Cluster Initialization¶
Now that are nodes are up and running we can start with the initialization of the k3s cluster. The scripts we have in ansible makes it easy. Just execute:
ansible-playbook cluster_setup/setup_cluster.yml
Note
Flannel default network is not enrcypted. So the communication between the pods is unencrypted. There is an experimental backend that supports Wireguard (https://github.com/flannel-io/flannel/blob/master/Documentation/backends.md#wireguard). I also tried with the experimental IPSec backend, but it did not work
Once the cluster is initialized we can start controlling it using kubectl. But for that we have to install it to our local system
sudo snap install kubectl
We also have to copy /etc/rancher/k3s/k3s.yaml on your machine located outside the cluster as ~/.kube/config.
ansible "erato" -b -m ansible.builtin.fetch -a 'src=/etc/rancher/k3s/k3s.yaml dest=~/.kube/config flat=yes'
Then replace “localhost” with the IP or name of your K3s server. kubectl can now manage your K3s cluster.
Note
Unlike k8s, in k3s the master nodes are elible to run containers destined for workers as it does not
have the node-role.kubernetes.io/master=true:NoSchedule
. To re-introduce it (if we see that the
master nodes are being influenced) we can execute
kubectl taint nodes myserver node-role.kubernetes.io/master=true:NoSchedule
We can see the taints with kubectl get nodes -o json | jq '.items[].spec.taints'
Resources¶
- https://rancher.com/docs/k3s/latest/en/cluster-access/#accessing-the-cluster-from-outside-with-kubectl
- https://rpi4cluster.com/k3s/k3s-kube-setting/
- https://github.com/k3s-io/k3s
- https://github.com/robipozzi/windfire-raspberry
- https://github.com/geerlingguy/raspberry-pi-dramble
- https://ikarus.sg/kubernetes-with-k3s/
- https://gist.github.com/LarsNieuwenhuizen/03c224e50871e123e4376f0518083cb1