# Création d'un cluster k3s mono-noeud sur Rocky Linux

## Mise en place des pré-requis   


#### Désactiver firewalld

```bash
systemctl stop firewalld
systemctl disable firewalld
```

#### Désactiver selinux en modifiant le fichier <span style="background-color: rgb(206, 212, 217);">/etc/sysconfig/selinux</span>  


```ini
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#     enforcing - SELinux security policy is enforced.
#     permissive - SELinux prints warnings instead of enforcing.
#     disabled - No SELinux policy is loaded.
# See also:
# https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/using_selinux/changing-selinux-states-and-modes_using-selinux#changing-selinux-modes-at-boot-time_changing-selinux-states-and-modes
#
# NOTE: Up to RHEL 8 release included, SELINUX=disabled would also
# fully disable SELinux during boot. If you need a system with SELinux
# fully disabled instead of SELinux running with no policy loaded, you
# need to pass selinux=0 to the kernel command line. You can use grubby
# to persistently set the bootloader to boot with selinux=0:
#
#    grubby --update-kernel ALL --args selinux=0
#
# To revert back to SELinux enabled:
#
#    grubby --update-kernel ALL --remove-args selinux
#
SELINUX=disabled
# SELINUXTYPE= can take one of these three values:
#     targeted - Targeted processes are protected,
#     minimum - Modification of targeted policy. Only selected processes are protected.
#     mls - Multi Level Security protection.
SELINUXTYPE=targeted
```

#### Installer les packages manquants suivants  


```bash
dnf install -y git tar bash-completion
```

#### Modifier les paramètres kernel suivants en créant le fichier<span style="background-color: rgb(206, 212, 217);"> /etc/sysctl.d/99-tunning.conf</span>  


```ini
#Disable IP V6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

#tunning fs
fs.aio-max-nr = 1048576
fs.file-max = 6815744

#Limit Swap
vm.swappiness = 10

vm.max_map_count = 262144
vm.overcommit_memory = 1

net.core.somaxconn=65535

#Tuning IPV4
net.ipv4.ip_local_port_range = 10000 65500
net.ipv4.tcp_keepalive_time=30
net.ipv4.tcp_keepalive_intvl=30
net.ipv4.tcp_keepalive_probes=10
```

#### Rebooter le server  


## Installation de kubectl et d'un kube k3s

### Installation de kubectl 

#### Télécharger le binaire kubectl et le déposer dans /usr/local/bin/

```bash
curl -LO https://dl.k8s.io/release/$(curl -Ls https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv ./kubectl /usr/local/bin/kubectl
```

#### Modifier le bashrc pour ajouter <span style="background-color: rgb(206, 212, 217);">/usr/local/bin</span> dans la variable <span style="background-color: rgb(206, 212, 217);">$PATH</span>  


```bash
...
...
export PATH=$PATH:/usr/local/bin
...
```

#### Ajouter la completion sur kubectl  


```bash
echo 'source <(kubectl completion bash)' >>~/.bashrc
```

#### Vérifier que le binaire est opérationnel

```
kubectl version --client
```

#### Installation de K3S sans le composant “Traeffik” et en choisissant un CIDR qui n'overlap pas un réseau existant

```bash
curl -sfL https://get.k3s.io | K3S_KUBECONFIG_MODE="644" INSTALL_K3S_EXEC="--cluster-cidr=192.168.255.0/24 --disable=traefik" sh -
```

#### A la fin du déploiement, créer le fichier d'authentification / connection au cluster kubernetes pour le client kubectl 

```
mkdir ~/.kube
cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
```

#### Vérifier que le kube est correctement démarrer

```
kubectl get pods --all-namespaces
NAMESPACE     NAME                                      READY   STATUS    RESTARTS   AGE
kube-system   coredns-0587-fbcd5-sdfsf                  1/1     Running   0          84s
kube-system   local-path-provisioner-fdsfsfs-r6pbm      1/1     Running   0          84s
```