High-level Introduction to K3s: A Lightweight Kubernetes Distribution
How to provide a self-hosted Kubernetes cluster with K3s
Nowadays, running Kubernetes environments locally is necessary and important for us as developers. They help us validate our application’s cloud compatibility. They let us run integration tests to check their reliability and interactions with other services. They are an excellent tool for our education. And using them we can evaluate specific technologies in a cluster environment.
Besides minikube and kind, K3s is a lightweight variant to run a Kubernetes cluster on a local environment or distributed systems.
What is K3s?
K3s was built by Rancher and is a lightweight Kubernetes distribution that is easy to handle and very simple. It is designed for situations where we might have limited computing resources: not a lot of CPU, not a lot of memory.
Such situations we can find when working with edge devices that are not centrally managed (our laptops, our mobile phones), IoT devices that are resource constrained, Continuous Integration Systems to spin up a temporary environment that mirrors our production cluster, local development environments to start a lightweight local cluster, or ARM and embedded devices.
K3s is packaged as a single <50MB binary that reduces the dependencies and steps needed to install, run and auto-update a production Kubernetes cluster. [K3s Website]
In addition, all dependencies and add-ons of K3s are packaged in a one single binary — so we do not need to install multiple components in separate steps. It provides some sensible secure defaults and automates complex cluster operations like the distribution of certificates.
Feature Summary
As described above, K3s has various features and advantages with regards to a Kubernetes setup:
- Uses half the memory of regular Kubernetes
- Has a single binary
- Instead of usual etcd K3s uses a sqlite-based storage backend (etcd3, MySQL, Postgres are also still available)
- Has packaged add-ons out of the box like local storage provider, service load balancer, a Helm controller, and the Traefik ingress controller
- Secure by default
K3s System Requirements
K3s has minimal system requirements:
- 512 MB RAM
- 1 CPU
- SSD (Solid State Disc) recommended
- OS like Ubuntu 16.04 or Raspian Buster
- Network port communication over 6443 via TCP (API Server), 8472 via UDP (Flannel VXLAN), and 10250 via TCP (Metrics Server)
- Running Docker instance
K3s Installation
K3s Server
K3s provides an installation script on their website. To install K3s on the main node we only need to download the binary and run it:
$ curl -sfL https://get.k3s.io | sh -There is a possibility to customize our installation with environment variables that we can find in the official documentation, like installation with an external or an internal database, metrics expose, etcd S3 backup, or TLS certification file definition.
$ curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=latest sh -After the installation we can check the readiness of our main node with the following command:
$ sudo kubectl get nodesNAME STATUS ROLES AGE VERSION
k3s-master Ready control-plane,master 42s v1.24
K3s Worker
To install some worker nodes that are connected to our server we need to run the K3s installation script on another system and supply the K3s server’s URL as well as a token to securely authenticate with the K3s server.
To get the token that is stored in /var/lib/rancher/k3s/server/node-token on the K3s server instance, we need to run the following command:
$ sudo cat /var/lib/rancher/k3s/server/node-tokenNow we need to copy the output and declare an environment variable with its value:
$ export K3S_SERVER_PRIVATE_IP="{{K3s server ip}}"
$ export NODE_TOKEN="{{copied token}}"
$ curl -sfL https://get.k3s.io | K3S_URL=https://$K3S_SERVER_PRIVATE_IP:6443 K3S_TOKEN=$NODE_TOKEN sh -After setting up the worker we can go back to our server and check if the master and the new worker are ready:
$ sudo kubectl get nodesNAME STATUS ROLES AGE VERSION
k3s-master Ready control-plane,master 51s v1.24
k3s-worker-1 Ready <none> 51s v1.24
k3s-worker-2 Ready <none> 51s v1.24
Cluster Access
To access the cluster from our local laptop we need to grab the kubeconfig file that is generated by K3s:
$ cat /etc/rancher/k3s/k3s.yamlIf this is our only cluster, we can simply replace the ~/.kube/config file on our computer with the one generated by K3s.
In some cases, we need to merge it with the one on our laptop when we have to manage other Kubernetes clusters that we already configured.
$ export KUBECONFIG=~/.kube/config:~/.kube/K3s/copied-config-file.yamlIn cases we want to use the cluster from the K3s server terminal, we need to allow other users to read the config file. By default, only the root user can read it. If we only use remote access, we do not need to set this up.
$ sudo groupadd k3s
$ sudo usermod -a -G k3s {{our_user}}
$ sudo chown root:k3s /etc/rancher/k3s/k3s.yaml
$ sudo chmod 740 /etc/rancher/k3s/k3s.yaml
$ kubectl get nodesConclusion
K3s is a simple, high performing tool that expands our possibilities to run local Kubernetes clusters. The biggest strength of K3s is that it can run Kubernetes for situations where we might have limited computing resources. In distributed systems important use cases are IOT environments or ARM areas (Raspberry Pi clusters). K3s is quick to install with its single binary and easy to maintain.
Thanks for reading! Follow me on Medium, or Twitter, or subscribe here on Medium to read more about DevOps, Agile & Development Principles, Angular, and other useful stuff. Happy Coding! :)
