Azure Arc allows you to connect your Kubernetes cluster to Azure. Connecting a cluster to Azure has many benefits including, Deploying applications, Monitoring, Threat detection and cluster Management.
This series is broken into 3 parts:
- Part 1 – Creating the Kubernetes cluster containing a Raspberry Pi
- Part 2 – Connecting the Cluster to Azure
Note
To connect a Kubernetes cluster to Azure Arc today, at least one of the nodes needs to be Linux/Amd64.
Table of Contents
Connecting the Cluster to Azure
Part 1 will demonstrate how to use K3s to create a cluster containing a Linux node hosted in WSL2 alongside a Raspberry Pi node.
Prerequisites
- A Raspberry Pi
- A Windows PC with WSL2 enabled
- An Azure account
- An SSH client such as Putty
Install K3s on Windows WSL2
One of the simplest ways to get Linux up and running on your Windows PC is via the Microsoft Store.
- Install Ubuntu 22.04 from the Microsoft Store
- Launch the app to open a command prompt
- Enable legacy iptables, Kubernetes doesn't support nftables:
$ sudo update-alternatives --set iptables /usr/sbin/iptables-legacy
$ sudo update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy- Download K3s:
$ wget https://github.com/k3s-io/k3s/releases/download/v1.24.3%2Bk3s1/k3s
$ sudo install k3s /usr/local/bin- Run the config check to make sure everything is good:
$ k3s check-config
STATUS: pass- Start the k3s server:
$ sudo k3s server- Check to make everything is installed and running normally:
$ sudo k3s kubectl cluster-info
Kubernetes control plane is running at https://127.0.0.1:6443
CoreDNS is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
Metrics-server is running at https://127.0.0.1:6443/api/v1/namespaces/kube-system/services/https:metrics-server:https/proxy
$ sudo k3s kubectl get nodes
NAME STATUS ROLES AGE VERSION
home Ready control-plane,master 2d15h v1.24.3+k3s1
$ sudo k3s kubectl get pods --all-namespaces
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system local-path-provisioner-7b7dc8d6f5-jkkj6 1/1 Running 0 20m
kube-system helm-install-traefik-crd-7tfrn 0/1 Completed 0 20m
kube-system svclb-traefik-12ac4033-dwj6b 2/2 Running 0 20m
kube-system helm-install-traefik-jn7gz 0/1 Completed 1 20m
kube-system coredns-b96499967-nwjfc 1/1 Running 0 20m
kube-system traefik-7cd4fcff68-7k9tf 1/1 Running 0 20m
kube-system metrics-server-668d979685-z94w2 1/1 Running 0 20m- Get the K3s node token which will be used in a later step to add the additional Pi node:
$ sudo cat /var/lib/rancher/k3s/server/node-tokenK3s is now up and running, the deployment contains a single node in WSL2.
Configure Port Forwarding from WSL2
By default, the Kubernetes API server listens on port 6443. To access this cluster from outside WSL2, we need to setup port forwarding from the host machine. The is needed to both add additional nodes to the cluster as well as manage the cluster remotely.
To setup port forwarding, you will first need to make not of the IP address of the Linux instance, by running the following command from the Ubuntu shell. The address returned below is the IP address of my installation, yours will be different.
- Get the WSL2 Linux IP address:
$ ip addr show dev eth0 | grep "inet\b" | awk '{print $2}' | cut -d/ -f1
172.23.109.127- From a Powershell on the host Windows machine, execute the following commands, substituting the IP address you received above for the connectaddress:
> netsh interface portproxy set v4tov4 listenport=6443 listenaddress=0.0.0.0 connectport=6443 connectaddress=172.23.109.127
> netsh advfirewall firewall add rule name=6443 dir=in action=allow protocol=TCP localport=6443"- To display the newly created rule:
> netsh interface portproxy show v4tov4
Listen on ipv4: Connect to ipv4:
Address Port Address Port
--------------- ---------- --------------- ----------
0.0.0.0 6443 172.23.109.127 6443Install the Raspberry Pi OS
Now that you have your cluster created with the initial node deployed on WSL2, you can add setup the Raspberry Pi and add this to the cluster. This will involve installing the OS and then installing the K3s agent.
- Using the Raspberry Pi Imager, install the image onto an SD card. I chose the “Lite” version as I will be using SSH to manage the device:
- Under settings:
- Set a hostname
- Enable SSH
- Set a username and password (user “root” is not supported)
- Once the SD card has been flashed, insert into the Raspberry Pi and power on the device
Install K3s on the Pi
- SSH into the device using the hostname and username / password set in the previous step
- Edit the file /boot/cmdline.txt to enable the cgroups by adding the following:
cgroup_enable=memory cgroup_memory=1- Reboot the device:
$ sudo reboot- Install the ks3 agent,
windows_ip: The IP address of the WSL2 host machinenodetoken: The node token after deploying the server in WSL2
$ curl -sfL https://get.k3s.io | K3S_URL=https://{windows_ip}:6443 K3S_TOKEN={mynodetoken} sh -- Reboot the device again. Without this step the node was unable to successfully connect to the cluster
- Back on your WSL2 install, check the node status and confirm the pi node is now present:
ryan@Home:~# sudo k3s kubectl get nodes
NAME STATUS ROLES AGE VERSION
pi Ready <none> 23m v1.24.3+k3s1
home Ready control-plane,master 84m v1.24.3+k3s1You have now successfully deployed K3s on the Raspberry Pi and joined it to a Kubernetes cluster!
Next Steps
Move on to Part 2 – Connecting the Cluster to Azure.
I am trying to follow this but am stuck on step 4.
$ curl -sfL https://get.k3s.io | K3S_URL={windows_ip} K3S_TOKEN={mynodetoken} sh –
This command fails with the below error
[ERROR] Only https:// URLs are supported for K3S_URL (have
Hi MJ, sorry I missed this comment, did you get this resolved? I updated the post with the correct command.