nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-24 22:04:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
0eb0b2c62c
nixpkgs/pkgs/applications/networking/cluster/k3s/docs/USAGE.md
Robert Rose 310f0ae4d5 nixos/k3s: replace deprecated extra flag in usage example 
The previously used `--kubelet-arg=v=4` extra flag causes k3s to crash
with `Error: initialize logging: the logging configuration should not be
changed after setting it once`. Replace it with the working `--debug`
flag.
2024-09-18 18:59:52 +02:00

2.3 KiB
Raw Blame History

K3s Usage

Single Node

{
  networking.firewall.allowedTCPPorts = [
    6443 # k3s: required so that pods can reach the API server (running on port 6443 by default)
    # 2379 # k3s, etcd clients: required if using a "High Availability Embedded etcd" configuration
    # 2380 # k3s, etcd peers: required if using a "High Availability Embedded etcd" configuration
  ];
  networking.firewall.allowedUDPPorts = [
    # 8472 # k3s, flannel: required if using multi-node for inter-node networking
  ];
  services.k3s.enable = true;
  services.k3s.role = "server";
  services.k3s.extraFlags = toString [
    # "--debug" # Optionally add additional args to k3s
  ];
}

Once the above changes are active, you can access your cluster through sudo k3s kubectl (e.g. sudo k3s kubectl cluster-info) or by using the generated kubeconfig file in /etc/rancher/k3s/k3s.yaml. Multi-node setup

Multi-Node

it is simple to create a cluster of multiple nodes in a highly available setup (all nodes are in the control-plane and are a part of the etcd cluster).

The first node is configured like this:

{
  services.k3s = {
    enable = true;
    role = "server";
    token = "<randomized common secret>";
    clusterInit = true;
  };
}

Any other subsequent nodes can be added with a slightly different config:

{
  services.k3s = {
    enable = true;
    role = "server"; # Or "agent" for worker only nodes
    token = "<randomized common secret>";
    serverAddr = "https://<ip of first node>:6443";
  };
}

For this to work you need to open the aforementioned API, etcd, and flannel ports in the firewall. Official documentation on what ports need to be opened for specific use cases can be found on k3s' documentation site. Note that it is recommended to use an odd number of nodes in such a cluster.

Tip: If you run into connectivity issues between nodes for specific applications (e.g. ingress controller), please verify the firewall settings you have enabled (example under Single Node) against the documentation for that specific application. In the ingress controller example, you may want to open 443 or 80 depending on your use case.