⚡ K3s Lightweight Kubernetes on AlmaLinux: Container Orchestration Made Easy
Welcome to the world of lightweight container orchestration! 🚀 Ready to run Kubernetes without the heavyweight complexity? K3s is Kubernetes stripped down to its essentials - perfect for edge computing, IoT, development, and production! It’s like having the power of Google’s infrastructure in a tiny package! 🎁✨
🤔 Why is K3s Important?
K3s revolutionizes how we deploy Kubernetes! 🌟 Here’s why it’s game-changing:
- 💨 Ultra Lightweight - Less than 100MB binary, uses half the memory!
- 🚀 5-Second Install - Literally one command to production-ready cluster
- 🔋 Resource Efficient - Runs on Raspberry Pi to cloud servers
- 📦 Batteries Included - Built-in storage, load balancer, ingress
- 🛡️ Production Ready - CNCF certified, same Kubernetes APIs
- 🎯 Perfect for Edge - Ideal for IoT, CI/CD, development, ARM
Think of K3s as Kubernetes on a diet - all the power, none of the bloat! 💪
🎯 What You Need
Before diving into lightweight orchestration, ensure you have:
- ✅ AlmaLinux server (8 or 9)
- ✅ Root or sudo access
- ✅ At least 512MB RAM (yes, that little!)
- ✅ 1 CPU core minimum
- ✅ 10GB disk space
- ✅ Excitement for containers! 🐳
📝 Step 1: Installing K3s - One Command Magic!
Let’s install K3s with the world’s simplest Kubernetes installation! 🎩
# The magical one-liner that does everything!
curl -sfL https://get.k3s.io | sh -
# Wait about 30 seconds for everything to start
sleep 30
# Check if K3s is running
sudo systemctl status k3s
# Verify nodes are ready
sudo kubectl get nodesYou should see:
NAME STATUS ROLES AGE VERSION
your-hostname Ready control-plane,master 30s v1.28.x+k3s1That’s it! You have Kubernetes running! 🎉 Seriously, that was the entire installation!
🔧 Step 2: Understanding K3s Components - What Just Happened?
K3s installed everything you need! Let’s explore:
# Check all system pods running
sudo kubectl get pods -n kube-system
# You'll see core components:
# - CoreDNS (DNS for services)
# - Traefik (Ingress controller)
# - Local-path-provisioner (Storage)
# - Metrics-server (Resource metrics)
# Check the K3s configuration
sudo cat /etc/rancher/k3s/k3s.yaml
# K3s binary location
which k3s
ls -la /usr/local/bin/k3sK3s includes these components by default:
- Containerd - Container runtime (no Docker needed!)
- Flannel - CNI for networking
- CoreDNS - Cluster DNS
- Traefik - Ingress controller
- Local Path Provisioner - Storage class
- Embedded SQLite - No external datastore needed!
Amazing what fits in 100MB! 🎁
🌟 Step 3: Deploying Your First Application - Hello Kubernetes!
Let’s deploy a web application! 🚀
Create your first deployment:
# Create a deployment YAML file
cat <<EOF | sudo tee nginx-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx-deployment
labels:
app: nginx
spec:
replicas: 3 # Run 3 copies for high availability!
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx
image: nginx:alpine # Lightweight nginx image
ports:
- containerPort: 80
EOF
# Deploy it!
sudo kubectl apply -f nginx-deployment.yaml
# Watch pods being created
sudo kubectl get pods -w
# Press Ctrl+C to stop watchingNow expose it to the world:
# Create a service to expose nginx
cat <<EOF | sudo tee nginx-service.yaml
apiVersion: v1
kind: Service
metadata:
name: nginx-service
spec:
selector:
app: nginx
ports:
- protocol: TCP
port: 80
targetPort: 80
type: LoadBalancer # K3s provides ServiceLB!
EOF
# Apply the service
sudo kubectl apply -f nginx-service.yaml
# Check the service
sudo kubectl get svc nginx-serviceYour app is running! Access it via your server’s IP! 🎊
✅ Step 4: Setting Up Ingress - Professional Traffic Routing!
K3s includes Traefik ingress controller! Let’s use it:
# Create an ingress rule
cat <<EOF | sudo tee nginx-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nginx-ingress
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: web
spec:
rules:
- host: demo.local # Change to your domain!
