Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #223 from dominictayloruk/docker-fix

Browse Source 
Update docker-compose for v0.2.0, add agent docker-compose, update re…
This commit is contained in:
Darren Shepherd 2019-03-20 10:26:56 -07:00 committed by GitHub
commit cd1339b742
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 44 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
README.md
View File

@ -28,19 +28,19 @@ k3s is intended to be a fully compliant Kubernetes distribution with the followi
* CoreDNS
* CNI
* Host utilities (iptables, socat, etc)
Quick start
-----------
1. Download `k3s` from latest [release](https://github.com/rancher/k3s/releases/latest), x86_64, armhf, and arm64 are
supported
2. Run server
2. Run server
```bash
sudo k3s server &
# Kubeconfig is written to /etc/rancher/k3s/k3s.yaml
sudo k3s kubectl get node
# On a different node run the below. NODE_TOKEN comes from /var/lib/rancher/k3s/server/node-token
# On a different node run the below. NODE_TOKEN comes from /var/lib/rancher/k3s/server/node-token
# on your server
sudo k3s agent --server https://myserver:6443 --token ${NODE_TOKEN}
@ -57,15 +57,15 @@ You should get an output similar to
```
INFO[2019-01-22T15:16:19.908493986-07:00] Starting k3s dev
INFO[2019-01-22T15:16:19.908934479-07:00] Running kube-apiserver --allow-privileged=true --authorization-mode Node,RBAC --service-account-signing-key-file /var/lib/rancher/k3s/server/tls/service.key --service-cluster-ip-range 10.43.0.0/16 --advertise-port 6445 --advertise-address 127.0.0.1 --insecure-port 0 --secure-port 6444 --bind-address 127.0.0.1 --tls-cert-file /var/lib/rancher/k3s/server/tls/localhost.crt --tls-private-key-file /var/lib/rancher/k3s/server/tls/localhost.key --service-account-key-file /var/lib/rancher/k3s/server/tls/service.key --service-account-issuer k3s --api-audiences unknown --basic-auth-file /var/lib/rancher/k3s/server/cred/passwd --kubelet-client-certificate /var/lib/rancher/k3s/server/tls/token-node.crt --kubelet-client-key /var/lib/rancher/k3s/server/tls/token-node.key
INFO[2019-01-22T15:16:19.908934479-07:00] Running kube-apiserver --allow-privileged=true --authorization-mode Node,RBAC --service-account-signing-key-file /var/lib/rancher/k3s/server/tls/service.key --service-cluster-ip-range 10.43.0.0/16 --advertise-port 6445 --advertise-address 127.0.0.1 --insecure-port 0 --secure-port 6444 --bind-address 127.0.0.1 --tls-cert-file /var/lib/rancher/k3s/server/tls/localhost.crt --tls-private-key-file /var/lib/rancher/k3s/server/tls/localhost.key --service-account-key-file /var/lib/rancher/k3s/server/tls/service.key --service-account-issuer k3s --api-audiences unknown --basic-auth-file /var/lib/rancher/k3s/server/cred/passwd --kubelet-client-certificate /var/lib/rancher/k3s/server/tls/token-node.crt --kubelet-client-key /var/lib/rancher/k3s/server/tls/token-node.key
Flag --insecure-port has been deprecated, This flag will be removed in a future version.
INFO[2019-01-22T15:16:20.196766005-07:00] Running kube-scheduler --kubeconfig /var/lib/rancher/k3s/server/cred/kubeconfig-system.yaml --port 0 --secure-port 0 --leader-elect=false
INFO[2019-01-22T15:16:20.196880841-07:00] Running kube-controller-manager --kubeconfig /var/lib/rancher/k3s/server/cred/kubeconfig-system.yaml --service-account-private-key-file /var/lib/rancher/k3s/server/tls/service.key --allocate-node-cidrs --cluster-cidr 10.42.0.0/16 --root-ca-file /var/lib/rancher/k3s/server/tls/token-ca.crt --port 0 --secure-port 0 --leader-elect=false
INFO[2019-01-22T15:16:20.196766005-07:00] Running kube-scheduler --kubeconfig /var/lib/rancher/k3s/server/cred/kubeconfig-system.yaml --port 0 --secure-port 0 --leader-elect=false
INFO[2019-01-22T15:16:20.196880841-07:00] Running kube-controller-manager --kubeconfig /var/lib/rancher/k3s/server/cred/kubeconfig-system.yaml --service-account-private-key-file /var/lib/rancher/k3s/server/tls/service.key --allocate-node-cidrs --cluster-cidr 10.42.0.0/16 --root-ca-file /var/lib/rancher/k3s/server/tls/token-ca.crt --port 0 --secure-port 0 --leader-elect=false
Flag --port has been deprecated, see --secure-port instead.
INFO[2019-01-22T15:16:20.273441984-07:00] Listening on :6443
INFO[2019-01-22T15:16:20.278383446-07:00] Writing manifest: /var/lib/rancher/k3s/server/manifests/coredns.yaml
