Setup Kubernetes cluster with K3sup: Difference between revisions

From UNamur InfoSec
Jump to navigation Jump to search
Line 2: Line 2:


==Pre Requirements for Raspberry PI ==
==Pre Requirements for Raspberry PI ==
=== requirement for Raspbian OS ===
=== Requirement for Raspbian OS ===
=== requirement for Raspberry PI===
<pre>#enable legacy iptables
 
sudo iptables -F
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo reboot</pre>
=== Requirement for Raspberry PI===
The Raspberry Pi need to have "cgroup_memory=1 cgroup_enable=memory" in it cmdline.txt file
=== k3sup ===
=== k3sup ===


Line 78: Line 83:
kubectl config set-context default
kubectl config set-context default
kubectl config view --raw &gt; ~/.kube/config</pre>
kubectl config view --raw &gt; ~/.kube/config</pre>
== Use Helm for containers deployment ==
== Use Helm for containers deployment ==

Revision as of 19:00, 17 September 2021

Setup Kubernetes cluster with k3sup

Pre Requirements for Raspberry PI

Requirement for Raspbian OS

#enable legacy iptables
sudo iptables -F
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo reboot

Requirement for Raspberry PI

The Raspberry Pi need to have "cgroup_memory=1 cgroup_enable=memory" in it cmdline.txt file

k3sup

k3sup is an application that simplifies k3s cluster configuration. We can use the “install” command to configure a master node and the “join” command to set up workers node one by one.

Requirements

  1. We need SSH access with a public-key authentication method from the server running k3sup to the nodes that we want to install k3s to set up a cluster. To use Ansible to copy authorized_keys to nodes [link].

  2. The user on the nodes can execute the “sudo” command without typing a password.

    # to configure NOPASSWD sudo 
    sudo visudo

    And add the following

    <username> ALL=(ALL) NOPASSWD: ALL

Installation

curl -sLS https://get.k3sup.dev | sh
sudo install k3sup /usr/local/bin/

#k3sup --help

Create a master node

# here we can also use --host if we want to provide hostname instead of IP address
k3sup install --ip <ip_of_master_node> --user <user_for_ssh>

Create a worker node

# here we can replace ip with host, ex: --host, --server-host respectively
k3sup join --ip <worker_node_ip> --server-ip <master_node_ip> --user <worker_node_ssh_user>

Cleanup cluster

  1. For worker nodes

    # ssh into nodes and run this command. the command is located in /usr/local/bin
    k3s-killall.sh
    k3s-agent-uninstall.sh
    
    # incase k3s-agent-uninstall fail to remove this directory
    sudo rm -rf /var/lib/kubelet
  2. For master node

    # ssh into nodes and run this command. the command is located in /usr/local/bin
    k3s-killall.sh
    k3s-uninstall.sh

Node: Use Ansible to remove k3s from cluster

Use kubectl to access the cluster

Install kubectl

curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

Load kubeconfig file

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default

Save kubeconfig to user directory

kubectl config view --raw > ~/.kube/config

Check cluster

kubectl get node -o wide

Shell script

#!/bin/sh
k3sup install --host red --user pi
k3sup join --host yellow --server-host red --user pi
k3sup join --host black --server-host red --user pi
k3sup join --host green --server-host red --user pi

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default
kubectl config view --raw > ~/.kube/config

Use Helm for containers deployment