4.5 KiB
4.5 KiB
K0s
Install Single Node Cluster
https://docs.k0sproject.io/v0.11.0/k0s-single-node/
# Trust traffic on podCIDR and serviceCIDR subnets
firewall-cmd --permanent --zone=trusted \
--add-source=10.244.0.0/16 \
--add-source=10.96.0.0/12
# Set default zone to drop packets
firewall-cmd --set-default-zone=drop
# Allow k0s ports
firewall-cmd --permanent --zone=drop \
--add-port=22/tcp \
--add-port=6443/tcp \
--add-port=179/tcp \
--add-port=4789/udp \
--add-port=10250/tcp \
--add-port=9443/tcp \
--add-port=8132/tcp \
--add-port=112/tcp
# Apply firewall
firewall-cmd --reload
# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh
# Setup the config
k0s config create > k0s.yaml
# Install single node cluster controller/node
k0s install controller -c k0s.yaml --enable-worker --no-taints
# Start and enable the service
systemctl enable --now k0scontroller
# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc
# Make an admin user
mkdir ~/.kube
k0s kubeconfig create --groups "system:m asters" admin > ~/.kube/config
# Remove the taint that prevents scheduling on the controller
kubectl edit node
Install Multi Node Cluster
https://docs.k0sproject.io/v0.11.0/k0s-multi-node/
Install the controller on the controller machine
# Set default zone to drop packets
firewall-cmd --set-default-zone=drop
# Allow k0s ports
firewall-cmd --permanent --zone=drop \
--add-port=22/tcp \
--add-port=6443/tcp \
--add-port=179/tcp \
--add-port=4789/udp \
--add-port=10250/tcp \
--add-port=9443/tcp \
--add-port=8132/tcp \
--add-port=112/tcp
# Apply firewall
firewall-cmd --reload
# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh
# Save default config
k0s config create > k0s.yaml
# Install the controller
k0s install controller
# Enable the controller
systemctl enable --now k0scontroller
# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc
# Make an admin user (scp ~/.kube/config to your operator machine)
# kubectl config set-context --current --namespace kube-system
mkdir ~/.kube
k0s kubeconfig create --groups "system:masters" admin > ~/.kube/config
# Generate a worker join token
k0s token create --role=worker > worker0-token
Now on the worker machine, install the worker
# Trust traffic on podCIDR and serviceCIDR subnets
firewall-cmd --permanent --zone=trusted \
--add-source=10.244.0.0/16 \
--add-source=10.96.0.0/12
# Apply firewall
firewall-cmd --reload
# On the operator, copy the token file from the controller to the worker
scp vm-k0s-controller:worker0-token vm-k0s-worker:token-file
# Install k0s cli
curl -sSLf https://get.k0s.sh | sudo sh
# Join the worker
k0s install worker --token-file token-file
# Start the service
systemctl enable --now k0sworker
# Enable bash completion
echo 'source <(k0s completion bash)' >>~/.bashrc
source ~/.bashrc
Uninstall
systemctl stop k0scontroller
k0s reset
reboot
Install Metallb
https://docs.k0sproject.io/v1.26.0+k0s.0/examples/metallb-loadbalancer/
- Create a VLAN with a dedicated subnet for Metallb. Disable DHCP.
- Attach this new VLAN to your worker nodes
- Assign the worker nodes an address within the created network.
- Install Metallb. Check
active/software_k0s/metallb-address-pool.yamlbefore proceeding.
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml
kubectl apply -f active/software_k0s/metallb-address-pool.yaml
Uninstall Metallb
kubectl delete -f active/software_k0s/metallb-address-pool.yaml
kubectl apply -f https://raw.githubusercontent.com/metallb/metallb/v0.15.2/config/manifests/metallb-native.yaml
Install OpenEBS
https://docs.k0sproject.io/stable/examples/openebs/
Add the openebs extension
extensions:
helm:
repositories:
- name: openebs-internal
url: https://openebs.github.io/charts
charts:
- name: openebs
chartname: openebs-internal/openebs
version: "3.9.0"
namespace: openebs
order: 1
values: |
localprovisioner:
hostpathClass:
enabled: true
isDefaultClass: false