LXD
Getting started
Create profile
Profile:
config:
limits.cpu: "2"
limits.memory: 2GB
limits.memory.swap: "false"
linux.kernel_modules: ip_tables,ip6_tables,nf_nat,overlay,br_netfilter
raw.lxc: "lxc.apparmor.profile=unconfined\nlxc.cap.drop= \nlxc.cgroup.devices.allow=a\nlxc.mount.auto=proc:rw
sys:rw"
security.privileged: "true"
security.nesting: "true"
description: LXD profile for Kubernetes
devices:
eth0:
name: eth0
nictype: bridged
parent: lxdbr0
type: nic
kmsg:
path: /dev/kmsg
source: /dev/kmsg
type: unix-char
root:
path: /
pool: lxd
type: disk
name: k8s
used_by: []
Create profile:
lxc profile create k8s
cat k8s-profile-config | lxc profile edit k8s
lxc profile list
Create zfs pool and lxd storage configuration
Ref: https://documentation.ubuntu.com/lxd/en/stable-4.0/storage/#zfs
sudo zpool create lxd-pool mirror /dev/sdc /dev/sdb -f
lxc storage create lxd-pool zfs source=lxd-pool
lxc storage show lxd
Create lxd container from profile
lxc launch ubuntu:22.04 kmaster --profile k8s
Using container
cat bootstrap-kube.sh | lxc exec kmaster bash
k8s init
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install -qq -y net-tools curl ssh software-properties-common
apt-get install -qq -y apt-transport-https ca-certificates curl gnupg lsb-release
mkdir -p /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) stable" > /etc/apt/sources.list.d/docker.list
apt-get update -qq
apt-get install -qq -y containerd.io
containerd config default > /etc/containerd/config.toml
sed -i 's/SystemdCgroup \= false/SystemdCgroup \= true/g' /etc/containerd/config.toml
systemctl restart containerd
systemctl enable containerd
curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.29/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.29/deb/ /' > /etc/apt/sources.list.d/kubernetes.list
apt-get update -qq
apt-get install -qq -y kubeadm kubelet kubectl
echo 'KUBELET_EXTRA_ARGS="--fail-swap-on=false"' > /etc/default/kubelet
systemctl restart kubelet
sed -i 's/^PasswordAuthentication .*/PasswordAuthentication yes/' /etc/ssh/sshd_config
echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
systemctl reload sshd
echo -e "kubeadmin\nkubeadmin" | passwd root
echo "export TERM=xterm" >> /etc/bash.bashrc
Only on master
kubeadm config images pull
kubeadm init --pod-network-cidr=192.168.0.0/16 --ignore-preflight-errors=all
mkdir /root/.kube
cp /etc/kubernetes/admin.conf /root/.kube/config
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/tigera-operator.yaml
kubectl create -f https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/custom-resources.yaml
kubeadm token create --print-join-command
echo "$joinCommand --ignore-preflight-errors=all" > /joincluster.sh
# If failed, try again with:
sudo kubeadm reset
Init container
lxd init --minimal
lxc image list ubuntu:
lxc launch ubuntu:22.04 first
lxc launch ubuntu:22.04 second
GUI
snap install --channel=stable lxd
snap set lxd ui.enable=true
lxc config set core.https_address :8443
systemctl reload snap.lxd.daemon
# Generate new