Installing Kubernetes Cluster with Rancher and MetalLB

Initialize cluster on master node

curl -sfL https://get.k3s.io | sh -s - server k3s server --cluster-init --node-taint CriticalAddonsOnly=true:NoExecute --tls-san [K3S IP] --disable servicelb --disable traefik

a K3S TOKEN should be generated and presented in the console, take note of it
a SERVER TOKEN is also generated and stored in /var/lib/rancher/k3s/server/node-token

Add additional masters

curl -sfL https://get.k3s.io | K3S_URL=https://[K3S IP]:6443 K3S_TOKEN=[Token] sh -s - server --node-taint CriticalAddonsOnly=true:NoExecute --tls-san [K3S IP] --server https://[This node's IP address]:6443 --disable servicelb --disable traefik

Add additional agents

curl -sfL https://get.k3s.io | K3S_URL=https://[K3S IP]:6443 K3S_TOKEN=[K3S TOKEN]::server:[SERVER TOKEN] sh -

Install Helm

curl https://baltocdn.com/helm/signing.asc | sudo apt-key add -
sudo apt-get install apt-transport-https --yes
echo "deb https://baltocdn.com/helm/stable/debian/ all main" | sudo tee /etc/apt/sources.list.d/helm-stable-debian.list
sudo apt-get update
sudo apt-get install helm

Add KUBECONFIG environment variable

Add the following environment variable on the masters.

export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

looking into adding this to the k3s.env file. I had issues with longhorn without this due to the different OS’s i’m running.

export K3S_RESOLV_CONF=/etc/resolv.conf

Add Helm repos

helm repo add metallb https://metallb.github.io/metallb
helm repo add traefik https://helm.traefik.io/traefik
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
helm repo add jetstack https://charts.jetstack.io
helm repo update

Create a metallb.yaml file

Create a config file named metallb.yaml

configInline:
  address-pools:
   - name: default
     protocol: layer2
     addresses:
     - [start IP]-[last IP]

Then configure metallb to use the config file

helm install metallb metallb/metallb -f metallb.yaml

Install Traefik

helm install traefik traefik/traefik

Install Cert Manager

kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.5.1/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager \
  --namespace cert-manager \
  --create-namespace \
  --version v1.5.1

Check cert-manager rollout

kubectl get pods --namespace cert-manager

Install Rancher

kubectl create namespace cattle-system
helm install rancher rancher-latest/rancher \
  --namespace cattle-system \
  --set hostname=kube.jermanoid.com \
  --set replicas=3
    --set ingress.enabled=false

Check Rancher rollout

kubectl -n cattle-system rollout status deploy/rancher

Expose rancher deployment on port 443 with metalLB

kubectl expose deployment rancher -n cattle-system --type=LoadBalancer --name=rancher-lb --port=443

If you’re having issues. Revert to iptables-legacy on all proxmox (or all?) hosts, as it fixes some internal issues
source: https://github.com/longhorn/longhorn/issues/956

update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
update-alternatives --set arptables /usr/sbin/arptables-legacy
update-alternatives --set ebtables /usr/sbin/ebtables-legacy

Initialize cluster on master node#

Add additional masters#

Add additional agents#

Install Helm#

Add KUBECONFIG environment variable#

Add Helm repos#

Create a metallb.yaml file#

Install Traefik#

Install Cert Manager#

Check cert-manager rollout#

Install Rancher#

Expose rancher deployment on port 443 with metalLB#