INFO[2019-01-22T15:16:20.474454524-07:00] Node token is available at /var/lib/rancher/k3s/server/node-token
INFO[2019-01-22T15:16:20.474471391-07:00] To join node to cluster: k3s agent -s https://10.20.0.3:6443 -t ${NODE_TOKEN}
INFO[2019-01-22T15:16:20.278383446-07:00] Writing manifest: /var/lib/rancher/k3s/server/manifests/coredns.yaml
INFO[2019-01-22T15:16:20.474454524-07:00] Node token is available at /var/lib/rancher/k3s/server/node-token
INFO[2019-01-22T15:16:20.474471391-07:00] To join node to cluster: k3s agent -s https://10.20.0.3:6443 -t ${NODE_TOKEN}
INFO[2019-01-22T15:16:20.541027133-07:00] Wrote kubeconfig /etc/rancher/k3s/k3s.yaml
INFO[2019-01-22T15:16:20.541049100-07:00] Run: k3s kubectl
```
@ -76,7 +76,7 @@ that the control plane be part of the cluster. To not run the agent by default
flag
k3s server --disable-agent
At this point, you can run the agent as a separate process or not run it on this node at all.
Joining nodes
@ -86,7 +86,7 @@ When the server starts it creates a file `/var/lib/rancher/k3s/server/node-token
of that file as `NODE_TOKEN` and then run the agent as follows
k3s agent --server https://myserver:6443 --token ${NODE_TOKEN}
That's it.
Accessing cluster from outside
@ -122,7 +122,7 @@ Building from source
The clone will be much faster on this repo if you do
git clone --depth 1 https://github.com/rancher/k3s.git
This repo includes all of Kubernetes history so `--depth 1` will avoid most of that.
For development, you just need go 1.11 and a sane GOPATH. To compile the binaries run
@ -177,7 +177,7 @@ Server HA
---------
Just don't right now :) It's currently broken.
Running in Docker (and docker-compose)
-----------------
@ -188,13 +188,20 @@ serves as an example of how to run k3s from Docker. To run from `docker-compose
docker-compose up --scale node=3
# kubeconfig is written to current dir
kubectl --kubeconfig kubeconfig.yaml get node
NAME STATUS ROLES AGE VERSION
497278a2d6a2 Ready <none> 11s v1.13.2-k3s2
d54c8b17c055 Ready <none> 11s v1.13.2-k3s2
db7a5a5a5bdd Ready <none> 12s v1.13.2-k3s2
To run the agent only in Docker use the following `docker-compose-agent.yml` is in the root of this repo that
serves as an example of how to run k3s agent from Docker. Alternatively the Docker run command can also be used;
sudo docker run -d --tmpfs /run --tmpfs /var/run -e K3S_URL=${SERVER_URL} -e K3S_TOKEN=${NODE_TOKEN} --privileged rancher/k3s:v0.2.0
sudo docker run -d --tmpfs /run --tmpfs /var/run -e K3S_URL=https://k3s.example.com:6443 -e K3S_TOKEN=K13849a67fc385fd3c0fa6133a8649d9e717b0258b3b09c87ffc33dae362c12d8c0::node:2e373dca319a0525745fd8b3d8120d9c --privileged rancher/k3s:v0.2.0
Hyperkube
--------
@ -202,7 +209,7 @@ k3s is bundled in a nice wrapper to remove the majority of the headache of runni
you don't want that wrapper and just want a smaller k8s distro, the releases includes
the `hyperkube` binary you can use. It's then up to you to know how to use `hyperkube`. If
you want individual binaries you will need to compile them yourself from source
containerd and Docker
----------
@ -211,7 +218,7 @@ run with Docker first stop and think, "Really? Do I really want more headache?"
yes then you just need to run the agent with the `--docker` flag
k3s agent -s ${SERVER_URL} -t ${NODE_TOKEN} --docker &
systemd
-------
@ -252,7 +259,7 @@ curl -sfL https://get.k3s.io | INSTALL_K3S_VERSION=vX.Y.Z-rc1 sh -
```
To install just the server without an agent we can add a `INSTALL_K3S_EXEC`
environment variable to the command:
environment variable to the command:
```sh
curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="--disable-agent" sh -
```
@ -335,7 +342,7 @@ Flannel
Flannel is included by default, if you don't want flannel then run the agent with `--no-flannel` as follows
k3s agent -u ${SERVER_URL} -t ${NODE_TOKEN} --no-flannel &
In this setup you will still be required to install your own CNI driver. More info [here](https://kubernetes.io/docs/setup/independent/create-cluster-kubeadm/#pod-network)
CoreDNS
@ -344,7 +351,7 @@ CoreDNS
CoreDNS is deployed on start of the agent, to disable add `--no-deploy coredns` to the server
k3s server --no-deploy coredns
If you don't install CoreDNS you will need to install a cluster DNS provider yourself.
Traefik

