Skip to content

Instantly share code, notes, and snippets.

@tuna2134

tuna2134/k3s-wireguard.md

Last active July 26, 2024 14:40
Show Gist options
  • Save tuna2134/931a62a346f6adb85429edd08173e49e to your computer and use it in GitHub Desktop.
Save tuna2134/931a62a346f6adb85429edd08173e49e to your computer and use it in GitHub Desktop.
Download ZIP
Raw
k3s-wireguard.md

k3s + wireguard cluster

Install wireguard

apt-get install wireguard-tools

Generate wireguard key

Generate private key

wg genkey | tee server.key | wg pubkey > server.pub

Set configuration (master side)

[Interface]
PrivateKey=$(Server private key)
Address=172.16.42.1
ListenPort=51820

[Peer]
PublicKey=$(Client public key)
AllowedIPs=172.16.42.2
PersistentKeepAlive=30

Set configuration (worker side)

[Interface]
PrivateKey=$(Client private key)
Address=172.16.42.2

[Peer]
PublicKey=$(Server public key)
AllowedIPs=172.16.42.1/24
Endpoint=$(server ip):51820
PersistentKeepAlive=25

Install k3s (Master side)

curl -sfL https://get.k3s.io | sh -

Get k3s token, it use at installing k3s at worker side.

cat /var/lib/rancher/k3s/server/node-token

Install k3s (Worker side)

curl -sfL https://get.k3s.io | K3S_URL=https://172.16.42.1:6443 K3S_TOKEN=$(YOUR K3S TOKEN) sh -
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment