This is a guide on adding a new raspberry pi node to your k3s managed kubernetes cluster.
sudo dd if=/path/to/raspberryPiOS.img of=/dev/sdX bs=4M conv=fsync(where /dev/sdX is the SD card device)
sudo mount /dev/sdX /mnt/sdcard(
/mnt/sdcardcan be any empty directory)
sudo touch /mnt/sdcard/ssh
sudo umount /mnt/sdcard
ssh pi@raspberrypipassword is "raspberry"
sudo apt update && sudo apt upgrade -y && sudo apt install -y vim curlAlthough
vimisn't strictly necessary and
curlis on the image by default, I like vim and we'll use curl later so better to make sure it's already there.
sudo useradd -m -G adm,dialout,cdrom,sudo,audio,video,plugdev,games,users,input,netdev,gpio,i2c,spi jeff
adm,dialout,cdrom,sudo,audio,video,plugdev,games,users,input,netdev,gpio,i2c,spiare groups that you are adding your user to. The only super important one is probably
sudo. This is the list that the default
piuser starts in so might as well.
.sshdirectory so you can get in to your user:
sudo -u jeff mkdir .ssh
sudo -u jeffhere so that it runs as the jeff user and makes
jeffthe owner by default
sudo -u jeff curl https://github.com/ToxicGLaDOS.keys -o /home/jeff/.ssh/authorized_keysHere we curl the key down from a github account straight into the authorized_keys file. If your keys aren't on github you might
scpthem onto the pi.
/etc/hostnamefiles. This can be done manually or with some handy
sudo sed -i s/raspberrypi/myHostname/g /etc/hosts
sudo sed -i s/raspberrypi/myHostname/g /etc/hostname
/etc/ssh/sshd_configand edit the line that says
#PasswordAuthentication yesso it says
PasswordAuthentication no. If this line doesn't exist add the
sudo sed -i s/#PasswordAuthentication\ yes/PasswordAuthentication\ no/g /etc/ssh/sshd_config
echo 'jeff ALL=(ALL) NOPASSWD:ALL' | sudo tee -a /etc/sudoersThis is a little dangerous, because if your account on the machine gets comprimised then an attacker could run any program as root :(. Also if you fail to give yourself passwordless
sudoaccess and restart the pi you can end up being unable to
sudoat all which means you can't access
/etc/sudoersto give yourself
sudoaccess... So you might end up having to re-imaging the SD card cause you're boned. Not that that has happened to me of course... :(
sudo userdel -r pi
curl -sfL https://get.k3s.io | K3S_URL=https://masterNodeHostname:6443 K3S_TOKEN=yourToken sh -This pulls down a script provided by k3s and runs it so maybe check to make sure k3s is still up and reputable. Make sure to replace masterNodeHostname and yourToken with your values. masterNodeHostname is the hostname of the master node in your cluster (probably the first one you set up), in my case it's
raspberry0. yourToken is an access token used to authenticate to your master node. It can be found on your master node in the
/var/lib/rancher/k3s/server/node-tokenfile. Read more at k3s.io.
That's basically it!