ggXLLEZaZT6Fnpm/
    165 
    166 # This is fairly safe to set, it makes grub install automatically to the MBR
    167 # if no other operating system is detected on the machine.
    168 d-i grub-installer/only_debian boolean true
    169 
    170 ### Package selection
    171 d-i tasksel/first multiselect standard
    172 # Individual additional packages to install
    173 d-i pkgsel/include string openssh-server snapd
    174 
    175 ### Finishing up installation
    176 d-i preseed/late_command string \
    177     mkdir -p /target/home/vincent/.ssh; \
    178     wget https://github.com/vdemeester.keys -O /target/home/vincent/.ssh/authorized_keys; \
    179     chown -R 1000 /target/home/vincent/; \
    180     chmod 600 /target/home/vincent/.ssh/authorized_keys; \
    181     mkdir -p /target/root/.ssh; \
    182     cp /target/home/vincent/.ssh/authorized_keys /target/root/.ssh; \
    183     chmod 600 /target/home/vincent/.ssh/authorized_keys; \
    184     echo 'vincent ALL=(ALL) NOPASSWD: ALL' > /target/etc/sudoers.d/vincent ; \
    185     chmod 440 /target/etc/sudoers.d/vincent
    186 ### Finishing up the first stage install
    187 # Avoid that last message about the install being complete.
    188 d-i finish-install/reboot_in_progress note
    189 # How do you want to manage upgrades on this system?
    190 d-i pkgsel/update-policy select none
    191 #+end_src
    192 
    193 #+begin_src bash :mkdirp yes :tangle ../../ops/k8s/microk8s/bootstrap.sh :tangle-mode (identity #o755)
    194 #!/usr/bin/env bash
    195 set -euxo pipefail
    196 QEMU_URI=${QEMU_URI:-qemu+ssh://wakasu.home/system}
    197 declare -A addrs=( ["ubnt1"]="30" ["ubnt2"]="31")
    198 
    199 token="$(pwgen -1 32)"
    200 
    201 bootstrap() {
    202     machine=$1
    203     virt-install --connect="${QEMU_URI}" \
    204       --name="${machine}" --vcpus=4 --ram=4192 \
    205       --disk path=/var/lib/libvirt/images/${machine}.qcow2,bus=virtio,size=120 \
    206       --network bridge=br1,mac.address=52:54:00:dd:a3:${addrs[${machine}]} \
    207       --os-variant ubuntu20.04 \
    208       --location 'http://archive.ubuntu.com/ubuntu/dists/focal/main/installer-amd64/' \
    209       --initrd-inject ${machine}/preseed.cfg \
    210       --video=vga \
    211       --wait=-1 \
    212       --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial'
    213 #      --graphics none \
    214 #      --console pty,target_type=serial \
    215 #      --extra-args 'ks=file:/preseed.cfg /console=ttyS0,115200n8 serial'
    216 }
    217 
    218 configure-ubnt1() {
    219     ssh -o "StrictHostKeyChecking=no" -t vincent@192.168.1.130 sudo snap install microk8s --classic --channel=1.22
    220     ssh -t root@192.168.1.130 microk8s status --wait-ready
    221     ssh -t root@192.168.1.130 usermod -a -G microk8s vincent
    222     ssh -t root@192.168.1.130 microk8s enable dns ingress storage registry rbac
    223     ssh -t root@192.168.1.130 mkdir -p /root/.kube
    224     # ssh -t root@192.168.1.130 microk8s config > /root/.kube/config.microk8s
    225     # FIXME: Parse the output to get the full url to join
    226     ssh -t root@192.168.1.130 microk8s add-node --token-ttl=-1 --token=${token}
    227 }
    228 
    229 configure-ubnt2() {
    230     ssh -o "StrictHostKeyChecking=no" -t root@192.168.1.131 sudo snap install microk8s --classic --channel=1.22
    231     ssh -t root@192.168.1.130 microk8s status --wait-ready
    232     ssh -t root@192.168.1.130 usermod -a -G microk8s vincent
    233     ssh -t root@192.168.1.131 microk8s join 192.168.1.130:250000/${token}
    234 }
    235 
    236 for m in ubnt*; do
    237     set +e
    238     virsh --connect="${QEMU_URI}" list | grep $m
    239     if [[ $? -gt 0 ]]; then
    240         set -e
    241         bootstrap $m
    242         echo "bootstrap machine $m"
    243         sleep 60
    244         configure-$m
    245     fi
    246 done
    247 
    248 #+end_src
    249 
    250 I need to move this into a git repository, it's gonna be better, maybe even in =~home=.
    251 
    252 ** References
    253 
    254 - [[https://pancho.dev/posts/multipass-microk8s-cluster/][Multipass Microk8s Cluster on Multiple Nodes | pancho.dev]]
    255 - [[https://dev.to/musabhusaini/remote-development-with-multi-node-microk8s-cluster-and-scaffold-4o1d][Remote development with multi-node MicroK8s cluster and Skaffold - DEV]]
    256 - [[https://microk8s.io/docs/clustering][MicroK8s - Clustering with MicroK8s]]
    257 - [[https://www.debuntu.org/how-to-unattended-ubuntu-deployment-over-network-page-5-preseed-file/][How-To: Unattended Ubuntu Deployment over Network — page 5 — Preseed File - Debuntu]]
    258 - [[https://agilesysadmin.wordpress.com/2013/09/09/simple-unattended-ubuntu-install-in-a-vm/][Simple unattended Ubuntu install in a VM | Agile sysadmin]]
    259 - [[https://www.cyberciti.biz/faq/how-to-install-kvm-on-ubuntu-20-04-lts-headless-server/][How to install KVM on Ubuntu 20.04 LTS Headless Server - nixCraft]]