Paul Bastide

Kube 1.25.2 on RHEL9 P10

  1. Update Hosts
9.0.90.0 ocp4daily70.ibm.com
9.0.90.1 ocp4daily98.ibm.com
  1. Setup the Subscription Manager
set +o history
export rhel_subscription_username="rhn-ee-xxxxx"
export rhel_subscription_password="xxxxx"
set -o history
subscription-manager register --username="${rhel_subscription_username}" --password="${rhel_subscription_password}"
subscription-manager refresh
  1. Disable the swap
sudo swapoff -a
  1. Install the libraries
yum install -y podman podman-remote socat runc
  1. Install the cri-o package
rpm -ivh https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/1.25:/1.25.0/Fedora_36/ppc64le/cri-o-1.25.0-2.1.fc36.ppc64le.rpm
  1. Enable podman socket
systemctl enable --now podman.socket
  1. Enable crio service
sudo systemctl enable crio
sudo systemctl start crio
  1. Disable selinux
sudo setenforce 0
sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config
  1. Download Release
export RELEASE=1.25
sudo curl -L --remote-name-all https://dl.k8s.io/v1.25.2/bin/linux/ppc64le/{kubeadm,kubelet,kubectl}
sudo chmod +x {kubeadm,kubelet,kubectl}
  1. Move files to /bin
mv kube* /bin/
  1. Add kubelet.service
RELEASE_VERSION="v0.14.0"
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubelet/lib/systemd/system/kubelet.service" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service
sudo mkdir -p /etc/systemd/system/kubelet.service.d
curl -sSL "https://raw.githubusercontent.com/kubernetes/release/${RELEASE_VERSION}/cmd/kubepkg/templates/latest/deb/kubeadm/10-kubeadm.conf" | sed "s:/usr/bin:${DOWNLOAD_DIR}:g" | sudo tee /etc/systemd/system/kubelet.service.d/10-kubeadm.conf
  1. Enable and start service
systemctl enable --now kubelet
systemctl start kubelet
  1. Update the cgroup settings
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
  1. Load the modules
sudo modprobe overlay
sudo modprobe br_netfilter
  1. sysctl params required by setup, params persist across reboots
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-iptables  = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward                 = 1
EOF
  1. Apply sysctl params without reboot
sudo sysctl --system
  1. Install libnetfilter and conntrack-tools
rpm -ivh http://mirror.stream.centos.org/9-stream/AppStream/ppc64le/os/Packages/libnetfilter_queue-1.0.5-1.el9.ppc64le.rpm
rpm -ivh http://mirror.stream.centos.org/9-stream/AppStream/ppc64le/os/Packages/libnetfilter_cttimeout-1.0.0-19.el9.ppc64le.rpm
rpm -ivh http://mirror.stream.centos.org/9-stream/AppStream/ppc64le/os/Packages/libnetfilter_cthelper-1.0.0-22.el9.ppc64le.rpm
rpm -ivh http://mirror.stream.centos.org/9-stream/AppStream/ppc64le/os/Packages/conntrack-tools-1.4.5-15.el9.ppc64le.rpm
  1. Copy Kubelet
cp /bin/kubelet /kubelet
  1. Edit crio.conf
/etc/crio/crio.conf

conmon_cgroup = "pod"
cgroup_manager = "systemd"
  1. Add the plugins:
curl -O https://github.com/containernetworking/plugins/releases/download/v1.1.1/cni-plugins-linux-ppc64le-v1.1.1.tgz -L
cp cni-plugins-linux-ppc64le-v1.1.1.tgz /opt/cni/bin
cd /opt/cni/bin
tar xvfz cni-plugins-linux-ppc64le-v1.1.1.tgz 
chmod +x /opt/cni/bin/*
cd ~
systemctl restart crio kubelet
  1. Download crictl
curl -L --remote-name-all https://github.com/kubernetes-sigs/cri-tools/releases/download/v1.25.0/crictl-v1.25.0-linux-ppc64le.tar.gz
tar xvfz crictl-v1.25.0-linux-ppc64le.tar.gz
chmod +x crictl
mv crictl /bin
  1. Create the kubeadm
kubeadm init --cri-socket=unix:///var/run/crio/crio.sock --pod-network-cidr=192.168.0.0/16
  1. Setup the configuration
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

  1. Manually copy over the .kube/config over to the worker node and do a kubeadm reset

  2. Download https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml

  3. Edit the containers to point to the right instance, per the notes in the yaml to the ppc64le manifests

  4. Update net-conf.json

  net-conf.json: |
    {
      "Network": "192.168.0.0/16",
      "Backend": {
        "Type": "vxlan"
      }
    }
  1. Join the Cluster
kubeadm join 9.0.90.1:6443 --token xbp7gy.9eem3bta75v0ccw8 \
        --discovery-token-ca-cert-hash sha256:a822342f231db2e730559b4962325a2c2c685d7fc440ae41987e123da47f9118
  1. Add role to the workers
kubectl label node ocp4daily70.ibm.com node-role.kubernetes.io/worker=worker

Posted

in

by

Paul

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.