Setting up k3s
Prerequisites
- Have at least 3 Linux VM’s with 4 CPU and 8GB RAM recommended
- One node will be acting as a leader and the other two will be worker nodes
- Add host entries of each VM in all the nodes at /etc/hosts
- Verify each VM has a different hostname and are able to ping each other
- Port 6443 need to be exposed on the main server for clients(worker) nodes to connect
Setup
- Open terminal session on the leader(Main control) server.
- Run this command will install kubernetes server
sudo curl -sfL https://get.k3s.io | sh -s - server --tls-san <HOST_NAME># EXAMPLE$bash> sudo curl -sfL [<https://get.k3s.io>](<https://get.k3s.io/>) | sh -s - server --tls-san w-rli20-vk-zk1
- Verify the server is up
sudo k3s kubectl get node# EXAMPLE$bash> sudo k3s kubectl get nodes
NAME STATUS ROLES AGE VERSION
w-rli20-vk-zk1 Ready control-plane,master 43d v1.20.4+k3s1
- Now get the token from the leader(Main control panel). We will use this token to add worker nodes.
sudo cat /var/lib/rancher/k3s/server/node-token# EXAMPLE$bash> sudo cat /var/lib/rancher/k3s/server/node-token
K10bf8bc0ebeeed430f323fc95b7db1c1cbbebb7938d59bc29c0::server:9239484690baa4199892aa7789a
- Now open a terminal session on the worker node and use this command to add it to k3s cluster
curl -sfL https://get.k3s.io | K3S_URL=https://<LEADER_HOSTNAME>:6443 K3S_TOKEN=<TOKEN> sh -# EXAMPLE$bash> curl -sfL [<https://get.k3s.io>](<https://get.k3s.io/>) | K3S_URL=https://k8s-s1:6443 K3S_TOKEN=K1063d75d333d22d7bdff614b185ea025dcf05b5b3d1c3a5e60ea27bca365859108::server:a30303c8959d03be4a493bb464d94399 sh -
- Verify the worker node is added to the k3s cluster
sudo systemctl status k3s-agent# EXAMPLE OUTPUT● k3s-agent.service - Lightweight Kubernetes
Loaded: loaded (/etc/systemd/system/k3s-agent.service; enabled; vendor pre>
Active: active (running) since Mon 2021-04-26 07:22:26 PDT; 1min 20s ago
If you see the service failed to start, Probably use IP address of the leader instead of hostname to fix the issue. You can edit env file at the below location and restart the service. Check the service logs to resolve the issue.
vi / etc/systemd/system/k3s-agent.service.env
- Verify the node is added to the kubernetes cluster
$bash> sudo k3s kubectl get nodes
NAME STATUS ROLES AGE VERSION
w-rli20-vk-zk1 Ready control-plane,master 43d v1.20.4+k3s1
w-rli-20-vk-zk2 Ready <none> 1d v1.20.4+k3s1
- Repeat the above steps where you use the token to get the other worker node connected to the kubernetes cluster
- Now to control the cluster from your dev or personal machine install kubectl Follow this link
- Now get YAML config from the kubernetes cluster to connect to your dev or personal machine
sudo cat /etc/rancher/k3s/k3s.yaml
- Copy the content to your dev machine at this location
~/.kube/config
If you planning to have a different config for different clusters export the path of the config file accordingly to KUBECONFIG
environmental variable or pass it a —kubeconfig
to kubectl
command
- Now install kubernetes dashboard on the main leader node
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.2.0/aio/deploy/recommended.yaml
- We have to configure some permission before we can access the dashboard from your dev machine
- Create below two files on your dev machine or on the leader node as the configuration has to be applied on the cluster
dashboard.admin-user.yml
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kubernetes-dashboard
dashboard.admin-user-role.yml
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kubernetes-dashboard
Now apply the configuration
sudo k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml
Now get the bearer token that we will use to login into the dashboard
sudo k3s kubectl -n kubernetes-dashboard describe secret admin-user-token | grep ^token
Start the dashboard by proxying it on your dev machine
sudo k3s kubectl proxy
- Then you can sign in at this URL using your token we got in the previous step:
========================Setup is now complete=======================