#!/bin/bash # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -ex : "${HELM_VERSION:="v3.6.3"}" : "${KUBE_VERSION:="v1.26.3"}" : "${CRICTL_VERSION:="v1.26.0"}" : "${CRI_DOCKERD_VERSION:="v0.3.1"}" : "${CRI_DOCKERD_PACKAGE_VERSION:="0.3.1.3-0.ubuntu-focal"}" : "${MINIKUBE_VERSION:="v1.29.0"}" : "${CALICO_VERSION:="v3.25"}" : "${CORE_DNS_VERSION:="v1.9.4"}" : "${YQ_VERSION:="v4.6.0"}" : "${KUBE_DNS_IP="10.96.0.10"}" export DEBCONF_NONINTERACTIVE_SEEN=true export DEBIAN_FRONTEND=noninteractive sudo swapoff -a echo "DefaultLimitMEMLOCK=16384" | sudo tee -a /etc/systemd/system.conf sudo systemctl daemon-reexec function configure_resolvconf { # here with systemd-resolved disabled, we'll have 2 separate resolv.conf # 1 - /run/systemd/resolve/resolv.conf automatically passed by minikube # to coredns via kubelet.resolv-conf extra param # 2 - /etc/resolv.conf - to be used for resolution on host kube_dns_ip="${KUBE_DNS_IP}" # keep all nameservers from both resolv.conf excluding local addresses old_ns=$(grep -P --no-filename "^nameserver\s+(?!127\.0\.0\.|${kube_dns_ip})" \ /etc/resolv.conf /run/systemd/resolve/resolv.conf | sort | uniq) if [[ -f "/run/systemd/resolve/resolv.conf" ]]; then sudo cp --remove-destination /run/systemd/resolve/resolv.conf /etc/resolv.conf fi sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved # Remove localhost as a nameserver, since we stopped systemd-resolved sudo sed -i "/^nameserver\s\+127.*/d" /etc/resolv.conf # Insert kube DNS as first nameserver instead of entirely overwriting /etc/resolv.conf grep -q "nameserver ${kube_dns_ip}" /etc/resolv.conf || \ sudo sed -i -e "1inameserver ${kube_dns_ip}" /etc/resolv.conf local dns_servers if [ -z "${HTTP_PROXY}" ]; then dns_servers="nameserver 8.8.8.8\nnameserver 8.8.4.4\n" else dns_servers="${old_ns}" fi grep -q "${dns_servers}" /etc/resolv.conf || \ echo -e ${dns_servers} | sudo tee -a /etc/resolv.conf grep -q "${dns_servers}" /run/systemd/resolve/resolv.conf || \ echo -e ${dns_servers} | sudo tee /run/systemd/resolve/resolv.conf local search_options='search svc.cluster.local cluster.local' grep -q "${search_options}" /etc/resolv.conf || \ echo "${search_options}" | sudo tee -a /etc/resolv.conf grep -q "${search_options}" /run/systemd/resolve/resolv.conf || \ echo "${search_options}" | sudo tee -a /run/systemd/resolve/resolv.conf local dns_options='options ndots:5 timeout:1 attempts:1' grep -q "${dns_options}" /etc/resolv.conf || \ echo ${dns_options} | sudo tee -a /etc/resolv.conf grep -q "${dns_options}" /run/systemd/resolve/resolv.conf || \ echo ${dns_options} | sudo tee -a /run/systemd/resolve/resolv.conf } # NOTE: Clean Up hosts file sudo sed -i '/^127.0.0.1/c\127.0.0.1 localhost localhost.localdomain localhost4localhost4.localdomain4' /etc/hosts sudo sed -i '/^::1/c\::1 localhost6 localhost6.localdomain6' /etc/hosts if ! grep -qF "127.0.1.1" /etc/hosts; then echo "127.0.1.1 $(hostname)" | sudo tee -a /etc/hosts fi configure_resolvconf # shellcheck disable=SC1091 . /etc/os-release # NOTE: Add docker repo curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - sudo apt-key fingerprint 0EBFCD88 sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable" # NOTE: Configure docker docker_resolv="/run/systemd/resolve/resolv.conf" docker_dns_list="$(awk '/^nameserver/ { printf "%s%s",sep,"\"" $NF "\""; sep=", "} END{print ""}' "${docker_resolv}")" sudo -E mkdir -p /etc/docker sudo -E tee /etc/docker/daemon.json <& /dev/null; then echo k8s DNS Failure. Are you sure you disabled systemd-resolved before running this script? exit 1 fi # Remove stable repo, if present, to improve build time helm repo remove stable || true # Add labels to the core namespaces & nodes kubectl label --overwrite namespace default name=default kubectl label --overwrite namespace kube-system name=kube-system kubectl label --overwrite namespace kube-public name=kube-public kubectl label --overwrite nodes --all openstack-control-plane=enabled kubectl label --overwrite nodes --all openstack-compute-node=enabled kubectl label --overwrite nodes --all openvswitch=enabled kubectl label --overwrite nodes --all linuxbridge=enabled kubectl label --overwrite nodes --all ceph-mon=enabled kubectl label --overwrite nodes --all ceph-osd=enabled kubectl label --overwrite nodes --all ceph-mds=enabled kubectl label --overwrite nodes --all ceph-rgw=enabled kubectl label --overwrite nodes --all ceph-mgr=enabled for NAMESPACE in ceph openstack osh-infra; do tee /tmp/${NAMESPACE}-ns.yaml << EOF apiVersion: v1 kind: Namespace metadata: labels: kubernetes.io/metadata.name: ${NAMESPACE} name: ${NAMESPACE} name: ${NAMESPACE} EOF kubectl apply -f /tmp/${NAMESPACE}-ns.yaml done # Update CoreDNS and enable recursive queries PATCH=$(mktemp) kubectl get configmap coredns -n kube-system -o json | jq -r "{data: .data}" | sed 's/ready\\n/header \{\\n response set ra\\n \}\\n ready\\n/g' > "${PATCH}" kubectl patch configmap coredns -n kube-system --patch-file "${PATCH}" kubectl set image deployment coredns -n kube-system "coredns=registry.k8s.io/coredns/coredns:${CORE_DNS_VERSION}" rm -f "${PATCH}" kubectl rollout restart -n kube-system deployment/coredns make all