Skip to content

Instantly share code, notes, and snippets.

@kalaspuffar

kalaspuffar/create_k3s_cluster.md

Last active April 8, 2023 15:14
Show Gist options
  • Save kalaspuffar/371620397c85ef7a0db52eac21ff3783 to your computer and use it in GitHub Desktop.
Save kalaspuffar/371620397c85ef7a0db52eac21ff3783 to your computer and use it in GitHub Desktop.
Download ZIP
Simple description how to create a k3s cluster.
Raw
create_k3s_cluster.md

Creating a small K3S cluster.

First ensure that you have curl installed the nodes and server so you can install the packages for k3s.

First run the command below in order to create a control node, a server that all your other nodes will connect to in order to get their commands from.

curl -sfL https://get.k3s.io | sh -

Next up we need to setup the nodes. And in order to set this up we need some information. Run the commands below on the server to fetch the internal IP address of the network with the controller and nodes. We also need a security token from the server which we can fetch with cat.

ip addr show
cat /var/lib/rancher/k3s/server/node-token

After we have fetch these information pieces we will add them to the command below and run this on our nodes in order to connect them to the cluster.

curl -sfL https://get.k3s.io | K3S_URL=https://[server_internal_ip_address]:6443 K3S_TOKEN=[TOKEN_FROM_COMMAND_ABOVE] sh -

We now have a working cluster and we need some application to run on the cluster. A nice application to run is the dashboard where you can test the network. The command below we run on the controller/server and this will send instructions to the nodes to install the dashboard and metric server.

kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta6/aio/deploy/recommended.yaml

Next we need an account so we can administrate everything. Start by creating a file named service-account.yaml and add the information below. This will create the admin Service Account.

apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kube-system

Next up we setup what the new account can manage by creating a file named cluster-role.yaml and adding the text below.

apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kube-system

Running these command will import the configurations we created above.

kubectl apply -f service-account.yaml 
kubectl apply -f cluster-role.yaml

Now we have a service account but we need another token in order to login to the dashboard. This can be located by running the command below. Look for "Token: " and copy the long token string.

kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')

Lastly we need to open up the dashboard so we can reach it outside the cluster. We can do this with a port forwarding using the external ip address of your cluster.

kubectl port-forward -n kubernetes-dashboard service/kubernetes-dashboard 10443:443 --address [server_external_ip_address]

In order to reach your dashboard you visit https://[server_external_ip_address]:10443 this site is using SSL and we haven't setup any certificates so you might need to use a web browser that don't require signed certificates.

@nikitagud
Copy link

Everything is good man, thank you! But when I am trying to forward port, my host browser is alerting about security however I can go on page from my VM.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment