From 0192e2793c3b26515cc14716e9f8dd71e63d56c0 Mon Sep 17 00:00:00 2001
From: Jimmy <me@jimmy.nz>
Date: Sun, 5 Sep 2021 08:11:36 +0000
Subject: [PATCH] Inital commit

---
 k8s/cloud-init.yaml | 53 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 k8s/cloud-init.yaml

diff --git a/k8s/cloud-init.yaml b/k8s/cloud-init.yaml
new file mode 100644
index 0000000..fd7c880
--- /dev/null
+++ b/k8s/cloud-init.yaml
@@ -0,0 +1,53 @@
+#cloud-config
+
+apt:
+  sources:
+    docker.list:
+      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
+      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
+    kubernetes.list:
+      source: deb [arch=amd64] https://apt.kubernetes.io kubernetes-xenial main
+      keyid: 7F92E05B31093BEF5A3C2D38FEEA9169307EA071
+
+packages:
+  - apt-transport-https
+  - ca-certificates
+  - curl
+  - gnupg-agent
+  - software-properties-common
+  - docker-ce
+  - docker-ce-cli
+  - containerd.io
+  - kubelet 
+  - kubeadm 
+  - kubectl
+
+# Enable ipv4 forwarding, required on CIS hardened machines
+write_files:
+  
+
+# create the docker group
+groups:
+  - docker
+
+# Add default auto created user to docker group
+system_info:
+  default_user:
+    groups: [docker]
+
+write_files:
+  - path: /etc/modules-load.d/k8s.conf
+   content: |
+    br_netfilter  
+ 
+  - path: /etc/sysctl.d/k8s.conf
+   content: |
+    net.bridge.bridge-nf-call-ip6tables = 1
+    net.bridge.bridge-nf-call-iptables = 1
+  - path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
+    content: |
+      net.ipv4.conf.all.forwarding=1
+
+runcmd:
+  - apt-mark hold kubelet kubeadm kubectl # pin kubelet kubeadm kubectl version
+  - sysctl --system # Reload settings from all system configuration files to take iptables configuration
\ No newline at end of file