blob: f3082445d1690140eb68ecd1ec98d7aae975977e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
#!/bin/bash
set -ex
ADMISSION_CONTROL="Initializers,NamespaceLifecycle,LimitRanger,ServiceAccount,DefaultStorageClass,DefaultTolerationSeconds,MutatingAdmissionWebhook,ValidatingAdmissionWebhook,NodeRestriction,ResourceQuota"
KUBE_APISERVER_CONF="/etc/kubernetes/manifests/kube-apiserver.yaml"
sudo kubeadm init --apiserver-advertise-address=192.168.1.10 --service-cidr=10.96.0.0/16 --pod-network-cidr=10.32.0.0/12 --token 8c5adc.1cec8dbf339093f0
mkdir ~/.kube
sudo cp /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
kubectl apply -f http://git.io/weave-kube-1.6
# Enable mutating webhook admission controller
# kube-apiserver will be automatically restarted by kubelet when its manifest file update.
# https://istio.io/docs/setup/kubernetes/sidecar-injection.html
sudo sed -i "s/admission-control=.*/admission-control=$ADMISSION_CONTROL/g" $KUBE_APISERVER_CONF
set +e
# wait for kube-apiserver restart
r="1"
while [ $r -ne "0" ]
do
sleep 2
kubectl version > /dev/null
r=$?
done
set -e
# check if admissionregistration.k8s.io/v1beta1 API is enabled
kubectl api-versions | grep admissionregistration
|
