From 42bf710c1356229e5f42f8256277c283a2a19a20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Sch=C3=B6chlin?= Date: Wed, 18 Sep 2024 13:26:38 +0200 Subject: [PATCH 1/3] k3s configuration MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - added a configuration guide - added a refernce to the configuration guid in the deployment guide - added a upgrde guide Signed-off-by: Marc Schöchlin --- .../services/kubernetes.md | 51 +++++++++++++++++++ .../deploy-guide/services/kubernetes.md | 2 + 2 files changed, 53 insertions(+) create mode 100644 docs/guides/configuration-guide/services/kubernetes.md diff --git a/docs/guides/configuration-guide/services/kubernetes.md b/docs/guides/configuration-guide/services/kubernetes.md new file mode 100644 index 0000000000..42b3d86089 --- /dev/null +++ b/docs/guides/configuration-guide/services/kubernetes.md @@ -0,0 +1,51 @@ +--- +sidebar_label: Kubernetes +--- + +# Kubernetes + +The deployment of the k3s cluster is optional and disabled by default. + +The deployment is based on [k3s-ansible](https://github.com/techno-tim/k3s-ansible) and the defaults +are configured and described in [099-k3s.yml](https://github.com/osism/defaults/blob/main/all/099-k3s.yml) + +:::warning +K3S is currently not installable on nodes that use a layer-3 underlay network by running an FRR +instance on the node itself. The OSISM integration for this scenario is still pending. +Metal-LB either uses ARP for the leader election (which cannot work in principle) or starts its own +FRR instance which conflicts with the FRR instance of the host. +::: + +1. Enable the deployment of the k3s cluster by setting `enable_osism_kubernetes` to `yes` + +2. Optional: If you run your environment behind a http proxy, [configure the proxy settings](../proxy.md) + +3. The use of more than 3 name servers for the Kubernetes nodes generates a large number of warning messages as only the first three name servers are used. + +4. Define the `apiserver_endpoint` with a unused ipv4 address + +5. Define the `metal_lb_ip_range` with a range of free ipv4 adresses + +6. Create kubernetes token + + ``` + openssl rand -base64 1024 + ``` + +7. Add this token to the secrets file with the name `k3s_token` + + ``` + make ansible_vault_edit FILE=environments/secrets.yml EDITOR= + ``` + + An example secret: + ``` + k3s_token: | + 9nfWMSnntyozgwATpsxk/5UFRtW4sRfiDUIFH3JtqUr2vLJ+FN3qdUJyaLFMp0oa + O9BsyztqhARd7gBy7yRg9GnD6KcCsM25rCSAD60iRK8ifi7uWyuTKaqruqv+IgsG + ... + KqvUiYaCkUSKP0jt8oDcoJ4eXjpHpk32yRg7LC+CHUFlqTOvs45NpBOKApH8vlkb + u4xdpdxT3TjPSibeQz5BOyFL+2slxxoXMv7p1YR0R68= + ``` + + diff --git a/docs/guides/deploy-guide/services/kubernetes.md b/docs/guides/deploy-guide/services/kubernetes.md index 65fd09ab85..80ab70e68e 100644 --- a/docs/guides/deploy-guide/services/kubernetes.md +++ b/docs/guides/deploy-guide/services/kubernetes.md @@ -11,6 +11,8 @@ As of OSISM 7, it is possible to create a Kubernetes cluster on all nodes. At the moment, this is still optional. In the future, it will be necessary to deploy this Kubernetes cluster. +Check the [configuration guide](../../configuration-guide/services) for configuring kubernetes. + ::: 1. Deploy the [K3s](https://k3s.io) cluster. From 3811e87e27207c86723741cd86e2802a9e3c6b11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Sch=C3=B6chlin?= Date: Wed, 18 Sep 2024 13:34:05 +0200 Subject: [PATCH 2/3] add a upgrade guide, currently not tested MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marc Schöchlin --- .../upgrade-guide/services/kubernetes.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 docs/guides/upgrade-guide/services/kubernetes.md diff --git a/docs/guides/upgrade-guide/services/kubernetes.md b/docs/guides/upgrade-guide/services/kubernetes.md new file mode 100644 index 0000000000..ec10a0651c --- /dev/null +++ b/docs/guides/upgrade-guide/services/kubernetes.md @@ -0,0 +1,27 @@ +--- +sidebar_label: Kubernetes +sidebar_position: 12 +--- + +# Kubernetes + +1. Deploy the [K3s](https://k3s.io) cluster. + + ``` + osism apply -a upgrade kubernetes + ``` + +2. Deploy the [Kubernetes dashboard](https://github.com/kubernetes/dashboard): + + ``` + osism apply -a upgrade kubernetes-dashboard + ``` + +## Cluster API + +Deploy the [Cluster API](https://cluster-api.sigs.k8s.io) management cluster on the K3s cluster: + +``` +osism apply -a upgrade clusterapi +``` + From 71b5c851b300835afc3a63f08e8bcda1be6a39e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marc=20Sch=C3=B6chlin?= Date: Mon, 16 Dec 2024 15:24:46 +0100 Subject: [PATCH 3/3] fix comment MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Marc Schöchlin --- docs/guides/configuration-guide/services/kubernetes.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/guides/configuration-guide/services/kubernetes.md b/docs/guides/configuration-guide/services/kubernetes.md index 42b3d86089..e3f4e50309 100644 --- a/docs/guides/configuration-guide/services/kubernetes.md +++ b/docs/guides/configuration-guide/services/kubernetes.md @@ -9,9 +9,10 @@ The deployment of the k3s cluster is optional and disabled by default. The deployment is based on [k3s-ansible](https://github.com/techno-tim/k3s-ansible) and the defaults are configured and described in [099-k3s.yml](https://github.com/osism/defaults/blob/main/all/099-k3s.yml) + :::warning -K3S is currently not installable on nodes that use a layer-3 underlay network by running an FRR -instance on the node itself. The OSISM integration for this scenario is still pending. +K3S is currently not installable on nodes that use a layer-3 underlay network by running an FRR instance on the node itself. +The OSISM integration for this scenario is still pending. Metal-LB either uses ARP for the leader election (which cannot work in principle) or starts its own FRR instance which conflicts with the FRR instance of the host. :::