Azure Arc allows you to connect your Kubernetes cluster to Azure. Connecting a cluster to Azure has many benefits including, Deploying applications, Monitoring, Threat detection and cluster Management.

This series is broken into 3 parts:

Note

To connect a Kubernetes cluster to Azure Arc today, at least one of the nodes needs to be Linux/Amd64.

Connecting the Cluster to Azure

Part 1 will demonstrate how to use K3s to create a cluster containing a Linux node hosted in WSL2 alongside a Raspberry Pi node.

Prerequisites

  1. A Raspberry Pi
  2. A Windows PC with WSL2 enabled
  3. An Azure account
  4. An SSH client such as Putty

Install K3s on Windows WSL2

One of the simplest ways to get Linux up and running on your Windows PC is via the Microsoft Store.

  1. Install Ubuntu 22.04 from the Microsoft Store
  2. Launch the app to open a command prompt
  3. Enable legacy iptables, Kubernetes doesn't support nftables:
$ sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
$ sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
  1. Download K3s:
$ wget https://github.com/k3s-io/k3s/releases/download/v1.24.3%2Bk3s1/k3s
$ sudo install k3s /usr/local/bin
  1. Run the config check to make sure everything is good:
$ k3s check-config
STATUS: pass
  1. Start the k3s server:
$ sudo k3s server
  1. Check to make everything is installed and running normally:
$ sudo k3s kubectl cluster-info
Kubernetes control plane is running at https://127.0.0.1:6443
CoreDNS is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/https:metrics-server:https/proxy

$ sudo k3s kubectl get nodes
NAME     STATUS   ROLES                  AGE     VERSION
home     Ready    control-plane,master   2d15h   v1.24.3+k3s1

$ sudo k3s kubectl get pods --all-namespaces
NAMESPACE    NAME                                    READY  STATUS     RESTARTS  AGE
kube-system  local-path-provisioner-7b7dc8d6f5-jkkj6 1/1    Running    0         20m
kube-system  helm-install-traefik-crd-7tfrn          0/1    Completed  0         20m
kube-system  svclb-traefik-12ac4033-dwj6b            2/2    Running    0         20m
kube-system  helm-install-traefik-jn7gz              0/1    Completed  1         20m
kube-system  coredns-b96499967-nwjfc                 1/1    Running    0         20m
kube-system  traefik-7cd4fcff68-7k9tf                1/1    Running    0         20m
kube-system  metrics-server-668d979685-z94w2         1/1    Running    0         20m
  1. Get the K3s node token which will be used in a later step to add the additional Pi node:
$ sudo cat /var/lib/rancher/k3s/server/node-token

K3s is now up and running, the deployment contains a single node in WSL2.

Configure Port Forwarding from WSL2

By default, the Kubernetes API server listens on port 6443. To access this cluster from outside WSL2, we need to setup port forwarding from the host machine. The is needed to both add additional nodes to the cluster as well as manage the cluster remotely.

To setup port forwarding, you will first need to make not of the IP address of the Linux instance, by running the following command from the Ubuntu shell. The address returned below is the IP address of my installation, yours will be different.

  1. Get the WSL2 Linux IP address:
$ ip addr show dev eth0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1
172.23.109.127
  1. From a Powershell on the host Windows machine, execute the following commands, substituting the IP address you received above for the connectaddress:
> netsh interface portproxy set v4tov4 listenport=6443 listenaddress=0.0.0.0 connectport=6443 connectaddress=172.23.109.127
> netsh advfirewall firewall add rule name=6443 dir=in action=allow protocol=TCP localport=6443"
  1. To display the newly created rule:
> netsh interface portproxy show v4tov4

Listen on ipv4:             Connect to ipv4:

Address         Port        Address         Port
--------------- ----------  --------------- ----------
0.0.0.0         6443        172.23.109.127  6443

Install the Raspberry Pi OS

Now that you have your cluster created with the initial node deployed on WSL2, you can add setup the Raspberry Pi and add this to the cluster. This will involve installing the OS and then installing the K3s agent.

  1. Using the Raspberry Pi Imager, install the image onto an SD card. I chose the “Lite” version as I will be using SSH to manage the device:
  1. Under settings:
    1. Set a hostname
    2. Enable SSH
    3. Set a username and password (user “root” is not supported)
  1. Once the SD card has been flashed, insert into the Raspberry Pi and power on the device

Install K3s on the Pi

  1. SSH into the device using the hostname and username / password set in the previous step
  2. Edit the file /boot/cmdline.txt to enable the cgroups by adding the following:
cgroup_enable=memory cgroup_memory=1
  1. Reboot the device:
$ sudo reboot
  1. Install the ks3 agent,
    1. windows_ip: The IP address of the WSL2 host machine
    2. nodetoken: The node token after deploying the server in WSL2
$ curl -sfL https://get.k3s.io | K3S_URL=https://{windows_ip}:6443 K3S_TOKEN={mynodetoken} sh -
  1. Reboot the device again. Without this step the node was unable to successfully connect to the cluster
  2. Back on your WSL2 install, check the node status and confirm the pi node is now present:
ryan@Home:~# sudo k3s kubectl get nodes
NAME    STATUS  ROLES                 AGE  VERSION
pi      Ready   <none>                23m  v1.24.3+k3s1
home    Ready   control-plane,master  84m  v1.24.3+k3s1

You have now successfully deployed K3s on the Raspberry Pi and joined it to a Kubernetes cluster!

Next Steps

Move on to Part 2 – Connecting the Cluster to Azure.