Home HIGH AVAILABILITY k3s (Kubernetes) in minutes!
Post
Cancel

HIGH AVAILABILITY k3s (Kubernetes) in minutes!

HIGH AVAILABILITY k3s (Kubernetes) in minutes!

Are you running Kubernetes in your homelab or in the enterprise? Do you want an easy way to manage and create Kubernetes clusters? Do you want high availability Rancher? Join me as we walk through stalling Rancher on an existing high availability k3s cluster in this step-by-step tutorial. We install Rancher, configure a load balancer, install and configure helm, install cert-manager, configure Rancher, walk through the GUI, scale up our cluster, and set up a health check and liveness check! Join me, it’s easy in this straightforward guide.

Watch Video

See all the hardware I recommend at https://l.technotim.live/gear

Don’t forget to check out the 🚀Launchpad repo with all of the quick start source files.

Load Balancer

Create a load balancer using nginx

nginx.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
#uncomment this next line if you are NOT running nginx in docker
#load_module /usr/lib/nginx/modules/ngx_stream_module.so;

events {}

stream {
  upstream k3s_servers {
    server 192.168.60.20:6443;
    server 192.168.60.21:6443;
  }

  server {
    listen 6443;
    proxy_pass k3s_servers;
  }
}

k3s servers

On your k3s servers

1
export K3S_DATASTORE_ENDPOINT='mysql://username:[email protected](database_ip_or_hostname:port)/database'

Note: It’s advised you consult the Rancher Support Matrix to get the recommended version for all Rancher dependencies.

then

1
curl -sfL https://get.k3s.io | sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostname

test with

1
sudo k3s kubectl get nodes

to add additional servers, get token from first server

1
sudo cat /var/lib/rancher/k3s/server/node-token

then run the same command but add the token (replace SECRET with token from previous command)

1
curl -sfL https://get.k3s.io | sh -s - server --token=SECRET --node-taint CriticalAddonsOnly=true:NoExecute --tls-san load_balancer_ip_or_hostname

on agents / workers

to run without sudo

1
sudo chmod 644 /etc/rancher/k3s/k3s.yaml` on the servers

get token

1
sudo cat /var/lib/rancher/k3s/server/node-token

k3s agents / workers

1
curl -sfL https://get.k3s.io | K3S_URL=https://load_balancer_ip_or_hostname:6443 K3S_TOKEN=mynodetoken sh -

other

To install kubectl see this link

kubeconfig location on server

/etc/rancher/k3s/k3s.yaml

1
sudo cat /etc/rancher/k3s/k3s.yaml

copy contents to your dev machine

~/.kube/config

Be sure to update the server: to your load balancer ip or hostname

kubernetes dashboard

check releases for the command to use. At time or filming it’s:

1
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.4/aio/deploy/recommended.yaml

Dashboard RBAC Configuration

dashboard.admin-user.yml

1
2
3
4
5
apiVersion: v1
kind: ServiceAccount
metadata:
  name: admin-user
  namespace: kubernetes-dashboard

dashboard.admin-user-role.yml

1
2
3
4
5
6
7
8
9
10
11
12
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: admin-user
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: cluster-admin
subjects:
- kind: ServiceAccount
  name: admin-user
  namespace: kubernetes-dashboard

Deploy the admin-user configuration:

(if you’re doing this from your dev machine, remove sudo k3s and just use kubectl)

1
sudo k3s kubectl create -f dashboard.admin-user.yml -f dashboard.admin-user-role.yml

get bearer token

1
sudo k3s kubectl -n kubernetes-dashboard create token admin-user

start dashboard locally

1
sudo k3s kubectl proxy

Then you can sign in at this URL using your token we got in the previous step:

http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/

here’s testdeploy.yml you can use

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
apiVersion: apps/v1
kind: Deployment
metadata:
  name: mysite
  labels: 
    app: mysite
spec:
  replicas: 1
  selector: 
    matchLabels:
      app: mysite
  template:
    metadata:
      labels: 
        app : mysite
    spec:
      containers:
        - name : mysite
          image: nginx
          ports:
            - containerPort: 80
This post is licensed under CC BY 4.0 by the author.