dominik/k3s
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1caa068ac3
k3s/README.md
Dominik Chilla 1caa068ac3
Update README.md
2020-08-23 17:33:52 +02:00

5.6 KiB
Raw Blame History

snippets for k3s

Install k3s

https://k3s.io/:

curl -sfL https://get.k3s.io | sh -

Disable traeffic-ingress:

edit /etc/systemd/system/k3s.service:

[...]
ExecStart=/usr/local/bin/k3s \
    server --disable traefik \
[...]

finally systemctl daemon-reload and systemctl restart k3s

Enable nginx-ingress

Installation

https://kubernetes.github.io/ingress-nginx/deploy/#bare-metal

Change service type from NodePort to LoadBalancer

kubectl edit service -n ingress-nginx and change type: NodePort to type: LoadBalancer

Port 80 and 443 should listen now on an External-IP kubectl get all --all-namespaces:

[...]
NAMESPACE       NAME                                         TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                      AGE
[...]
ingress-nginx   service/ingress-nginx-controller-admission   ClusterIP      10.43.174.128   <none>         443/TCP                      35m
ingress-nginx   service/ingress-nginx-controller             LoadBalancer   10.43.237.255   10.62.94.246   80:30312/TCP,443:30366/TCP   35m
[...]

Test: curl -s http://<External-IP> should return well known nginx-404-page:

dominik@muggler:~$ curl -s http://10.62.94.246
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.19.1</center>
</body>
</html>

Enable nginx-ingress tcp- and udp-services for apps other than http/s

kubectl edit deployment -n ingress-nginx and search for spec:/template/spec/containers section:

[...]
spec:                                                                                  
[...]                                                                  
  template:                                                                            
    metadata:                                  
      creationTimestamp: null                  
      labels:                                  
        app.kubernetes.io/component: controller                 
        app.kubernetes.io/instance: ingress-nginx
        app.kubernetes.io/name: ingress-nginx    
    spec:                                        
      containers:                                
      - args:                                    
        - /nginx-ingress-controller              
        - --election-id=ingress-controller-leader
        - --ingress-class=nginx                  
        - --configmap=ingress-nginx/ingress-nginx-controller
        - --validating-webhook=:8443                        
        - --validating-webhook-certificate=/usr/local/certificates/cert
        - --validating-webhook-key=/usr/local/certificates/key
        *** ADD >>> - --tcp-services-configmap=ingress-nginx/tcp-services <<< ADD ***
        *** ADD >>> - --udp-services-configmap=ingress-nginx/udp-services <<< ADD ***
        env:     
[...]

Deploy nginx-service and expose via nginx-ingress on TCP-port 9000

my-nginx-deployment.yml:

apiVersion: apps/v1
kind: Deployment
metadata:
  name: my-nginx
spec:
  selector:
    matchLabels:
      run: my-nginx
  replicas: 1
  template:
    metadata:
      labels:
        run: my-nginx
    spec:
      containers:
      - name: my-nginx
        image: nginx:alpine
        ports:
        - containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
  name: my-nginx
  labels:
    run: my-nginx
spec:
  ports:
  - port: 80
    protocol: TCP
  selector:
    run: my-nginx

---
apiVersion: v1
kind: ConfigMap
metadata:
  name: tcp-services
  namespace: ingress-nginx
data:
  9000: "default/my-nginx:80::PROXY"

Apply with kubectl apply -f my-nginx-deployment.yml:

deployment.apps/my-nginx created
service/my-nginx created
configmap/tcp-services created

Test: kubectl get all:

[...]
NAME                 TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)   AGE
[...]
service/my-nginx     ClusterIP   10.43.118.13   <none>        80/TCP    99s
[...]

Expose my-nginx app on nginx-ingress TCP-port 9000: kubectl edit service -n ingress-nginx Find the ports:-section of the ingress-nginx-controller service and ADD the definition for port 9000:

[...]
spec:   
    clusterIP: 10.43.237.255                                                              
    externalTrafficPolicy: Cluster
    ports:
    - name: http                                                                          
      nodePort: 30312                                                                     
      port: 80
      protocol: TCP                                                                       
      targetPort: http                                                                    
    - name: https                                                                         
      nodePort: 30366                                                                     
      port: 443
      protocol: TCP                                                                       
      targetPort: https      
*** ADD >>>
    - name: proxied-tcp-9000
      port: 9000
      protocol: TCP
      targetPort: 9000
<<< ADD ***
[...]

Verify nginx-ingress is listening on port 9000 with kubectl get all --all-namespaces:

[...]
NAMESPACE       NAME                                         TYPE           CLUSTER-IP      EXTERNAL-IP    PORT(S)                                     AGE
[...]
ingress-nginx   service/ingress-nginx-controller             LoadBalancer   10.43.237.255   10.62.94.246   80:30312/TCP,443:30366/TCP,9000:31460/TCP   71m
[...]

Test:

dominik@muggler:~$ curl -s http://10.62.94.246:9000
<html>
<head><title>400 Bad Request</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<hr><center>nginx/1.19.2</center>
</body>
</html>