First Answer

Setting up a Kubernetes cluster with k3s using two physical machines (with one VM for the master node and two VMs for worker nodes) on Alpine Linux is a great way to create a lightweight and efficient home lab environment. Below are the recommended settings and steps to achieve this setup, including disabling IPv6, using an existing NFS server, and deploying applications like Nextcloud, Vaultwarden, Paperless-ngx, Bookstack, and more.

1. Physical Machine Setup

• Physical Machine 1 (Master Node):

  • VM1: Master Node (1 vCPU, 4GB RAM, 50GB Storage)
  • Existing NFS server for shared storage.

• Physical Machine 2 (Worker Nodes):

  • VM2: Worker Node 1 (1 vCPU, 4GB RAM, 50GB Storage)
  • VM3: Worker Node 2 (1 vCPU, 4GB RAM, 50GB Storage)

2. Alpine Linux Configuration

• Use Alpine Linux 3.18 or later for both master and worker nodes.
• Install the necessary packages on all nodes:
  Copy

  apk update && apk add docker/containerd

• Enable and start Docker/Containerd:
  Copy

  systemctl enable containerd && systemctl start containerd

3. Kubernetes Cluster Setup with k3s

3.1. Master Node Setup

• Install k3s on the master node:
  Copy

  curl -sfL https://get.k3s.io | sh -

• Verify the installation:
  Copy

  kubectl get nodes

3.2. Worker Node Setup

• On each worker node, install k3s and join it to the cluster:
  Copy

  curl -sfL https://get.k3s.io | K3S_URL=https://<master-node-IP>:6443 K3S_TOKEN=<token> sh -

  Replace <master-node-IP> with the master node's IP and <token> with the token from the master node.

4. Network Configuration

• Disable IPv6 on all nodes (as requested):
  Copy

  echo "net.ipv6.conf.all.disable_ipv6 = 1" >> /etc/sysctl.conf
  sysctl -p

• Configure the Kubernetes network:
  • Use Calico or Flannel for networking.
  • Install Flannel (recommended for simplicity):
    Copy

    kubectl apply -f https://raw.githubusercontent.com/k8s Florida/k8s/flannel/kube-flannel.yml

5. Storage Configuration

• Use the existing NFS server on Physical Machine 1:
  • Mount the NFS share on the master node:
    Copy

    mount -t nfs <nfs-server-ip>:/path/to/export /mnt/nfs

  • Configure PersistentVolumes (PVs) and PersistentVolumeClaims (PVCs) in Kubernetes to use the NFS share:
    Copy

    apiVersion: v1
    kind: PersistentVolume
    metadata:
      name: nfs-pv
    spec:
      storageClassName: manual
      capacity:
        storage: 100Gi
      accessModes:
        - ReadWriteMany
      nfs:
        server: <nfs-server-ip>
        path: /path/to/export

6. Application Deployment

• Deploy applications like Nextcloud, Vaultwarden, Paperless-ngx, Bookstack, etc., as Kubernetes Deployments or StatefulSets with appropriate PVCs.

6.1. Example: Nextcloud Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nextcloud
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nextcloud
  template:
    metadata:
      labels:
        app: nextcloud
    spec:
      containers:
        - name: nextcloud
          image: nextcloud:23
          ports:
            - containerPort: 80
          volumeMounts:
            - mountPath: /var/www/html
              name: nextcloud-storage
      volumes:
        - name: nextcloud-storage
          persistentVolumeClaim:
            claimName: nextcloud-pvc

7. Monitoring and Dashboard

• Install Prometheus and Grafana for monitoring:

  Copy

  helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
  helm repo update
  helm install prometheus(prometheus-community/prometheus)
  helm install grafana grafana/grafana

• Use the k3s dashboard for cluster management:

  Copy

  k3s kubectl proxy

  Access the dashboard at http://localhost:8001/api/v1/namespaces/kubernetes-dashboard/services/https:kubernetes-dashboard:/proxy/.

8. Security Configuration

• Authentication:
  • Enable Basic Authentication for Kubernetes API access.
  • Use a reverse proxy (e.g., Nginx) with HTTPS for secure access.
• Ingress Controller:
  • Install an Ingress controller (e.g., Nginx Ingress) to expose your applications securely.
    Copy

    helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
    helm repo update
    helm install ingress-ingress-nginx/ingress-nginx

9. Optional Enhancements

• Static IP Addresses: Assign static IPs to your VMs for consistency.
• Backup Solutions: Use tools like Velero for backing up your Kubernetes cluster.
• Ingress Controller with Cert-Manager: Automate SSL certificate issuance with Cert-Manager.

Final Notes

• Ensure your firewall rules and security groups allow traffic on the necessary ports (e.g., 6443 for Kubernetes API, 30000-32767 for node ports, etc.).
• Regularly monitor and update your Kubernetes components for security patches and improvements.

If you have any specific questions about the setup or need further assistance, feel free to ask!