Setting up the Raspberry Pi 4/5
Download the Raspberry Pi Imager to flash the microSD card or USB disk with the Raspberry Pi OS.
- Change the advanced settings, specifically don't forget to change the following:
- Wifi
- Username and password
Install Kubernetes (K3s)
Step 1 (cgroup)
Standard Raspbian Buster installations do not start with cgroups enabled. K3S needs cgroups to start the systemd service. cgroups can be enabled by appending cgroup_memory=1 cgroup_enable=memory to /boot/cmdline.txt
Step 2 (k3s master)
curl -sfL https://get.k3s.io | sh -
Step 3 (k3s node)
Source: https://sahansera.dev/building-your-own-private-kubernetes-cluster-on-a-raspberry-pi-4-with-k3s/
On the master to get security token:
sudo cat /var/lib/rancher/k3s/server/token
On the agent:
curl -sfL https://get.k3s.io | K3S_NODE_NAME="node01" K3S_URL="https://10.0.0.100:6443" K3S_TOKEN="token from above step" sh -
On the master to verify:
kubectl get nodes
Kubernetes Remote Console (kubectl)
On the master node:
sudo cat /etc/rancher/k3s/k3s.yaml
On the PC edit .kube/config
kubectl config use-context pi
Kubernetes Monitoring (Prometheus)
Install Lens
Right click on cluster > Settings > Lens Monitoring
Check prometheus Check kube-state-metrics Check node-exporter
Kubernetes Storage (Longhorn)
Source: https://docs.k3s.io/storage
Install pre-requisites on every node:
sudo apt-get install open-iscsi
Apply manifest:
kubectl apply -f https://raw.githubusercontent.com/longhorn/longhorn/master/deploy/longhorn.yaml
Dashboard: port-forward
Kubernetes CI/CD (ArgoCD)
kubectl apply -f https://raw.githubusercontent.com/argoproj/argo-cd/master/manifests/install.yaml --namespace argocd
Fan Control
Enable PWM
Source: https://github.com/dotnet/iot/blob/main/Documentation/raspi-pwm.md
Open /boot/config.txt
sudo nano /boot/config.txt
And add a line with dtoverlay=pwm,pin=18,func=2.
Reboot.
Wire the fan
Source: https://blog.driftking.tw/en/2019/11/Using-Raspberry-Pi-to-Control-a-PWM-Fan-and-Monitor-its-Speed/
Fan Control
Source: https://github.com/treydempsey/fan_control/tree/main
-
Install rustup
-
Clone the git repository
git clone https://github.com/treydempsey/fan_control -
Build the code
cd fan_control/ curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh cargo build --release -
Install the binary
sudo cp target/release/fan_control /usr/local/bin -
Install the systemd unit file
sudo cp fan_control.service /lib/systemd/system -
Fix service:
sudo nano /lib/systemd/system/fan_control.serviceAnd change
[Service]toExecStart=/usr/local/bin/fan_control -
Start the service:
sudo systemctl enable fan_control sudo systemctl start fan_control systemctl status fan_control
Firewall
sudo apt-get install ufw
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw limit 22
# allow k3s ports: https://docs.k3s.io/installation/requirements#networking
sudo ufw allow 6443
sudo ufw allow 2376/tcp
sudo ufw allow 2379/tcp
sudo ufw allow 2380/tcp
Automatic System Updates
Source: https://haydenjames.io/how-to-enable-unattended-upgrades-on-ubuntu-debian/
Install:
sudo apt update && sudo apt upgrade
sudo apt install unattended-upgrades
sudo apt install apt-listchanges
Change settings at:
sudo nano /etc/apt/apt.conf.d/50unattended-upgrades
Automatic Kubernetes Updates
https://docs.k3s.io/upgrades/automated
Dynamic DNS
Script: https://github.com/K0p1-Git/cloudflare-ddns-updater
crontab -e
*/5 * * * * /bin/bash /home/pi/cloudflare-ddns-updater/cloudflare.sh
Router Port Forwarding
GitHub Actions Automated Deployment
Source: https://nicwortel.nl/blog/2022/05/27/continuous-deployment-to-kubernetes-with-github-actions
Configure Private Docker Registry
JetBrains Containers:
kubectl create namespace <NAMESPACE>
kubectl create secret docker-registry regcred --docker-server=<SPACE>.registry.jetbrains.space/p/<PROJECT>/containers --docker-username=<USERNAME> --docker-password=<PASSWORD> --namespace <NAMESPACE>
Github Container Registry:
kubectl create namespace <NAMESPACE>
kubectl create secret docker-registry regcred --docker-server=ghcr.io --docker-username=<USERNAME> --docker-password=<PASSWORD> --namespace <NAMESPACE>