Initial version for k8s from scratch with packer and vagrant.

.gitignore

@@ -0,0 +1,4 @@
+output-vagrant
+*~
+.git
+.vagrant

image/box.json

@@ -0,0 +1,18 @@
+{
+  "provisioners": [
+    {
+      "type": "shell",
+      "execute_command": "echo 'vagrant' | {{.Vars}} sudo -S -E bash '{{.Path}}'",
+      "script": "scripts/setup.sh"
+    }
+  ],
+  "builders": [
+    {
+      "communicator": "ssh",
+      "source_path": "debian/bullseye64",
+      "provider": "virtualbox",
+      "add_force": true,
+      "type": "vagrant"
+    }
+  ]
+}

image/scripts/setup.sh

@@ -0,0 +1,63 @@
+#!/bin/sh
+
+apt-get update
+apt-get install -y vim
+
+cat << EOF | tee /etc/modules-load.d/k8s.conf
+
+overlay
+br_netfilter
+
+EOF
+
+modprobe overlay
+modprobe br_netfilter
+
+cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
+
+net.bridge.bridge-nf-call-iptables  = 1
+net.bridge.bridge-nf-call-ip6tables = 1
+net.ipv4.ip_forward                 = 1
+
+EOF
+
+sysctl --system
+
+cd /tmp
+
+test -f containerd-1.7.11-linux-amd64.tar.gz || wget https://github.com/containerd/containerd/releases/download/v1.7.11/containerd-1.7.11-linux-amd64.tar.gz
+tar Cxzvf /usr/local containerd-1.7.11-linux-amd64.tar.gz
+
+mkdir -p /etc/containerd
+containerd config default > config.toml
+cp config.toml /etc/containerd
+
+test -f containerd.service || wget https://raw.githubusercontent.com/containerd/containerd/main/containerd.service
+cp containerd.service /etc/systemd/system/
+systemctl daemon-reload
+systemctl enable --now containerd
+
+test -f runc.amd64 || wget https://github.com/opencontainers/runc/releases/download/v1.1.10/runc.amd64
+install -m 755 runc.amd64 /usr/local/sbin/runc
+
+test -f cni-plugins-linux-amd64-v1.4.0.tgz || wget https://github.com/containernetworking/plugins/releases/download/v1.4.0/cni-plugins-linux-amd64-v1.4.0.tgz
+mkdir -p /opt/cni/bin
+tar Cxzvf /opt/cni/bin cni-plugins-linux-amd64-v1.4.0.tgz
+
+sed -i.bak "s/SystemdCgroup.*$/SystemdCgroup = true/g" /etc/containerd/config.toml
+
+systemctl restart containerd
+
+apt-get update
+apt-get install -y apt-transport-https ca-certificates curl gpg
+
+mkdir -p /etc/apt/keyrings
+test -f /etc/apt/keyrings/kubernetes-apt-keyring.gpg || ( curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.28/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg )
+
+echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.28/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
+apt-get update
+apt-get install -y kubelet=1.28.4-1.1 kubeadm=1.28.4-1.1 kubectl=1.28.4-1.1
+
+swapoff -a
+
+sed -i.bak -E "s/^.*swap.*//g" /etc/fstab

master/Vagrantfile

@@ -0,0 +1,91 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "k8s-playground"
+
+
+  config.vm.hostname = "master.local"
+  config.vm.network :private_network, ip: "10.1.0.2"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Disable the default share of the current code directory. Doing this
+  # provides improved isolation between the vagrant box and your host
+  # by making sure your Vagrantfile isn't accessible to the vagrant box.
+  # If you use this you may want to enable additional shared subfolders as
+  # shown above.
+  # config.vm.synced_folder ".", "/vagrant", disabled: true
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+config.vm.provider "virtualbox" do |vb|
+  # Display the VirtualBox GUI when booting the machine
+  vb.gui = false
+  
+  # Customize the amount of memory on the VM:
+  vb.memory = "2048"
+end
+
+#
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  config.vm.provision "shell", inline: <<-SHELL
+    apt-get update
+    grep "master.local" /etc/hosts || cat /vagrant/hosts.txt >> /etc/hosts
+    test -f /etc/kubernetes/manifests/kube-scheduler.yaml || \\
+     ( kubeadm init --control-plane-endpoint master.local:6443 --pod-network-cidr 10.2.0.0/22 | tee init.log )
+    export KUBECONFIG=/etc/kubernetes/admin.conf
+    test -f tigera-operator.yaml || ( wget https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/tigera-operator.yaml \\
+      && kubectl create -f tigera-operator.yaml ) 
+    test -f custom-resources.yaml || wget https://raw.githubusercontent.com/projectcalico/calico/v3.27.0/manifests/custom-resources.yaml
+    sed -i.bak -E "s#cidr.*#cidr: 10\.2\.0\.0/22#g" custom-resources.yaml
+    kubectl apply -f custom-resources.yaml
+    cat init.log
+  SHELL
+end

master/hosts.txt

@@ -0,0 +1,4 @@
+10.1.0.2        master.local
+10.1.0.3        worker1.local
+10.1.0.4        worker2.local
+10.1.0.5        worker3.local

worker/Vagrantfile

@@ -0,0 +1,83 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+
+# All Vagrant configuration is done below. The "2" in Vagrant.configure
+# configures the configuration version (we support older styles for
+# backwards compatibility). Please don't change it unless you know what
+# you're doing.
+Vagrant.configure("2") do |config|
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "k8s-playground"
+
+
+  config.vm.hostname = "worker.local"
+  config.vm.network :private_network, ip: "10.1.0.3"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine. In the example below,
+  # accessing "localhost:8080" will access port 80 on the guest machine.
+  # NOTE: This will enable public access to the opened port
+  # config.vm.network "forwarded_port", guest: 80, host: 8080
+
+  # Create a forwarded port mapping which allows access to a specific port
+  # within the machine from a port on the host machine and only allow access
+  # via 127.0.0.1 to disable public access
+  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"
+
+  # Create a private network, which allows host-only access to the machine
+  # using a specific IP.
+  # config.vm.network "private_network", ip: "192.168.33.10"
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  # config.vm.network "public_network"
+
+  # Share an additional folder to the guest VM. The first argument is
+  # the path on the host to the actual folder. The second argument is
+  # the path on the guest to mount the folder. And the optional third
+  # argument is a set of non-required options.
+  # config.vm.synced_folder "../data", "/vagrant_data"
+
+  # Disable the default share of the current code directory. Doing this
+  # provides improved isolation between the vagrant box and your host
+  # by making sure your Vagrantfile isn't accessible to the vagrant box.
+  # If you use this you may want to enable additional shared subfolders as
+  # shown above.
+  # config.vm.synced_folder ".", "/vagrant", disabled: true
+
+  # Provider-specific configuration so you can fine-tune various
+  # backing providers for Vagrant. These expose provider-specific options.
+  # Example for VirtualBox:
+  #
+config.vm.provider "virtualbox" do |vb|
+  # Display the VirtualBox GUI when booting the machine
+  vb.gui = false
+  
+  # Customize the amount of memory on the VM:
+  vb.memory = "2048"
+end
+
+#
+  # View the documentation for the provider you are using for more
+  # information on available options.
+
+  # Enable provisioning with a shell script. Additional provisioners such as
+  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
+  # documentation for more information about their specific syntax and use.
+  config.vm.provision "shell", inline: <<-SHELL
+    apt-get update
+    grep "master.local" /etc/hosts || cat /vagrant/hosts.txt >> /etc/hosts
+    kubeadm join master.local:6443 --token TBD --discovery-token-ca-cert-hash TBD
+  SHELL
+end

worker/hosts.txt

@@ -0,0 +1,4 @@
+10.1.0.2        master.local
+10.1.0.3        worker1.local
+10.1.0.4        worker2.local
+10.1.0.5        worker3.local