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: nginx-service
port:
number: 80
EOF
# Apply ingress
sudo kubectl apply -f nginx-ingress.yaml
# Check ingress
sudo kubectl get ingress
# If using local testing, add to /etc/hosts:
echo "YOUR_SERVER_IP demo.local" | sudo tee -a /etc/hostsNow you can access your app via domain name! 🌐
🔒 Step 5: Persistent Storage - Data That Survives!
K3s includes Local Path Provisioner for storage:
# Create a persistent volume claim
cat <<EOF | sudo tee pvc-example.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: local-path-pvc
spec:
accessModes:
- ReadWriteOnce
storageClassName: local-path # K3s default storage class
resources:
requests:
storage: 2Gi
EOF
# Create the PVC
sudo kubectl apply -f pvc-example.yaml
# Check PVC status
sudo kubectl get pvc
# Use it in a pod
cat <<EOF | sudo tee pod-with-storage.yaml
apiVersion: v1
kind: Pod
metadata:
name: storage-test
spec:
containers:
- name: test-container
image: busybox
command: ["/bin/sh", "-c", "echo 'Data persists!' > /data/test.txt && sleep 3600"]
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: local-path-pvc
EOF
# Deploy pod with storage
sudo kubectl apply -f pod-with-storage.yaml
# Verify data is written
sudo kubectl exec storage-test -- cat /data/test.txtYour data is now persistent! 💾
🌐 Step 6: Adding Worker Nodes - Building a Cluster!
Want to add more nodes? Super easy! 🎯
On the master node:
# Get the node token
sudo cat /var/lib/rancher/k3s/server/node-token
# Get the master IP
ip addr show | grep inetOn worker nodes:
# Install K3s as agent (worker)
curl -sfL https://get.k3s.io | K3S_URL=https://MASTER_IP:6443 K3S_TOKEN=YOUR_TOKEN sh -
# Verify on master
sudo kubectl get nodesYou now have a multi-node cluster! 🎊
🎮 Quick Examples
Example 1: Deploy WordPress with MySQL
Complete WordPress setup in minutes:
# Create namespace
sudo kubectl create namespace wordpress
# Deploy MySQL
cat <<EOF | sudo kubectl apply -n wordpress -f -
apiVersion: v1
kind: Secret
metadata:
name: mysql-pass
type: Opaque
data:
password: YWRtaW4xMjM= # base64 encoded 'admin123'
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress-mysql
spec:
selector:
matchLabels:
app: wordpress-mysql
template:
metadata:
labels:
app: wordpress-mysql
spec:
containers:
- name: mysql
image: mysql:5.7
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
- name: MYSQL_DATABASE
value: wordpress
ports:
- containerPort: 3306
---
apiVersion: v1
kind: Service
metadata:
name: wordpress-mysql
spec:
ports:
- port: 3306
selector:
app: wordpress-mysql
EOF
# Deploy WordPress
cat <<EOF | sudo kubectl apply -n wordpress -f -
apiVersion: apps/v1
kind: Deployment
metadata:
name: wordpress
spec:
selector:
matchLabels:
app: wordpress
template:
metadata:
labels:
app: wordpress
spec:
containers:
- name: wordpress
image: wordpress
env:
- name: WORDPRESS_DB_HOST
value: wordpress-mysql
- name: WORDPRESS_DB_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: wordpress
spec:
type: LoadBalancer
ports:
- port: 80
selector:
app: wordpress
EOF
# Check deployment
sudo kubectl get all -n wordpressExample 2: Auto-scaling with HPA
Set up automatic scaling:
# Create a deployment
sudo kubectl create deployment php-apache --image=k8s.gcr.io/hpa-example
# Expose it
sudo kubectl expose deployment php-apache --port=80
# Create HPA (Horizontal Pod Autoscaler)
sudo kubectl autoscale deployment php-apache --cpu-percent=50 --min=1 --max=10
# Check HPA
sudo kubectl get hpa
# Generate load to test
sudo kubectl run -i --tty load-generator --rm --image=busybox --restart=Never -- /bin/sh -c "while sleep 0.01; do wget -q -O- http://php-apache; done"Example 3: Using Helm Charts
Install applications easily with Helm:
