Great video! Glad you found some use with the k3s version!

@Jims-Garage

Ай бұрын

Thanks, Tim. Your playbook is awesome, hope to emulate the functionality for RKE2.

Congratulations on one year milestone🎉 & deepest thanks for tremendously valuable content! 💎✌

@Jims-Garage

Ай бұрын

Thanks, really appreciate that

Happy anniversary Jim. It’s been an incredible year. Here’s to another fantastic year and growth 🎉

@Jims-Garage

Ай бұрын

Thank you! Appreciate the support.

Thanks Jim, great video and instructions. I have a Kubernetes cluster up and running on my first attempt - amazing. Would love to see a playbook installing Rancher and Longhorn.

@Jims-Garage

Ай бұрын

Thanks, I might get round to that soon. The scripts should still work.

"don't wanna compete with TechnoTim" - sips beer CraftComputing style :D

Nice work! Hope we can also see upgrading of kubernetes and components in your playbook soon.😊

I've just tested it with Debian 12, seems to be all ok. All nodes are up and running, VIP is replying to ping and MetalLB pods are all running 😄.

@Jims-Garage

Ай бұрын

Phew 😅 thanks for confirming

@elsammael

Ай бұрын

@@Jims-Garage Just one thing though: should the playbook use the kube-vip IP address instead of the Ip address of server 1 in .kube config (during the task change IP from local to server 1 IP)?

Congrats Jay on first year milestone celebration🥳🎉🥳🎉, deploying RKE2 with the longest video is a great way for this milestone.😉 Regarding the Kube VIP... Do i need it on a brand new environment? Is it mandatory? what is Kube VIP? I'll be happy to hear from you and understand this better. Wishing you all the best!

@Jims-Garage

Ай бұрын

It's a virtual IP, it's an IP address shared by all servers. It means you can connect to the VIP and any server can respond. That's why it's highly available.

@nahum35

Ай бұрын

Thanks 😊

@jim you need to find a way to add a galaxy.yml file to your roles (or reploy it to the official galaxy servers). k8s deployment is always part of some "bigger" thing, where your scripts are just one part. I did that for Tims k3s roles. In the real world you need to install VMs / prepare the bare metal systems - and after - k8s is installed, you need to install more stuff. If you want to be your part the "middle thing" that is used be a lot of people - add the galaxy :)

@Jims-Garage

Ай бұрын

Thanks, I will certainly look into that (my dev skills are a little rusty though!).

Great stuff! Lot of effort clearly went into this.

@Jims-Garage

Ай бұрын

Thanks a ton! Yes, took quite a while!

This is likely going to be a legendary video so I sought to comment in case it turns top comment :D Kubernetes ftw!! goooo jim!! :')

@Jims-Garage

Ай бұрын

Haha, thanks! I'm rooting for you...

You can supply your own cluster token if you wish, that way you don't have to wait for it to be created. It only creates a random token if you don't supply it

@Jims-Garage

Ай бұрын

Thanks, yes I am aware of that. Was wondering whether to add as a variable or not. In the end decided not to as it means it'll be strong by default. Guess I could add a check to see if the user supplied one and if not generate one.

I had some problems with the previous Rke2 script, glad you were talking about sync issues not being handled correctly before, this is pretty difficult stuff, hope it will work, will try tomorrow. 👍

@Jims-Garage

Ай бұрын

Great, fingers crossed 🤞

@rudypieplenbosch6752

Ай бұрын

@@Jims-Garage Hi Jim, there is something not right with these scripts, I have a cluster that works, but only 1 masternode is running and 2 workernodes. On the nodes that have not joined the cluster, seems Kubectl is not installed, when i try kubectl get nodes on them. At the end of your script it seems everything is ok, however two nodes have not been installed properly (running kubectl on them points me to install with apt..), seems some omission in your script that doesn't check for this installation status. I will try to find where this can happen, i tried deleting the two missing nodes and run yoir script again, the system ends up in the same state, no HA, only 1 masternode, kubectl doesn't run on 2 failing masternodes.

@Jims-Garage

Ай бұрын

@@rudypieplenbosch6752 kubectl doesn't run, it's a binary for executing commands against a cluster. It's installed on all nodes by default, I just didn't map it to the user space on mn2 and mn3. How long did you wait for 2&3 to show up? It can take a while. I'm unable to replicate your issue with the script, it works every time for me. Any more info on your setup would be useful. Perhaps pop into Discord.

@rudypieplenbosch6752

Ай бұрын

@@Jims-Garage Thanks for your answer. Yes, i meant the Kubectl binary is not installed on those two nodes (since using that command on those nodes, pointed towards "you can install Kubectl with..., standard linux info"). Ok, so i can fix this by mapping it to userspace on the two nodes that don't join ? I waited a very long time, more than an hour, there was no attempt from either pod to join the cluster. I can see a big download starts on both pods, after i deleted both pods and start with fresh clones and run your script again, but even after an hour i see no chsnge in the cluster, just 3 ready pods, 1 master, two worker pods. How do i map it to userspace ?

@Jims-Garage

Ай бұрын

@@rudypieplenbosch6752 look at the playbook, kubectl is downloaded as part of RKE2. I forget the location but it's there (playbook will show you). You can copy to /usr/local/bin and should be accessible to all with the right permissions.

Next series on talos? no need for ansible or the heavy os undeneath. Trying it out in my homelab now

@Jims-Garage

Ай бұрын

Thanks, yes, I've been playing with Talos. It's a great tool. Immutability is a blessing and a curse haha

Thanks Jim - great scripts worked on the first try. One remark: the folder tasks for prepare-nodes is missing - currently no preperation would be done (if just copying your folderstructure) Question: my ubuntu typically has no iptables installed but without rke is not running (at least I get error messages) - so why not just install iptables as prepare step. If already there fine if not is is guaranteed to be there. Using Ubuntu 24.04 minimal cloud image. Hint: similar for qemu-guest-agent I would simply install it. But yes makes only sense in a qemu env.

@Jims-Garage

Ай бұрын

Thanks, you're the first to say it works haha. As mentioned I only tested on 23, 24 is quite broken so I'm avoiding it. On 23 it works without any other dependencies. I will look to add stuff to support other OS as required. A pr would be great 👍

@Ole-Endurance

Ай бұрын

@@Jims-Garage Happy to be the first :) Was perfect timing as I just used the script version and I anyway wanted to switch o ansible. Thanks again for your work. iptables I had to add also on ubuntu 22 minimal. 24 is of course super new but LTS, so I will slowly move to it. Might create a PR but - honestly need to figure out how first :) - last time I used version control system is maaaannnnyy years back.

@Ole-Endurance

Ай бұрын

@@Jims-Garage Did another test on a different hardware platform (first was on i9 with NVME now DL380 with lots of RAM but spinning disks - also CPU (E5-2640) is single threaded slow compared to a i9). Randomly not working :(, most likely due to high iowait. Maybe it makes sense to have at least the first master completely ready before spinning up the other nodes. Could be also a good idea to add workers/masters later on using seperate ansible playbook. So start small and then grow as you need.

@Jims-Garage

Ай бұрын

@@Ole-Endurance thanks for the feedback. Interesting, it does wait for API, then server 1 to be ready before doing anything further. Can you paste some logs or output on discord?

well done, thanks for explain all the steps. Does the ansible spcript idempotence in the sense we can reexecute the script if something in the middle failed?

@Jims-Garage

Ай бұрын

Yes, I believe so but I need lots of testing.

Hi Bro can you please make a tutorial video explaining in a very simple way on writing a Ansible file. I am new to ansible & I am not from a programming background or DevOps so don't understand the indentation spacing's , Curly Brackets , Variables, loops etc when creating the Ansible

@jdratlif

Ай бұрын

He has a full play list on ansible. You're watching the most recent video in it. kzread.info/head/PLXHMZDvOn5sW-EXm2Ur5TroSatW-t0Vz_

@Jims-Garage

Ай бұрын

Thanks for linking

@Jims-Garage

Ай бұрын

Yes, I have a series on all of that.

hi there, I have a suggestion for a video. Could you give a definitive explanation of an scenario with the proper tools where rke2 can have security? I am on my way to have k8s with rke2 v1.28. I managed to have this running thanks to your videos and others: rke2 - metallb - longhorn - postgres-oprator - kong using postgres - Rancher. I am on my way to deploy knative for the serverless, and istio oc. I am using Ansible, Vagrant, Packer, plus MAAS to manage all of these. The thing is that I am missing the security stack and firewall. I have read about NeuVector, authentik, keycloak, stackrox, stig, wazuh, and Crowdsec. But to be honest I don't know where to start, and where to end. I need help from the pros to decide my security/firewall security for my staing and prod clusters. I think this would make a great video :)

@Jims-Garage

28 күн бұрын

Good questions and I have already covered most of this. I have videos on most of that stuff. I would start out with a firewall (Sophos XG is very simple, but OPNSense is more popular in homelabbing). Then put something like Traefik with Crowdsec. I would also put stuff on their vLANs, especially for internet facing things to create a virtual DMZ.

