diff --git a/README.md b/README.md index a318f2f..9cefbec 100644 --- a/README.md +++ b/README.md @@ -799,7 +799,7 @@ iface enp5s0 inet6 static #### k8s node -The `10.88.1.5` and `fd01::5` IPs are assigned to the interface with VLAN 4002. +The `10.88.1.5` and `fe88::5` IPs are assigned to the interface with VLAN 4002. ``` auto enp5s0.4002 @@ -808,50 +808,28 @@ iface enp5s0.4002 inet static netmask 255.255.0.0 vlan-raw-device enp5s0 mtu 1400 - up ip addr add fd01::5/48 dev enp5s0.4002 + up ip addr add fe88::5/48 dev enp5s0.4002 ``` ### k8s first server node -```sh -$ cat /etc/rancher/k3s/config.yaml.d/config.yaml -# https://docs.k3s.io/installation/network-options -# the ipv4-ranges are default in k3s -# the fd-range is a private ipv6-range -cluster-cidr: 10.42.0.0/16,fd01::/48 -service-cidr: 10.43.0.0/16,fd02::/112 - -disable: - - servicelb -``` - ```sh sudo apt-get install curl -curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--write-kubeconfig-mode=644 --cluster-init --node-ip=10.88.1.5,fd01::5" sh - +master_node_ip=10.88.1.5,fe88::5 +curl -fL https://get.k3s.io | sh -s - server --cluster-init --disable=servicelb --write-kubeconfig-mode=644 --node-ip=$master_node_ip --cluster-cidr=10.42.0.0/16,fd01::/48 --service-cidr=10.43.0.0/16,fd02::/112 curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - ``` ### k8s second server node -```sh -$ cat /etc/rancher/k3s/config.yaml.d/config.yaml -# https://docs.k3s.io/installation/network-options -# the ipv4-ranges are default in k3s -# the fd-range is a private ipv6-range -cluster-cidr: 10.42.0.0/16,fd01::/48 -service-cidr: 10.43.0.0/16,fd02::/112 - -disable: - - servicelb -``` - The token is found on the first node in the `/var/lib/rancher/k3s/server/token` file. ```sh sudo apt-get install curl -master_node_ip=10.88.1.5 -second_server_ip=10.88.1.6,fd01::6 -curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--write-kubeconfig-mode=644 --token $token --server https://$master_node_ip:6443 --node-ip=$second_server_ip" sh - +token=??? +master_ip=10.88.1.5 +second_node_ip=10.88.1.6,fe88::6 +curl -fL https://get.k3s.io | sh -s - server --token $token --server https://$master_ip:6443 --cluster-init --disable=servicelb --write-kubeconfig-mode=644 --node-ip=$second_node_ip --cluster-cidr=10.42.0.0/16,fd01::/48 --service-cidr=10.43.0.0/16,fd02::/112 curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - ``` @@ -862,9 +840,9 @@ curl -fsSL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | The token is found on one of the master nodes in the `/var/lib/rancher/k3s/server/token` file. ```sh -master_node_ip=10.88.1.5 -etcd_node_ip=10.88.1.3,fd01::3 -curl -fL https://get.k3s.io | sh -s - server --token "$token" --server https://$master_node_ip:6443 --cluster-init --disable-apiserver --disable-controller-manager --disable-scheduler --write-kubeconfig-mode=644 --node-ip=$etcd_node_ip --cluster-cidr=10.42.0.0/16,fd01::/48 --service-cidr=10.43.0.0/16,fd02::/112 +master_ip=10.88.1.5 +etcd_node_ip=10.88.1.3,fe88::3 +curl -sfL https://get.k3s.io | sh -s - server --token "$token" --server https://$master_ip:6443 --cluster-init --disable-apiserver --disable-controller-manager --disable-scheduler --write-kubeconfig-mode=644 --node-ip=$etcd_node_ip --cluster-cidr=10.42.0.0/16,fd01::/48 --service-cidr=10.43.0.0/16,fd02::/112 ``` It should not be allowed to schedule pods but for some reason it is. Working around this with: @@ -875,29 +853,11 @@ kubectl taint nodes hetzner03 key1=value1:NoSchedule ### k8s networking -`k3s` is configured to use [metallb](https://metallb.universe.tf) instead of the default load balancer because it does not allow for a public IP different from the `k8s` node IP. - -[metallb](https://metallb.universe.tf). - -``` -helm install metallb metallb/metallb -cat > metallb.yaml < clusterissuer.yml < metallb.yaml <