# Install Helm
curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
# Add a chart repository
helm repo add bitnami https://charts.bitnami.com/bitnami
# Install Redis with one command!
helm install my-redis bitnami/redis
# List Helm releases
helm list
# Get Redis password
sudo kubectl get secret --namespace default my-redis -o jsonpath="{.data.redis-password}" | base64 -d🚨 Fix Common Problems
Problem 1: Kubectl Permission Denied
Symptom: Can’t run kubectl without sudo 😤
Fix:
# Copy config for your user
mkdir -p ~/.kube
sudo cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
sudo chown $USER:$USER ~/.kube/config
# Now kubectl works without sudo!
kubectl get nodesProblem 2: Pods Stuck in Pending
Symptom: Pods won’t start 😰
Fix:
# Check pod events
kubectl describe pod POD_NAME
# Check node resources
kubectl top nodes
kubectl top pods
# Check for storage issues
kubectl get pvc
kubectl get pv
# Check node taints
kubectl describe nodes | grep -i taintProblem 3: Can’t Access Services Externally
Symptom: LoadBalancer services not accessible 🌐
Fix:
# Check service status
kubectl get svc
# Check ServiceLB pods
kubectl get pods -n kube-system | grep svclb
# Open firewall ports
sudo firewall-cmd --permanent --add-port=80/tcp
sudo firewall-cmd --permanent --add-port=443/tcp
sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --reload
# Check iptables rules
sudo iptables -L -n -t nat📋 Simple Commands Summary
| Command | What It Does | When to Use |
|---|---|---|
kubectl get nodes | List cluster nodes | Check cluster health |
kubectl get pods -A | List all pods | See what’s running |
kubectl apply -f file.yaml | Deploy resources | Create apps |
kubectl delete -f file.yaml | Remove resources | Clean up |
kubectl logs pod-name | View pod logs | Debugging |
kubectl exec -it pod-name -- sh | Shell into pod | Troubleshooting |
kubectl describe pod pod-name | Pod details | Investigate issues |
kubectl top nodes | Resource usage | Performance check |
kubectl scale deployment/name --replicas=5 | Scale apps | Handle load |
k3s kubectl | K3s’s kubectl | When kubectl not set |
💡 Tips for Success
🚀 Performance Optimization
Make K3s even faster:
# Disable unused features to save resources
curl -sfL https://get.k3s.io | sh -s - \
--disable traefik \
--disable servicelb \
--disable metrics-server
# Use external database for production
curl -sfL https://get.k3s.io | sh -s - \
--datastore-endpoint="mysql://user:pass@tcp(hostname:3306)/k3s"
# Optimize for ARM devices
curl -sfL https://get.k3s.io | sh -s - \
--kubelet-arg="max-pods=110"🔒 Security Best Practices
Keep your cluster secure:
- Restrict API access - Use firewall rules! 🔥
- Enable RBAC - Control who can do what! 👮
- Use network policies - Isolate pods! 🚧
- Rotate tokens - Change secrets regularly! 🔄
- Enable audit logging - Track all actions! 📝
# Enable audit logging
curl -sfL https://get.k3s.io | sh -s - \
--kube-apiserver-arg="audit-log-path=/var/log/k3s-audit.log" \
--kube-apiserver-arg="audit-log-maxage=30"🎨 Advanced Features
Try these cool K3s features:
# Enable etcd instead of SQLite
curl -sfL https://get.k3s.io | sh -s - --cluster-init
# GPU support
curl -sfL https://get.k3s.io | sh -s - \
--kubelet-arg="feature-gates=DevicePlugins=true"
# Air-gap installation
# Download k3s binary and images separately
# Perfect for isolated environments!🏆 What You Learned
You’re now a K3s master! 🎓 You’ve successfully:
- ✅ Installed K3s in seconds
- ✅ Deployed containerized applications
- ✅ Configured ingress routing
- ✅ Set up persistent storage
- ✅ Built multi-node clusters
- ✅ Mastered kubectl commands
- ✅ Learned troubleshooting techniques
You have a production-ready Kubernetes cluster! 🚀
🎯 Why This Matters
K3s gives you incredible power! With your lightweight cluster, you can:
- 🏭 Run production workloads - Real Kubernetes, real results!
- 🤖 Deploy IoT applications - Perfect for edge computing!
- 🧪 Test locally - Full K8s on your laptop!
- 💰 Save resources - Do more with less!
- 🎓 Learn Kubernetes - Same APIs as big K8s!
You’re not just running containers - you’re orchestrating them like Google, Netflix, and Spotify! Your infrastructure is now cloud-native, scalable, and resilient! 🌟
Keep orchestrating, keep scaling, and remember - with K3s, Kubernetes is for everyone! ⭐
May your pods be healthy and your deployments be smooth! 🚀🐳🙌
