diff --git a/admin/README.md b/admin/README.md index b893027a9dfa87268fc95ed0dc82b02b999718cc..66283651cf06bc7c571cf5af8e968d40bb1d6681 100644 --- a/admin/README.md +++ b/admin/README.md @@ -10,6 +10,60 @@ the various directories and in the `.gitlab-ci.yml` configuration file. ## K3s - Kubekorner +### Nginx Ingress Controller + +At the time of writing, K3s comes with the traefik ingress controller +with a version less than 2.0. It is our (geosphere project) that this +controller is buggy and doesn't handle HTTPS certificates in an expected +way. We've chosen to uninstalled the traefik controller and instead install +the nginx ingress controller. It is possible in the future that newer versions +of traefik (2.3+ is availabe but not supported by k3s) will not have the issues +we've run into. It is also possible nginx will be used by K3s as an alternative +ingress option. + +The [k3s FAQ](https://rancher.com/docs/k3s/latest/en/faq/) includes the +following: + +```bash +How can I use my own Ingress instead of Traefik? +Simply start K3s server with --disable traefik and deploy your ingress. +``` + +After further research we discovered that additional steps may be required: + +See https://github.com/rancher/k3s/issues/1160#issuecomment-561572618 + +```bash +For the record and future me, this is what needs to be done to disable Traefik during initial setup: + + Remove traefik helm chart resource: kubectl -n kube-system delete helmcharts.helm.cattle.io traefik + Stop the k3s service: sudo service k3s stop + Edit service file sudo nano /etc/systemd/system/k3s.service and add this line to ExecStart: + + --no-deploy traefik \ + + Reload the service file: sudo systemctl daemon-reload + Remove the manifest file from auto-deploy folder: sudo rm /var/lib/rancher/k3s/server/manifests/traefik.yaml + Start the k3s service: sudo service k3s start +``` + +Note the above `--no-deploy` flag is deprecated and `--disable` should be used. + +Alternatively, k3s could be updated completely with the `--disable traefik` flag added: + +```bash +curl -sfL https://get.k3s.io | INSTALL_K3S_EXEC="server --no-deploy traefik --write-kubeconfig-mode 644" sh +``` + +Then nginx can be installed by following the instructions and settings +described here: +https://github.com/kubernetes/ingress-nginx/tree/master/charts/ingress-nginx + +```bash +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx +helm install ingress-nginx ingress-nginx/ingress-nginx --set controller.metrics.enabled=true +``` + ### Local Path Configuration When running on a K3S-based (rancher) cluster like the one currently running