13
docker-compose-agent.yml Normal file
View File

@ -0,0 +1,13 @@
version: '3'
services:
node:
image: rancher/k3s:v0.2.0
tmpfs:
- /run
- /var/run
privileged: true
environment:
- K3S_URL=https://server:6443
- K3S_CLUSTER_SECRET=somethingtotallyrandom
# Can also use K3S_TOKEN from /var/lib/rancher/k3s/server/node-token instead of K3S_CLUSTER_SECRET
#- K3S_TOKEN=K13849a67fc385fd3c0fa6133a8649d9e717b0258b3b09c87ffc33dae362c12d8c0::node:2e373dca319a0525745fd8b3d8120d9c

6
docker-compose.yml
View File

@ -1,7 +1,7 @@
version: '3'
services:
server:
image: rancher/k3s:v0.1.0
image: rancher/k3s:v0.2.0
command: server --disable-agent
environment:
- K3S_CLUSTER_SECRET=somethingtotallyrandom
@ -15,7 +15,7 @@ services:
- 6443:6443
node:
image: rancher/k3s:v0.1.0
image: rancher/k3s:v0.2.0
tmpfs:
- /run
- /var/run
@ -23,6 +23,8 @@ services:
environment:
- K3S_URL=https://server:6443
- K3S_CLUSTER_SECRET=somethingtotallyrandom
# Can also use K3S_TOKEN from /var/lib/rancher/k3s/server/node-token instead of K3S_CLUSTER_SECRET
#- K3S_TOKEN=K13849a67fc385fd3c0fa6133a8649d9e717b0258b3b09c87ffc33dae362c12d8c0::node:2e373dca319a0525745fd8b3d8120d9c
volumes:
k3s-server: {}