Mastodon on K3s:

  1. Part 1, the Hardware.
  2. Part 2, the Software.
  3. Part 3, the Installation.

Architecture

As I mentioned in my previous post, I'll install K3s on a 3 servers, one of these servers will be the server (manager) and the other two will be the agents, such architecture is the same as the one explained on the Single-server Setup with Embedded DB section in K3s docs (the following image is taken from the docs).

This architecture may not be the best one, as for example if the server node went down everything will stop working, but in our case it is more than enough.

If you care more about high-availability you can check the "High-Availability K3s Server with an External DB" section in the docs.

Operating System

"K3s is expected to work on most modern Linux systems", and in our case I'll assume that you are on Ubuntu 22.04, but if you decided to use other operating systems you need to check the OSs specific requirements.

  • If you are using (Red Hat/CentOS) Enterprise Linux, follow these steps for additional setup.
  • If you are using Raspberry Pi OS, follow these steps to switch to legacy iptables.

It is also preferable that all your nodes are running the same system/version/setup to make sure you don't face any special cases on some nodes while others working without any problem.

Networking

K3s server needs port 6443 to be open, or at lease accessible by all nodes, so you can for example open it only between the nodes while also disable it from the whole internet.

You need to make sure to open the following ports on your cluster:

ProtocolPortSourceDestinationDescription
TCP2379-2380ServersServersRequired only for HA with embedded etcd
TCP6443AgentsServersK3s supervisor and Kubernetes API Server
UDP8472All nodesAll nodesRequired only for Flannel VXLAN
TCP10250All nodesAll nodesKubelet metrics
UDP51820All nodesAll nodesRequired only for Flannel Wireguard with IPv4
UDP51821All nodesAll nodesRequired only for Flannel Wireguard with IPv6

You should have a look at the networking docs to be familiar with everything needed, and in case they change anything in the future.

Installation

Installing K3s Server

I have already talked about installing K3s on RPI, the steps are the same except that you are not required to edit any boot files, but the commands are the same

curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=latest sh -s - --write-kubeconfig-mode 644

Now, before we jump to install the agents, we need to make sure to write down the server token, which can be found inside the following file:

sudo cat /var/lib/rancher/k3s/server/node-token

Installing the Agents

You already have the Token and you already know the IP of the K3s server, all you have to do is to run the following command:

curl -sfL https://get.k3s.io | INSTALL_K3S_CHANNEL=latest K3S_URL=https://192.168.68.110:6443 K3S_TOKEN=<REPLACE_WITH_YOUR_TOKEN> sh -

Validating your Setup

From your server node you can run the following command

$ kubectel get nodes

NAME       STATUS   ROLES                  AGE   VERSION
worker-1   Ready    <none>                 1h    v1.25.4+k3s1
worker-2   Ready    <none>                 1h    v1.25.4+k3s1
master     Ready    control-plane,master   1h    v1.25.4+k3s1

Setting up Lens/OpenLens

Once you downloaded OpenLens you can add the cluster configuration to it so you can manage it, but first you need to make sure that you ssh into your K3s server node, not the agents, and you can read the following file:

sudo cat /etc/rancher/k3s/k3s.yaml

Once you copied all the configuration, open OpenLens and in the welcome page click on "Browse Clusters in Catalog" then in the bottom right, hover over the plus sign and choose "Add from kubeconfig" from the list.

You will be presented with an editor that you can past the content of the k3s.yaml file in it, once you are done and before clicking "Add clusters", remember to change the IP address from server: https://127.0.0.1:6443 to your server ip address once you changed the IP click "Add Clusters" and we are done for now.