# K0s

- [K0s](#k0s)
  - [Install Single Node Cluster](#install-single-node-cluster)
  - [Install Multi Node Cluster](#install-multi-node-cluster)
  - [Uninstall](#uninstall)
  - [Install Metallb](#install-metallb)
    - [Uninstall Metallb](#uninstall-metallb)
  - [Install OpenEBS](#install-openebs)

## Install Single Node Cluster

<https://docs.k0sproject.io/v0.11.0/k0s-single-node/>

```bash
# Trust traffic on podCIDR and serviceCIDR subnets
firewall-cmd --permanent --zone=trusted \
--add-source=10.244.0.0/16 \
--add-source=10.96.0.0/12

# Set default zone to drop packets
firewall-cmd --set-default-zone=drop

# Allow k0s ports
firewall-cmd --permanent --zone=drop \
--add-port=22/tcp \
--add-port=6443/tcp \
--add-port=179/tcp \
--add-port=4789/udp \
--add-port=10250/tcp \
--add-port=9443/tcp \
--add-port=8132/tcp \
--add-port=112/tcp

# Apply firewall
firewall-cmd --reload

# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh

# Setup the config
k0s config create > k0s.yaml

# Install single node cluster controller/node
k0s install controller -c k0s.yaml --enable-worker --no-taints

# Start and enable the service
systemctl enable --now k0scontroller

# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc

# Make an admin user
mkdir ~/.kube
k0s kubeconfig create --groups "system:m asters" admin > ~/.kube/config

# Remove the taint that prevents scheduling on the controller
kubectl edit node
```

## Install Multi Node Cluster

<https://docs.k0sproject.io/v0.11.0/k0s-multi-node/>

Install the controller on the controller machine

```bash
# Set default zone to drop packets
firewall-cmd --set-default-zone=drop

# Allow k0s ports
firewall-cmd --permanent --zone=drop \
--add-port=22/tcp \
--add-port=6443/tcp \
--add-port=179/tcp \
--add-port=4789/udp \
--add-port=10250/tcp \
--add-port=9443/tcp \
--add-port=8132/tcp \
--add-port=112/tcp

# Apply firewall
firewall-cmd --reload

# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh

# Save default config
k0s config create > k0s.yaml

# Install the controller
k0s install controller

# Enable the controller
systemctl enable --now k0scontroller

# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc

# Make an admin user (scp ~/.kube/config to your operator machine)
# kubectl config set-context --current --namespace kube-system
mkdir ~/.kube
k0s kubeconfig create --groups "system:masters" admin > ~/.kube/config

# Generate a worker join token
k0s token create --role=worker > worker0-token
```

Now on the worker machine, install the worker

```bash
# Trust traffic on podCIDR and serviceCIDR subnets
firewall-cmd --permanent --zone=trusted \
--add-source=10.244.0.0/16 \
--add-source=10.96.0.0/12

# Apply firewall
firewall-cmd --reload

# On the operator, copy the token file from the controller to the worker
scp vm-k0s-controller:worker0-token vm-k0s-worker:token-file

# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh

# Join the worker
k0s install worker --token-file token-file

# Start the service
systemctl enable --now k0sworker

# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc
```

## Uninstall

```bash
systemctl stop k0scontroller
k0s reset
reboot
```

## Install Metallb

<https://docs.k0sproject.io/v1.26.0+k0s.0/examples/metallb-loadbalancer/>

1. Create a VLAN with a dedicated subnet for Metallb. Disable DHCP.
2. Attach this new VLAN to your worker nodes
3. Assign the worker nodes an address within the created network.
4. Install Metallb. Check `active/software_k0s/metallb-address-pool.yaml` before proceeding.

```bash
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml

kubectl apply -f active/software_k0s/metallb-address-pool.yaml
```

### Uninstall Metallb

```bash
kubectl delete -f active/software_k0s/metallb-address-pool.yaml

kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml
```

## Install OpenEBS

<https://docs.k0sproject.io/stable/examples/openebs/>

Add the openebs extension

```yaml
extensions:
    helm:
      repositories:
      - name: openebs-internal
        url: https://openebs.github.io/charts
      charts:
      - name: openebs
        chartname: openebs-internal/openebs
        version: "3.9.0"
        namespace: openebs
        order: 1
        values: |
          localprovisioner:
            hostpathClass:
              enabled: true
              isDefaultClass: false
```