Skip to content

Instantly share code, notes, and snippets.

@suryakencana007

suryakencana007/k3s-local-cluster.md

Last active May 6, 2022 18:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save suryakencana007/996b3cb9554c1ae384a0c06e19ca3b47 to your computer and use it in GitHub Desktop.
Save suryakencana007/996b3cb9554c1ae384a0c06e19ca3b47 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
k3s-local-cluster.md

NFS VM

multipass launch --name k3s-nfs --cpus 1 --mem 1024M --disk 60G

Create Cluster

minikube start -p k3s-local-cluster --cpus 2 --memory 4g --disk-size 40g --cni flannel
kubectx k3s-local-cluster
kubectl label nodes k3s-local-cluster k8s.shipper.id/worker-group=ephemeral-workers

ADD Cluster Node

minikube node add -p k3s-local-cluster

Create Cluster

multipass launch --name k3s-master-1 --cpus 1 --mem 2024M --disk 40G
multipass launch --name k3s-master-2 --cpus 1 --mem 2024M --disk 40G
multipass launch --name k3s-master-3 --cpus 1 --mem 2024M --disk 40G

multipass launch --name k3s-node-1 --cpus 1 --mem 2024M --disk 40G
multipass launch --name k3s-node-2 --cpus 1 --mem 2024M --disk 40G
multipass launch --name k3s-node-3 --cpus 1 --mem 2024M --disk 40G

kubectx k3s-local-cluster
kubectl label nodes k3s-local-cluster k8s.shipper.id/worker-group=ephemeral-workers

ADD Cluster Node



https://github.com/kubernetes-sigs/nfs-subdir-external-provisioner

helm install nfs-subdir-external-provisioner nfs-subdir-external-provisioner/nfs-subdir-external-provisioner --set nfs.server=k3s-nfs.mshome.net --set nfs.path=/home

######################
# Become a Certificate Authority
######################

# Generate private key
openssl genrsa -des3 -out myCA.key 2048
# Generate root certificate
openssl req -x509 -new -nodes -key myCA.key -sha256 -days 825 -out myCA.pem

######################
# Create CA-signed certs
######################

NAME=mydomain.com # Use your own domain name
# Generate a private key
openssl genrsa -out $NAME.key 2048
# Create a certificate-signing request
openssl req -new -key $NAME.key -out $NAME.csr
# Create a config file for the extensions
>$NAME.ext cat <<-EOF
authorityKeyIdentifier=keyid,issuer
basicConstraints=CA:FALSE
keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
subjectAltName = @alt_names
[alt_names]
DNS.1 = $NAME # Be sure to include the domain name here because Common Name is not so commonly honoured by itself
DNS.2 = bar.$NAME # Optionally, add additional domains (I've added a subdomain here)
IP.1 = 192.168.0.13 # Optionally, add an IP address (if the connection which you have planned requires it)
EOF
# Create the signed certificate
openssl x509 -req -in $NAME.csr -CA myCA.pem -CAkey myCA.key -CAcreateserial \
-out $NAME.crt -days 825 -sha256 -extfile $NAME.ext

https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment