Skip to content

Instantly share code, notes, and snippets.

@afbjorklund

afbjorklund/Dockerfile

Created July 8, 2025 16:23
Show Gist options
  • Save afbjorklund/2038797de772133de3c6c46dd3784779 to your computer and use it in GitHub Desktop.
Save afbjorklund/2038797de772133de3c6c46dd3784779 to your computer and use it in GitHub Desktop.
Download ZIP
apple container with kubernetes
Raw
Dockerfile
FROM debian:testing AS build
# log_proxy
RUN apt-get update
RUN apt-get install -y --no-install-recommends build-essential
RUN apt-get install -y pkg-config libglib2.0-dev
RUN apt-get install -y wget openssl ca-certificates
RUN wget --content-disposition https://github.com/metwork-framework/log_proxy/archive/refs/tags/v0.7.4.tar.gz \
&& tar xzf log_proxy-0.7.4.tar.gz && cd log_proxy-0.7.4 && make install STATIC=yes
FROM debian:testing
# openrc (init)
RUN apt-get update && apt-get install -y --no-install-recommends openrc && rm -rf /var/lib/apt/lists/*
RUN rm -f /etc/init.d/cgroups /etc/init.d/hwclock.sh
RUN echo 'rc_need="!sysfs !cgroups !net !localmount !mountkernfs"' >>/etc/rc.conf
ENTRYPOINT ["/sbin/openrc-init"]
# containerd runc
RUN apt-get update && apt-get install -y --no-install-recommends containerd runc && rm -rf /var/lib/apt/lists/*
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/containerd/containerd.initd /etc/init.d/containerd
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/containerd/containerd.confd /etc/conf.d/containerd
RUN chmod +x /etc/init.d/containerd && rc-update add containerd
COPY --from=build /usr/local/bin/log_proxy /usr/local/bin/log_proxy
RUN apt-get update && apt-get install -y --no-install-recommends containernetworking-plugins && rm -rf /var/lib/apt/lists/*
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy
RUN apt-get update && apt-get install -y wget openssl ca-certificates && rm -rf /var/lib/apt/lists/*
# buildkit nerdctl
RUN wget -nv https://github.com/moby/buildkit/releases/download/v0.17.3/buildkit-v0.17.3.linux-arm64.tar.gz \
&& tar Cxzvvf /usr buildkit-v0.17.3.linux-arm64.tar.gz && rm buildkit-v0.17.3.linux-arm64.tar.gz
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/buildkit/buildkitd.initd /etc/init.d/buildkitd
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/buildkit/buildkitd.confd /etc/conf.d/buildkitd
RUN sed -e 's/#\(supervisor=supervise-daemon\)/\1/' -i /etc/conf.d/buildkitd
RUN chmod +x /etc/init.d/buildkitd && rc-update add buildkitd
RUN wget -nv https://github.com/containerd/nerdctl/releases/download/v1.7.6/nerdctl-1.7.6-linux-arm64.tar.gz \
&& tar Cxzvvf /usr/local/bin nerdctl-1.7.6-linux-arm64.tar.gz && rm nerdctl-1.7.6-linux-arm64.tar.gz
RUN apt-get update && apt-get install -y vim-tiny procps psmisc && rm -rf /var/lib/apt/lists/*
RUN apt-get update && apt-get install -y apt-transport-https ca-certificates curl gnupg
RUN VERSION=$(curl -L -s https://dl.k8s.io/release/stable.txt | sed -e 's/v//' | cut -d'.' -f1-2); \
echo "deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/ /" | tee /etc/apt/sources.list.d/kubernetes.list; \
curl -fsSL https://pkgs.k8s.io/core:/stable:/v$VERSION/deb/Release.key | gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg; \
apt-get update && apt-get install -y cri-tools kubernetes-cni kubelet kubeadm kubectl && apt-mark hold kubelet kubeadm kubectl
RUN mkdir -p /etc/containerd && containerd config dump > /etc/containerd/config.toml; sed -e 's/pause:3.8/pause:3.10/' -i /etc/containerd/config.toml
RUN echo "runtime-endpoint: unix:///run/containerd/containerd.sock" >/etc/crictl.yaml
RUN mkdir -p /etc/cni/net.d && cat >/etc/cni/net.d/10-containerd-net.conflist <<EOF
{
"cniVersion": "1.0.0",
"name": "containerd-net",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"promiscMode": true,
"ipam": {
"type": "host-local",
"ranges": [
[{
"subnet": "10.88.0.0/16"
}]
],
"routes": [
{ "dst": "0.0.0.0/0" },
{ "dst": "::/0" }
]
}
},
{
"type": "portmap",
"capabilities": {"portMappings": true}
}
]
}
EOF
RUN mkdir -p /etc/sysctl.d && echo "net.ipv4.ip_forward = 1" | tee /etc/sysctl.d/k8s.conf
RUN ( echo "net.ipv6.conf.all.disable_ipv6=1"; echo "net.ipv6.conf.default.disable_ipv6=1" ) | tee /etc/sysctl.d/cz.conf
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/kubernetes/kubelet.initd /etc/init.d/kubelet
ADD https://raw.githubusercontent.com/alpinelinux/aports/refs/heads/master/community/kubernetes/kubelet.confd /etc/conf.d/kubelet
RUN chmod +x /etc/init.d/kubelet && rc-update add kubelet default
RUN mkdir -p /var/log/kubelet
@afbjorklund
Copy link
Author

This container image builds on the previous one with containerd, and also adds the kubernetes installer...

You need to set the localhost and hostname in /etc/hosts, but after that it should only be to run kubeadm.

build container image with buildkit
container build -t debian-kubeadm .

start container VM in the background
container=$(container run -d -c 2 -m 2G debian-kubeadm)

open a shell in the running container
container exec -it $container bash

# echo "127.0.0.1 localhost" >/etc/hosts
# echo "$(/sbin/ip -o -4 addr list eth0 | awk '{print $4}' | cut -d/ -f1) $(hostname)" >>/etc/hosts

# kubeadm config images pull
# kubeadm init

If you want to use more than one node, you need macOS 26 and you need to install and configure a CNI plugin...

To run applications with only one node, use: kubectl taint nodes --all node-role.kubernetes.io/control-plane-

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment