What is K3s?
K3s - Lightweight Kubernetes
👋Hello, Hashnode community! I'm subbaramireddy, a passionate DevOps Engineer with a relentless commitment to optimizing software development workflows and infrastructure management. 🚀 Hands-on experience in the DevOps field, I've honed my skills in AWS cloud services, containerization, and CI/CD pipelines. As an AWS Certified Developer, I'm well-versed in leveraging cloud technologies to drive efficiency and innovation. 💡 I firmly believe in the power of continuous improvement. My journey began with an internship, where I immersed myself in the intricacies of DevOps, from deploying web applications to orchestrating containerized solutions. I've also delved into AWS CDK, enhancing security through RDS instance policies, and creating foundational infrastructure with precision. 🌐 My goal is to share insights, best practices, and the latest trends in the DevOps landscape. I'm excited to connect with like-minded professionals, engage in meaningful discussions, and learn from the diverse experiences of the Hashnode community. 📝 Let's explore the ever-evolving world of DevOps together. Feel free to connect with me, ask questions, or share your own insights. Together, we can drive innovation and efficiency in the tech world!
Introducing K3s, a streamlined Kubernetes distribution meticulously crafted for resource-constrained environments. This cutting-edge solution optimizes efficiency without sacrificing the technical robustness inherent in Kubernetes. Boasting a judiciously curated feature set, K3s excels in scenarios where lightweight container orchestration is paramount, making it an ideal choice for edge computing and IoT deployments. Its minimal footprint belies a sophisticated architecture, offering a seamless and resilient platform for managing containerized workloads with precision and finesse. In a nutshell, K3s is the technically adept answer to refined Kubernetes requirements, delivering a potent orchestration experience without unnecessary overhead.
Essential features of K3s
K3s is a fully compliant Kubernetes distribution with the following enhancements:
Packaged as a single binary.
Lightweight storage backend based on SQLite3 as the default storage mechanism. etcd3, MySQL, and Postgres are also available.
Wrapped in a simple launcher that handles a lot of the complexity of TLS and options.
Secure by default with reasonable defaults for lightweight environments.
Simple but powerful "batteries-included" features have been added, such as:
local storage provider
service load balancer
Helm controller
Traefik ingress controller.
The operation of all Kubernetes control plane components is encapsulated in a single binary process. This allows K3s to automate and manage complex cluster operations like distributing certificates.
External dependencies have been minimized (just a modern kernel and cgroup mounts are needed). K3s packages the required dependencies, including:
containerD
Flannel (CNI)
CoreDNS
Traefik (Ingress)
Klipper-lb (Service LB)
Embedded network policy controller
Embedded local-path-provisioner
Host utilities (iptables, socat, etc)
What's with the name?
We wanted an installation of Kubernetes that was half the size in terms of memory footprint. Kubernetes is a 10-letter word stylized as K8s. So something half as big as Kubernetes would be a 5-letter word stylized as K3s. There is no long form of K3s and no official pronunciation.
Lightweight Kubernetes. Easy to install, half the memory, all in a binary of less than 100 MB.
Great for:
Edge
IoT
CI
Development
ARM
Embedding K8s
Situations where a PhD in K8s clusterology is infeasible
Architecture
Servers and Agents
A server node is defined as a host running the
k3s servercommand, with control-plane and datastore components managed by K3s.An agent node is defined as a host running the
k3s agentcommand, without any datastore or control-plane components.Both servers and agents run the kubelet, container runtime, and CNI. See the Advanced Options documentation for more information on running agentless servers.
Single-server Setup with an Embedded DB
The following diagram shows an example of a cluster that has a single-node K3s server with an embedded SQLite database.
In this configuration, each agent node is registered to the same server node. A K3s user can manipulate Kubernetes resources by calling the K3s API on the server node.
High-Availability K3s
Single server clusters can meet a variety of use cases, but for environments where the uptime of the Kubernetes control plane is critical, you can run K3s in an HA configuration. An HA K3s cluster comprises:
Embedded DB
Three or more server nodes that will serve the Kubernetes API and run other control plane services
An embedded etcd datastore (as opposed to the embedded SQLite datastore used in single-server setups/)
External DB
Two or more server nodes that will serve the Kubernetes API and run other control plane services
An external datastore (such as MySQL, PostgreSQL, or etcd).
Fixed Registration Address for Agent Nodes
In the high-availability server configuration, each node can also register with the Kubernetes API by using a fixed registration address, as shown in the diagram below.
After registration, the agent nodes establish a connection directly to one of the server nodes.
How Agent Node Registration Works
Agent nodes are registered with a WebSocket connection initiated by the
k3s agentprocess and the connection is maintained by a client-side load balancer running as part of the agent process.Initially, the agent connects to the supervisor (and kube-apiserver) via the local load-balancer on port 6443.
The load-balancer maintains a list of available endpoints to connect to. The default (and initially only) endpoint is seeded by the hostname from the
--serveraddress. Once it connects to the cluster, the agent retrieves a list of kube-apiserver addresses from the Kubernetes service endpoint list in the default namespace.Those endpoints are added to the load balancer, which then maintains stable connections to all servers in the cluster, providing a connection to the kube-apiserver that tolerates outages of individual servers.
Agents will register with the server using the node cluster secret along with a randomly generated password for the node, stored at
/etc/rancher/node/password. The server will store the passwords for individual nodes as Kubernetes secrets, and any subsequent attempts must use the same password.Node password secrets are stored in the
kube-systemnamespace with names using the template<host>.node-password.k3s. This is done to protect the integrity of node IDs.If the
/etc/rancher/nodedirectory of an agent is removed, or if you wish to rejoin a node using an existing name, the node should be deleted from the cluster. This will clean up both the old node entry, and the node password secret, and allow the node to (re)join the cluster.If you frequently reuse hostnames, but are unable to remove the node password secrets, a unique node ID can be automatically appended to the hostname by launching K3s servers or agents using the
--with-node-idflag. When enabled, the node ID is also stored in/etc/rancher/node/.
Conclusion
In conclusion, K3s is a game-changer in the world of container orchestration. Its streamlined design, optimized for efficiency in resource-constrained environments, positions it as a versatile solution for edge computing and IoT deployments. With a minimal footprint and potent capabilities, K3s strikes the perfect balance between simplicity and power, making it a compelling choice for those seeking a nimble yet robust Kubernetes experience. Whether you're navigating the complexities of modern computing or optimizing for resource efficiency, K3s stands out as a versatile and efficient solution in the ever-evolving landscape of containerized applications.
Thanks for reading! I hope you found this helpful and informative.
I'm always happy to connect with fellow tech enthusiasts and answer any questions you may have. Don't forget to follow me for more updates on tech, programming, and more.😄😄
Follow me on LinkedIn to see interesting posts like this : ) Linkedin
