From d952776129a0e390b60a72c71efa1cf6f8df9511 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Sun, 20 Nov 2022 09:42:55 +0100 Subject: [PATCH 1/4] Add feature to install kubernetes worker nodes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If your instances are connected through a proper network, then it is possible to join additional workers to the control plane. Beyond the URL of the apiserver (running on port 6443), you will also need the secret "token" emitted by the initial installation. Signed-off-by: Anders F Björklund --- examples/k3s.yaml | 2 ++ examples/k8s.yaml | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/examples/k3s.yaml b/examples/k3s.yaml index c3d0769a94e..fb03e59d1fe 100644 --- a/examples/k3s.yaml +++ b/examples/k3s.yaml @@ -40,6 +40,8 @@ provision: - mode: system script: | #!/bin/sh + # To install a worker node, fill in and uncomment this line: + #export K3S_URL=https://lima-k3s:6443 K3S_TOKEN=xxx curl -sfL https://get.k3s.io | sh - probes: diff --git a/examples/k8s.yaml b/examples/k8s.yaml index 088ce25ab5c..5141607b26c 100644 --- a/examples/k8s.yaml +++ b/examples/k8s.yaml @@ -96,6 +96,16 @@ provision: script: | #!/bin/bash set -eux -o pipefail + # To install a worker node, fill in and uncomment this line: + #export K8S_URL=https://lima-k8s:6443 K8S_TOKEN=xxx K8S_HASH=yyy + if [ -n "${K8S_TOKEN:-}" ]; then + # WORKER NODE + test -e /etc/kubernetes/kubelet.conf && exit 0 + kubeadm join "${K8S_URL##https://}" --token "${K8S_TOKEN}" \ + --discovery-token-ca-cert-hash "${K8S_HASH}" + exit 0 + fi + # CONTROL PLANE NODE test -e /etc/kubernetes/admin.conf && exit 0 export KUBECONFIG=/etc/kubernetes/admin.conf kubeadm config images list From bda88f286c104c48afb2615058b9697e7049b60a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Sun, 20 Nov 2022 17:33:30 +0100 Subject: [PATCH 2/4] Add shell commands for finding out the token MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Anders F Björklund --- examples/k3s.yaml | 2 ++ examples/k8s.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/examples/k3s.yaml b/examples/k3s.yaml index fb03e59d1fe..f54975db99b 100644 --- a/examples/k3s.yaml +++ b/examples/k3s.yaml @@ -42,6 +42,8 @@ provision: #!/bin/sh # To install a worker node, fill in and uncomment this line: #export K3S_URL=https://lima-k3s:6443 K3S_TOKEN=xxx + # To get the token to use for the variable, run this command: + # $ limactl shell k3s sudo cat /var/lib/rancher/k3s/server/node-token curl -sfL https://get.k3s.io | sh - probes: diff --git a/examples/k8s.yaml b/examples/k8s.yaml index 5141607b26c..fed2e0f10cc 100644 --- a/examples/k8s.yaml +++ b/examples/k8s.yaml @@ -98,6 +98,8 @@ provision: set -eux -o pipefail # To install a worker node, fill in and uncomment this line: #export K8S_URL=https://lima-k8s:6443 K8S_TOKEN=xxx K8S_HASH=yyy + # To get the token/hash to use for the variables, run this command: + # $ limactl shell k8s sudo kubeadm token create --print-join-command if [ -n "${K8S_TOKEN:-}" ]; then # WORKER NODE test -e /etc/kubernetes/kubelet.conf && exit 0 From 4132d45750ebde9abcfef66d66679aa210b64c18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Sun, 25 Dec 2022 14:24:28 +0100 Subject: [PATCH 3/4] Make the k3s and k8s more similar in layout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Anders F Björklund --- examples/k8s.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/examples/k8s.yaml b/examples/k8s.yaml index fed2e0f10cc..c731c10cbc6 100644 --- a/examples/k8s.yaml +++ b/examples/k8s.yaml @@ -1,7 +1,7 @@ # Deploy kubernetes via kubeadm. # $ limactl start ./k8s.yaml # $ limactl shell k8s sudo kubectl - +# # It can be accessed from the host by exporting the kubeconfig file; # the ports are already forwarded automatically by lima: # @@ -10,8 +10,9 @@ # $ kubectl get no # NAME STATUS ROLES AGE VERSION # lima-k8s Ready control-plane,master 44s v1.22.3 - +# # This example requires Lima v0.7.0 or later. + images: # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months. - location: "https://cloud-images.ubuntu.com/releases/22.04/release-20221201/ubuntu-22.04-server-cloudimg-amd64.img" @@ -29,9 +30,11 @@ images: # Mounts are disabled in this example, but can be enabled optionally. mounts: [] + containerd: system: true user: false + provision: # See - mode: system @@ -138,6 +141,7 @@ provision: kubectl taint nodes --all node-role.kubernetes.io/control-plane- sed -e "s/${LIMA_CIDATA_SLIRP_IP_ADDRESS:-192.168.5.15}/127.0.0.1/" -i $KUBECONFIG mkdir -p ${HOME:-/root}/.kube && cp -f $KUBECONFIG ${HOME:-/root}/.kube/config + probes: - description: "kubeadm to be installed" script: | From 335b6b2dceec3c4c65a30e2d67f4bd55704f2141 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Sun, 25 Dec 2022 14:22:46 +0100 Subject: [PATCH 4/4] Show warning about extra guest network needed MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Anders F Björklund --- examples/k3s.yaml | 2 ++ examples/k8s.yaml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/examples/k3s.yaml b/examples/k3s.yaml index f54975db99b..bb77c1cd616 100644 --- a/examples/k3s.yaml +++ b/examples/k3s.yaml @@ -12,6 +12,8 @@ # lima-k3s Ready control-plane,master 69s v1.21.1+k3s1 # # This example requires Lima v0.7.0 or later. +# To be able to join worker nodes, an extra network needs to be set up. +# The default network is only visible from the host, not other guests. images: # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months. diff --git a/examples/k8s.yaml b/examples/k8s.yaml index c731c10cbc6..62d6b7d8e5a 100644 --- a/examples/k8s.yaml +++ b/examples/k8s.yaml @@ -12,6 +12,8 @@ # lima-k8s Ready control-plane,master 44s v1.22.3 # # This example requires Lima v0.7.0 or later. +# To be able to join worker nodes, an extra network needs to be set up. +# The default network is only visible from the host, not other guests. images: # Try to use release-yyyyMMdd image if available. Note that release-yyyyMMdd will be removed after several months.