53 lines
1.3 KiB
YAML
53 lines
1.3 KiB
YAML
#cloud-config
|
|
|
|
apt:
|
|
sources:
|
|
docker.list:
|
|
source: deb [arch=amd64] https://download.docker.com/linux/ubuntu $RELEASE stable
|
|
keyid: 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
|
kubernetes.list:
|
|
source: deb [arch=amd64] https://apt.kubernetes.io kubernetes-xenial main
|
|
keyid: 7F92E05B31093BEF5A3C2D38FEEA9169307EA071
|
|
|
|
packages:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg-agent
|
|
- software-properties-common
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- kubelet
|
|
- kubeadm
|
|
- kubectl
|
|
|
|
# Enable ipv4 forwarding, required on CIS hardened machines
|
|
write_files:
|
|
|
|
|
|
# create the docker group
|
|
groups:
|
|
- docker
|
|
|
|
# Add default auto created user to docker group
|
|
system_info:
|
|
default_user:
|
|
groups: [docker]
|
|
|
|
write_files:
|
|
- path: /etc/modules-load.d/k8s.conf
|
|
content: |
|
|
br_netfilter
|
|
|
|
- path: /etc/sysctl.d/k8s.conf
|
|
content: |
|
|
net.bridge.bridge-nf-call-ip6tables = 1
|
|
net.bridge.bridge-nf-call-iptables = 1
|
|
- path: /etc/sysctl.d/enabled_ipv4_forwarding.conf
|
|
content: |
|
|
net.ipv4.conf.all.forwarding=1
|
|
|
|
runcmd:
|
|
- apt-mark hold kubelet kubeadm kubectl # pin kubelet kubeadm kubectl version
|
|
- sysctl --system # Reload settings from all system configuration files to take iptables configuration |