#cloud-config

apt:
  sources:
    docker.list:
      source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
      keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
    kubernetes.list:
      source: deb [arch=amd64] https://apt.kubernetes.io kubernetes-xenial main
      keyid: 7F92E05B31093BEF5A3C2D38FEEA9169307EA071

packages:
  - apt-transport-https
  - ca-certificates
  - curl
  - gnupg-agent
  - software-properties-common
  - docker-ce
  - docker-ce-cli
  - containerd.io
  - kubelet 
  - kubeadm 
  - kubectl

# Enable ipv4 forwarding, required on CIS hardened machines
write_files:
  

# create the docker group
groups:
  - docker

# Add default auto created user to docker group
system_info:
  default_user:
    groups: [docker]

write_files:
  - path: /etc/modules-load.d/k8s.conf
   content: |
    br_netfilter  
 
  - path: /etc/sysctl.d/k8s.conf
   content: |
    net.bridge.bridge-nf-call-ip6tables = 1
    net.bridge.bridge-nf-call-iptables = 1
  - path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
    content: |
      net.ipv4.conf.all.forwarding=1

runcmd:
  - apt-mark hold kubelet kubeadm kubectl # pin kubelet kubeadm kubectl version
  - sysctl --system # Reload settings from all system configuration files to take iptables configuration