K3s¶
This guide assumes 3 nodes which are already setup with a minimal OS installation and network connectivity. Also make sure DNS entries are in place for all nodes.
Our examples bellow use the following nodes:
| Node | Role | FQDN | IP Address ^ |
|---|---|---|---|
| proxy | HAProxy loadbalancer | proxy.k3s.siempie.internal | 192.168.10.230 |
| node01 | Master + Worker | node01.k3s.siempie.internal | 192.168.10.231 |
| node02 | Master + Worker | node02.k3s.siempie.internal | 192.168.10.232 |
| node03 | Master + Worker | node03.k3s.siempie.internal | 192.168.10.233 |
Our API and HTTP workloads will be proxied via the HAProxy loadbalancer. The k3s api server will be accessible at
https://workload.k3s.siempie.internal:6443.
The HAProxy configuration is found here.
Boostrap k3s with a custom TLS SAN¶
# Node 1 (first master)
curl -sfL https://get.k3s.io | sh -s - server \
--cluster-init \
--tls-san workload.k3s.siempie.internal \
--tls-san node01 \
--tls-san node01.k3s.siempie.internal
# Save token for other nodes
cat /var/lib/rancher/k3s/server/node-token
Join other masters¶
# Node 2 and 3 (other masters)
curl -sfL https://get.k3s.io | sh -s - server \
--server https://node01:6443 \
--token <token-from-node01> \
--tls-san workload.k3s.siempie.internal \
--tls-san node02 \
--tls-san node02.k3s.siempie.internal