From 59c932fcc16a7a031e5e90656867330598976b61 Mon Sep 17 00:00:00 2001 From: Dominik Chilla Date: Sat, 5 Nov 2022 23:16:13 +0100 Subject: [PATCH] cert-manager prometheus/grafana integration --- README.md | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 26d7f44..346f25b 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,7 @@ * [Configure upstream DNS-resolver](#upstream-dns-resolver) * [Change NodePort range](#nodeport-range) * [Clustering](#clustering) + * [Upgrade manually](#upgrade-manually) * [On Docker with k3d](#install-k3s-on-docker-k3d) * [Namespaces and resource limits](#namespaces-limits) * [Persistent volumes (StorageClass - dynamic provisioning)](#pv) @@ -122,6 +123,19 @@ metadata: [...] ``` +### Upgrade cluster manually +Check out version you want to upgrade to: https://github.com/k3s-io/k3s/releases + +On master node: +``` +curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION= sh - +``` + +On any worker nodes: +``` +curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION= K3S_URL=https://:6443 K3S_TOKEN= sh - +``` + ## On Docker with K3d K3d is a terraforming orchestrator which deploys a K3s cluster (masters and nodes) directly on docker without the need for virtual machines for each node (master/worker). @@ -176,6 +190,8 @@ Read more about [AccessModes](https://kubernetes.io/docs/concepts/storage/persis https://rancher.com/docs/k3s/latest/en/storage/ Only supports *AccessMode*: ReadWriteOnce (RWO) +If you want to disable the local + ## Rancher Longhorn (distributed in local cluster) - MY FAVOURITE :-) * Requirements: https://longhorn.io/docs/0.8.0/install/requirements/ * Debian/Ubuntu: `apt install open-iscsi` @@ -307,11 +323,21 @@ Docs: https://hub.helm.sh/charts/jetstack/cert-manager ``` helm repo add jetstack https://charts.jetstack.io helm repo update + kubectl apply --validate=false -f https://github.com/jetstack/cert-manager/releases/download/v1.0.2/cert-manager.crds.yaml + kubectl create namespace cert-manager -helm install cert-manager --namespace cert-manager --set 'extraArgs={--dns01-recursive-nameservers-only,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' jetstack/cert-manager + +helm upgrade --install cert-manager \ + --namespace cert-manager \ + --set 'extraArgs={--dns01-recursive-nameservers-only,--dns01-recursive-nameservers=8.8.8.8:53\,1.1.1.1:53}' \ + -f https://gitea.zwackl.de/dominik/k3s/raw/branch/master/cert-manager-values.yaml \ + jetstack/cert-manager + kubectl -n cert-manager get all ``` +**Note:** The [values file](https://gitea.zwackl.de/dominik/k3s/raw/branch/master/cert-manager-values.yaml) enables prometheus metrics. The values file references prometheus with it´s instance name `prom-stack`. If you want to go without prometheus metrics, just use the upper helm command without the `-f ` argument. Further information regarding cert-manager helm chart values can be found [here](https://github.com/cert-manager/cert-manager/blob/master/deploy/charts/cert-manager/README.template.md#configuration) + ## Cluster-internal CA Issuer Docs: https://cert-manager.io/docs/configuration/ca/