k3s ​
K3s is a small Kubernetes distribution, ideal for environments with limited resources like mine.
If you are not limited, I advice checking Talos or RKE2 project.
Architecture ​
Configuration ​
I disabled some default components (like coredns, traefik, local-storage, servicelb and cni) by adding the following configuration in /etc/rancher/k3s/config.yaml.
To understand each options, see the official documentation.
On master_1:
yaml
# tls-san is optional. Omit if you don't have a loadbalancer for the kube api
tls-san:
- "192.168.1.1" # Load balancer IP for kube api
cluster-init: true
disable:
- coredns
- traefik
- local-storage
- servicelb
# Encrypt etcd at rest
secrets-encryption: true
# Disable default cni of k3s
disable-network-policy: true
flannel-backend: noneOn other masters:
yaml
server: https://$MASTER_1:6443
# Token of master_1 can be retrieve in master_1 server on path /var/lib/rancher/k3s/server/node-token
token: XXXXXXXX
tls-san:
- "192.168.1.1" # Load balancer IP for kube api
# You can disable etcd on master with this option
# disable-etcd: true
disable:
- coredns
- traefik
- local-storage
- servicelb
secrets-encryption: true
# Disable default cni of k3s
disable-network-policy: true
flannel-backend: noneInstallation ​
Then, k3s installation is pretty straight-forward. You just run the following command on each server to get started:
bash
curl -sfL https://get.k3s.io | sh -s - serverAnd voila !