How were you able to successfully deploy Rancher on RKE2 1.29.4 if it is not compatible? Helm deploy failed as it was not compatible with 1.29.x. Thanks so much for this walkthrough!

@Jims-Garage

Ай бұрын

It was already installed on an earlier version then I upgraded the Kubernetes version (it works from what I can see but I don't recommend it).

@ctroyp

Ай бұрын

@@Jims-Garage Just noticed that tasks in the 'prepare-nodes' play are not being executed. HTH

Have you looked at Harvester, the bare metal OS that's made by the Rancher and Longhorn devs?

@Jims-Garage

Ай бұрын

I have, it's a cool technology but not something I want to run at home. Essentially Kubernetes in Kubernetes.

Hello, sorry coz maybe it sounds silly but about prerequisites, are you using 5 virtual machines? each of one has 4GB RAM and 4 cores? first time i see procmox i always use virtual box or vmware.

@Jims-Garage

13 күн бұрын

Correct, 5 VMs. Your choice of hypervisor shouldn't matter albeit I recommend Proxmox over virtual box. VMware is good, but costs for a licence, you'll see most people in the homelab space using Proxmox.

@dracula172

13 күн бұрын

@@Jims-Garage Thank you so much to answer! I know so little about this tecnologies, i dont know if i get this right, you create a node in each VM? i ve only worked with clusters inside of 1 VM, i create 2 o 3 nodes. If you could tell me in the simpliest way what you achieve using 5 VMs and with the playbook (english is not my first language 😅.

would it be possible to add a reset/destroy cluster playbook?

@Jims-Garage

17 күн бұрын

Good suggestion, something I'll consider for later. There's a script from rancher you can run anyway that ships with it.

Can you verify something for me please as I was having issues with the kernel parameters being applied. should the main.yaml file in Ansible/Playbooks/RKE2/roles/prepare-nodes directory be in a tasks subdirectory like the other roles? I couldn't get the kernel parameters to be applied without it.

@Jims-Garage

Ай бұрын

Well spotted, yes it should. Fixing now.

@BrynnHarrison66

Ай бұрын

@@Jims-Garage This is my first pass at installing RKE2 with Ansible. I'm learning lots, thanks to you. Cheers

Doesn't work for me, configured everything just as in the video and it gets hung up on fact gathering.

@Jims-Garage

Ай бұрын

That's interesting. What OS are you using?

@michaelwentzell9809

Ай бұрын

@@Jims-Garage my apologies Jim, I was just exhausted going on 7 hours trying to troubleshoot deploying the cluster. I believe I’m using the most up to date Ubuntu Server from the official website, however looking at your videos, especially the cloud-init one, maybe lunar is the best bet especially with KVM considering. Do you think this would inhibit the provisioning?

@Jims-Garage

Ай бұрын

@@michaelwentzell9809 I mentioned at the start this is only tested on 23.04 non KVM. I don't use KVM image as it often causes problems. Try with the one I mentioned and see how you get on.

@michaelwentzell9809

Ай бұрын

@@Jims-Garage ohhhh man how could I have missed that!

@michaelwentzell9809

Ай бұрын

@@Jims-Garage thanks Jim! I’ll try this right away and get back to you! I was gonna say, I think Lunar had reached EOL for support as well

Got this working!! Do I need to install a cni for this or was that included in the script?

@Jims-Garage

7 күн бұрын

It's part of the deployment, uses flannel by default.

Could I make a suggestion regarding the rke2-server-config.j2 template. I notice you have one for the 1st (bootstrap) server and another one for the subsequent servers added to the cluster. The only difference being, the addition of server and token lines . I use the same template but have a '#' at the beginning of the server and token lines, effectively commenting them out. This is used as-is for the bootstrap server, then simply remove the '#' when it is copy it to server nodes 2 & 3. Great work by the way.

@Jims-Garage

Ай бұрын

Thanks, yes I will consider that 👍