First ensure that you have curl
installed the nodes and server so you can install the packages for k3s.
First run the command below in order to create a control node, a server that all your other nodes will connect to in order to get their commands from.
curl -sfL https://get.k3s.io | sh -
Next up we need to setup the nodes. And in order to set this up we need some information. Run the commands below on the server to fetch the internal IP address of the network with the controller and nodes. We also need a security token from the server which we can fetch with cat.
ip addr show
cat /var/lib/rancher/k3s/server/node-token
After we have fetch these information pieces we will add them to the command below and run this on our nodes in order to connect them to the cluster.
curl -sfL https://get.k3s.io | K3S_URL=https://[server_internal_ip_address]:6443 K3S_TOKEN=[TOKEN_FROM_COMMAND_ABOVE] sh -
We now have a working cluster and we need some application to run on the cluster. A nice application to run is the dashboard where you can test the network. The command below we run on the controller/server and this will send instructions to the nodes to install the dashboard and metric server.
kubectl apply -f https://raw.githubusercontent.com/kubernetes/dashboard/v2.0.0-beta6/aio/deploy/recommended.yaml
Next we need an account so we can administrate everything. Start by creating a file named service-account.yaml
and add the information below. This will create the admin Service Account.
apiVersion: v1
kind: ServiceAccount
metadata:
name: admin-user
namespace: kube-system
Next up we setup what the new account can manage by creating a file named cluster-role.yaml
and adding the text below.
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: admin-user
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: admin-user
namespace: kube-system
Running these command will import the configurations we created above.
kubectl apply -f service-account.yaml
kubectl apply -f cluster-role.yaml
Now we have a service account but we need another token in order to login to the dashboard. This can be located by running the command below. Look for "Token: " and copy the long token string.
kubectl -n kube-system describe secret $(kubectl -n kube-system get secret | grep admin-user | awk '{print $1}')
Lastly we need to open up the dashboard so we can reach it outside the cluster. We can do this with a port forwarding using the external ip address of your cluster.
kubectl port-forward -n kubernetes-dashboard service/kubernetes-dashboard 10443:443 --address [server_external_ip_address]
In order to reach your dashboard you visit https://[server_external_ip_address]:10443 this site is using SSL and we haven't setup any certificates so you might need to use a web browser that don't require signed certificates.
Everything is good man, thank you! But when I am trying to forward port, my host browser is alerting about security however I can go on page from my VM.