-
Notifications
You must be signed in to change notification settings - Fork 3
/
create-cluster.sh
52 lines (48 loc) · 1.44 KB
/
create-cluster.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
cat > /etc/rancher/k3s/config.yaml <<EOF
disable: servicelb,metrics-server
EOF
curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=latest sh -
cat > /etc/sysctl.d/ports.conf <<EOF
net.ipv4.ip_unprivileged_port_start=0
EOF
cat > /var/lib/rancher/k3s/server/manifests/traefik-config.yaml <<EOF
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
additionalArguments:
- --certificatesresolvers.letsencrypt.acme.email=letsencrypt@dirbaio.net
- --certificatesresolvers.letsencrypt.acme.storage=/data/acme.json
- --certificatesresolvers.letsencrypt.acme.caserver=https://acme-v02.api.letsencrypt.org/directory
- --certificatesResolvers.letsencrypt.acme.tlschallenge=true
- --entrypoints.websecure.http.tls.certResolver=letsencrypt
- --entrypoints.web.http.redirections.entrypoint.to=websecure
- --entrypoints.web.http.redirections.entrypoint.scheme=https
- --log.level=DEBUG
- --accesslog=true
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 128Mi
storageClass: local-path
path: /data
annotations: {}
service:
enabled: false
hostNetwork: true
ports:
dns-udp:
port: 53
protocol: UDP
dns-tcp:
port: 53
web:
port: 80
websecure:
port: 443
EOF
# to upgrade, just rerun
# curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=latest sh -