services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d7224b038b942cd41cb12abcfa2daa080cf11bff
homelab/active/os_arch/k3s.md
ducoterra ef9104c796
All checks were successful
Reese's Arch Toolbox / build-and-push-arch-toolbox (push) Successful in 14s
Details
moving everything to active or retired vs incubating and graduated
2025-04-19 18:52:33 -04:00

1.4 KiB
Raw Blame History

K3S Cluster

Cluster Setup

  1. Install wireguard

    pacman -S wireguard-tools linux-headers

  2. Assign static IPs to each node

    /etc/dhcpcd.conf

    ...
interface enp1s0
static ip_address=192.168.122.51/24  # 52, 53
static routers=192.168.122.1
static domain_name_servers=192.168.122.1

K3S Installation

  1. Generate a secure token

    umask 077
k3s token generate > token.txt
export SECRET=$(cat token.txt)

  2. Create the cluster

    curl -sfL https://get.k3s.io | K3S_TOKEN=$SECRET sh -s - server \
    --cluster-init \
    --flannel-backend=wireguard-native \
    --disable=traefik \
    --secrets-encryption \
    --tls-san=192.168.122.51

  3. Join each server node

    curl -sfL https://get.k3s.io | K3S_TOKEN=$SECRET sh -s - server \
    --server https://192.168.122.51:6443 \
    --flannel-backend=wireguard-native \
    --disable=traefik \
    --secrets-encryption \
    --tls-san=192.168.122.52

  4. Copy the kube config at /etc/rancher/k3s/k3s.yaml to YOUR computer at ~/.kube/dev-config

    export KUBECONFIG=~/.kube/dev-config

  5. Modify the dev-config file's server attribute, replace with your IP/hostname

Secrets Encryption

https://docs.k3s.io/cli/secrets-encrypt

Reference in New Issue View Git Blame Copy Permalink