Setup Kubernetes cluster with K3sup: Difference between revisions

From UNamur InfoSec
Jump to navigation Jump to search
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
= Setup Kubernetes cluster with k3sup =


==Pre Requirements for Raspberry PI ==
=== Requirement for Raspbian OS ===
<pre>#enable legacy iptables
sudo iptables -F
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo reboot</pre>
=== Requirement for Raspberry PI===
The Raspberry Pi need to have "cgroup_memory=1 cgroup_enable=memory" in it cmdline.txt file
== k3sup ==


==Requirements ==
k3sup is an application that simplifies k3s cluster configuration. We can use the “install” command to configure a master node and the “join” command to set up workers node one by one.
=== Pre existing requirement for Raspbian OS ===
=== Pre existing requirement for Raspberry PI===


==Installation==
=== Requirements ===


===K3sup ===
<ol style="list-style-type: decimal;">
<li><p>We need SSH access with a public-key authentication method from the server running k3sup to the nodes that we want to install k3s to set up a cluster. To use Ansible to copy authorized_keys to nodes [link].</p></li>
<li><p>The user on the nodes can execute the “sudo” command without typing a password.</p>
<pre># to configure NOPASSWD sudo
sudo visudo</pre>
<p>And add the following</p>
<pre>&lt;username&gt; ALL=(ALL) NOPASSWD: ALL</pre></li>
<li></li></ol>


=== Remove k3s from master and worker nodes. ===
=== Installation ===
* Ansible playbook for removing k3s from hosts
 
<pre>#clean up k3s
<pre>curl -sLS https://get.k3sup.dev | sh
---
sudo install k3sup /usr/local/bin/
- name: clean up k3s installation
 
  hosts: red
#k3sup --help</pre>
  remote_user: pi
=== Create a master node ===
  tasks:
 
  - name: stop service
<pre># here we can also use --host if we want to provide hostname instead of IP address
    command: /usr/local/bin/k3s-killall.sh
k3sup install --ip &lt;ip_of_master_node&gt; --user &lt;user_for_ssh&gt;</pre>
    ignore_unreachable: yes
=== Create a worker node ===
  - name: uninstall master node
 
    command: /usr/local/bin/k3s-uninstall.sh
<pre># here we can replace ip with host, ex: --host, --server-host respectively
    ignore_unreachable: yes
k3sup join --ip &lt;worker_node_ip&gt; --server-ip &lt;master_node_ip&gt; --user &lt;worker_node_ssh_user&gt;</pre>
- name: clean up k3s installation
=== Cleanup cluster ===
  hosts: [yellow black green]
 
  remote_user: pi
<ol style="list-style-type: decimal;">
  tasks:
<li><p>For worker nodes</p>
  - name: stop service
<pre># ssh into nodes and run this command. the command is located in /usr/local/bin
    command: /usr/local/bin/k3s-killall.sh
k3s-killall.sh
    ignore_unreachable: yes
k3s-agent-uninstall.sh
  - name: Uninstall worker node
</pre>
    command: /usr/local/bin/k3s-agent-uninstall.sh
<pre># incase k3s-agent-uninstall fail to remove this directory
    ignore_unreachable: yes</pre>
sudo rm -rf /var/lib/kubelet</pre></li>
<li><p>For master node</p>
<pre># ssh into nodes and run this command. the command is located in /usr/local/bin
k3s-killall.sh
k3s-uninstall.sh</pre></li></ol>
 
Node: [[Use Ansible to remove k3s from cluster]]
 
== Use kubectl to access the cluster ==
 
=== Install kubectl ===
 
<pre>curl -LO &quot;https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl&quot;
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl</pre>
=== Load kubeconfig file ===
 
<pre>export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default</pre>
=== Save kubeconfig to user directory ===
 
<pre>kubectl config view --raw &gt; ~/.kube/config</pre>
=== Check cluster ===
 
<pre>kubectl get node -o wide</pre>
=== Shell script ===
 
<pre>#!/bin/sh
k3sup install --host red --user pi
k3sup join --host yellow --server-host red --user pi
k3sup join --host black --server-host red --user pi
k3sup join --host green --server-host red --user pi
 
export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default
kubectl config view --raw &gt; ~/.kube/config</pre>
 
== Use Helm for containers deployment ==

Latest revision as of 19:01, 17 September 2021

Setup Kubernetes cluster with k3sup

Pre Requirements for Raspberry PI

Requirement for Raspbian OS

#enable legacy iptables
sudo iptables -F
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo reboot

Requirement for Raspberry PI

The Raspberry Pi need to have "cgroup_memory=1 cgroup_enable=memory" in it cmdline.txt file

k3sup

k3sup is an application that simplifies k3s cluster configuration. We can use the “install” command to configure a master node and the “join” command to set up workers node one by one.

Requirements

  1. We need SSH access with a public-key authentication method from the server running k3sup to the nodes that we want to install k3s to set up a cluster. To use Ansible to copy authorized_keys to nodes [link].

  2. The user on the nodes can execute the “sudo” command without typing a password.

    # to configure NOPASSWD sudo 
sudo visudo

    And add the following

    <username> ALL=(ALL) NOPASSWD: ALL

Installation

curl -sLS https://get.k3sup.dev | sh
sudo install k3sup /usr/local/bin/

#k3sup --help

Create a master node

# here we can also use --host if we want to provide hostname instead of IP address
k3sup install --ip <ip_of_master_node> --user <user_for_ssh>

Create a worker node

# here we can replace ip with host, ex: --host, --server-host respectively
k3sup join --ip <worker_node_ip> --server-ip <master_node_ip> --user <worker_node_ssh_user>

Cleanup cluster

  1. For worker nodes

    # ssh into nodes and run this command. the command is located in /usr/local/bin
k3s-killall.sh
k3s-agent-uninstall.sh

    # incase k3s-agent-uninstall fail to remove this directory
sudo rm -rf /var/lib/kubelet

  2. For master node

    # ssh into nodes and run this command. the command is located in /usr/local/bin
k3s-killall.sh
k3s-uninstall.sh

Node: Use Ansible to remove k3s from cluster

Use kubectl to access the cluster

Install kubectl

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

Load kubeconfig file

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default

Save kubeconfig to user directory

kubectl config view --raw > ~/.kube/config

Check cluster

kubectl get node -o wide

Shell script

#!/bin/sh
k3sup install --host red --user pi
k3sup join --host yellow --server-host red --user pi
k3sup join --host black --server-host red --user pi
k3sup join --host green --server-host red --user pi

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default
kubectl config view --raw > ~/.kube/config

Use Helm for containers deployment

Retrieved from "https://doc.infosec.unamur.be/index.php?title=Setup_Kubernetes_cluster_with_K3sup&oldid=991"