k3s Cluster Instructions

Node Setup

Flash the USB with image

Download the latest 64-bit lite image here.

Update the OS and install common utilites

sudo apt update
sudo apt -y full-upgrade
sudo apt -y autoremove --purge
sudo apt -y install vim open-iscsi ntp

Configure SSH

mkdir .ssh
chmod 700 .ssh
vim .ssh/authorized_keys
chmod 640 .ssh/authorized_keys
sudo vim /etc/ssh/sshd_config
PasswordAuthentication no
UsePAM no
sudo systemctl restart sshd.service
sudo passwd -d pi

Enable cgroups

sudo sed -i 's/$/ cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory/' /boot/cmdline.txt

Switch to iptables-legacy

sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

Change pi settings

sudo raspi-config

Installation scripts

First master

initial_install_k3s_server.sh (used during the initial install only)

#! /bin/bash

curl -sfL https://get.k3s.io | sh -s - server --cluster-init --disable servicelb --disable traefik --disable-cloud-controller "[email protected]"

echo -e "\nnode-token:"
echo "export K3S_TOKEN=$(sudo cat /var/lib/rancher/k3s/server/node-token)"

install_k3s_server.sh (used for upgrades)

#! /bin/bash

export K3S_TOKEN=<INSERT_K3S_TOKEN>
export K3S_URL='https://<INSERT_IP_OF_OTHER_MASTER>:6443'

curl -sfL https://get.k3s.io | sh -s - server --disable servicelb --disable traefik --disable-cloud-controller "[email protected]"

echo -e "\nnode-token:"
echo "export K3S_TOKEN=$(sudo cat /var/lib/rancher/k3s/server/node-token)"

Other masters

install_k3s_server.sh (used for initial install and upgrades)

#! /bin/bash

export K3S_TOKEN=<INSERT_K3S_TOKEN>
export K3S_URL='https://<INSERT_IP_OF_INITIAL_MASTER>:6443'

curl -sfL https://get.k3s.io | sh -s - server --disable servicelb --disable traefik --disable-cloud-controller "[email protected]"

echo -e "\nnode-token:"
echo "export K3S_TOKEN=$(sudo cat /var/lib/rancher/k3s/server/node-token)"

All agents

install_k3s_agent.sh (used for initial install and upgrades)

#! /bin/bash

export K3S_TOKEN=<INSERT_K3S_TOKEN>
export K3S_URL='https://<INSERT_IP_OF_INITIAL_MASTER>:6443'

curl -sfL https://get.k3s.io | sh -s - agent "[email protected]"