|
|
@ -141,7 +141,7 @@ wsrep_on = on
|
|
|
|
wsrep_provider = /usr/lib/galera/libgalera_smm.so
|
|
|
|
wsrep_provider = /usr/lib/galera/libgalera_smm.so
|
|
|
|
wsrep_cluster_address = gcomm://10.128.1.17,10.128.1.18,10.128.1.19
|
|
|
|
wsrep_cluster_address = gcomm://10.128.1.17,10.128.1.18,10.128.1.19
|
|
|
|
wsrep_cluster_name = k3s_cluster_0
|
|
|
|
wsrep_cluster_name = k3s_cluster_0
|
|
|
|
wsrep_provider_options="gcache.size = 512M"
|
|
|
|
wsrep_provider_options="gcache.size=512M"
|
|
|
|
wsrep_sst_method = mariabackup
|
|
|
|
wsrep_sst_method = mariabackup
|
|
|
|
wsrep_sst_auth = root:SuperSecretRootPassword
|
|
|
|
wsrep_sst_auth = root:SuperSecretRootPassword
|
|
|
|
|
|
|
|
|
|
|
@ -211,7 +211,7 @@ GRANT ALL PRIVILEGES ON `k3s`.* TO 'k3s'@'%' IDENTIFIED BY '<superSecret>';
|
|
|
|
Install k3s one each nodes, one after another:
|
|
|
|
Install k3s one each nodes, one after another:
|
|
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
```bash
|
|
|
|
curl -sfL https://get.k3s.io | sh -s - server --datastore-endpoint="mysql://k3s:<superSecret>@tcp(localhost:3306)/k3s" --no-deploy servicelb
|
|
|
|
curl -sfL https://get.k3s.io | sh -s - server --datastore-endpoint="mysql://k3s:<superSecret>@tcp(localhost:3306)/k3s" --no-deploy servicelb --no-deploy nginx
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
Check the nodes after.
|
|
|
|
Check the nodes after.
|
|
|
@ -298,12 +298,20 @@ cert-manager-cainjector-6659d6844d-zrr5h 1/1 Running 0 54s
|
|
|
|
cert-manager-webhook-547567b88f-ptrlg 1/1 Running 0 54s
|
|
|
|
cert-manager-webhook-547567b88f-ptrlg 1/1 Running 0 54s
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#### Install Nginx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
|
|
|
helm install nginx-ingress stable/nginx-ingress --namespace kube-system \
|
|
|
|
|
|
|
|
--set controller.image.runAsUser=101 \
|
|
|
|
|
|
|
|
--set defaultBackend.enabled=false
|
|
|
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
#### Install Rancher
|
|
|
|
#### Install Rancher
|
|
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
```bash
|
|
|
|
helm repo add rancher-latest https://releases.rancher.com/server-charts/latest
|
|
|
|
helm repo add rancher-stable https://releases.rancher.com/server-charts/stable
|
|
|
|
kubectl create namespace cattle-system
|
|
|
|
kubectl create namespace cattle-system
|
|
|
|
helm install rancher-latest/rancher \
|
|
|
|
helm install rancher-stable/rancher \
|
|
|
|
--name rancher \
|
|
|
|
--name rancher \
|
|
|
|
--namespace cattle-system \
|
|
|
|
--namespace cattle-system \
|
|
|
|
--set hostname=rancher.example.org \
|
|
|
|
--set hostname=rancher.example.org \
|
|
|
@ -357,7 +365,8 @@ Here the IP is 10.128.3.1 i forward HTTP (80) and HTTPS (443) to it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Wait for the Let's Encrypt Cert
|
|
|
|
Wait for the Let's Encrypt Cert
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
$ kubectl -n cattle-system describe certificate
|
|
|
|
$ kubectl -n cattle-system describe certificate
|
|
|
|
Name: tls-rancher-ingress
|
|
|
|
Name: tls-rancher-ingress
|
|
|
|
Namespace: cattle-system
|
|
|
|
Namespace: cattle-system
|
|
|
|