Awasu » 2024 » April
Friday 5th April 2024 8:52 PM [Tutorial]

For quite a few years, I've had a Raspberry Pi sitting on my local network, running a bunch of Docker'ized applications. It's managed by a bunch of shell scripts, and while it works, it's a bit hacky[1]The rPi also struggles a bit sometimes, since one of the things I run is Sonatype Nexus, and "pig for memory, runs like a dog" doesn't even begin to describe it :-| , and I've had a long-standing item on my to-do list to be a Big Boy and Do Things Properly i.e. run it all on Kubernetes :-|

My workload is nowhere near big enough to warrant a full Kubernetes cluster, so I'll be using K3s, which is intended for smaller workloads, and for extra style and difficulty points, I'll be running it on Fedora CoreOS, a minimal OS designed for running container workloads. In particular, it's immutable, so you don't e.g. apply updates and install new packages, you blow the whole thing away and replace it with a new image.

There are any number of tutorials out there on the intarwebs for setting up both K3s and CoreOS, but it's a pretty trivial process. However, the devil is, as always, in the details[2]AKA it's always DNS SELinux :-| , and since there are quite a few niggling issues when setting up a usable server, I've documented the whole process here. It's relatively straight-forward once you've figured out how things work; the tricky thing is, of course, figuring out how things work :-|

Tutorial index

  1. In which we set up the server
  2. In which we install CoreOS
  3. In which we install K3s
  4. In which we deploy a demo app
  5. In which we set up the Traefik dashboard
  6. In which we enable TLS for our demo app
  7. In which we enable SSH access into our demo container
  8. In which we install Open VM Tools into CoreOS
  9. In which we (don't) install other extra packages and tools into CoreOS
  10. In which we don't fix the problem of slow shutdowns :-|
  11. In which we also don't configure the firewall :-|
  12. Odds and ends.

If you liked this tutorial, there's another one here about setting up a bare-metal K8s cluster.

References

References
1 The rPi also struggles a bit sometimes, since one of the things I run is Sonatype Nexus, and "pig for memory, runs like a dog" doesn't even begin to describe it :-|
2 AKA it's always DNS SELinux :-|