Setup Kubernetes cluster with K3sup

From UNamur InfoSec
Revision as of 19:01, 17 September 2021 by Mkuy (talk | contribs) (→‎Setup Kubernetes cluster with k3sup)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Setup Kubernetes cluster with k3sup

Pre Requirements for Raspberry PI

Requirement for Raspbian OS

#enable legacy iptables
sudo iptables -F
sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
sudo reboot

Requirement for Raspberry PI

The Raspberry Pi need to have "cgroup_memory=1 cgroup_enable=memory" in it cmdline.txt file


k3sup is an application that simplifies k3s cluster configuration. We can use the “install” command to configure a master node and the “join” command to set up workers node one by one.


  1. We need SSH access with a public-key authentication method from the server running k3sup to the nodes that we want to install k3s to set up a cluster. To use Ansible to copy authorized_keys to nodes [link].

  2. The user on the nodes can execute the “sudo” command without typing a password.

    # to configure NOPASSWD sudo 
    sudo visudo

    And add the following

    <username> ALL=(ALL) NOPASSWD: ALL


curl -sLS | sh
sudo install k3sup /usr/local/bin/

#k3sup --help

Create a master node

# here we can also use --host if we want to provide hostname instead of IP address
k3sup install --ip <ip_of_master_node> --user <user_for_ssh>

Create a worker node

# here we can replace ip with host, ex: --host, --server-host respectively
k3sup join --ip <worker_node_ip> --server-ip <master_node_ip> --user <worker_node_ssh_user>

Cleanup cluster

  1. For worker nodes

    # ssh into nodes and run this command. the command is located in /usr/local/bin
    # incase k3s-agent-uninstall fail to remove this directory
    sudo rm -rf /var/lib/kubelet
  2. For master node

    # ssh into nodes and run this command. the command is located in /usr/local/bin

Node: Use Ansible to remove k3s from cluster

Use kubectl to access the cluster

Install kubectl

curl -LO "$(curl -L -s"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl

Load kubeconfig file

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default

Save kubeconfig to user directory

kubectl config view --raw > ~/.kube/config

Check cluster

kubectl get node -o wide

Shell script

k3sup install --host red --user pi
k3sup join --host yellow --server-host red --user pi
k3sup join --host black --server-host red --user pi
k3sup join --host green --server-host red --user pi

export KUBECONFIG=/home/ubuntu/kubeconfig
kubectl config set-context default
kubectl config view --raw > ~/.kube/config

Use Helm for containers deployment