https://rancher.com/ logo
Join SlackCommunities
Powered by
This message was deleted.
# k3s
a
This message was deleted.
❤️ 1
l
Not a bad idea
e
thanks for the reply. can you give more context why you think so?
b
Like every great answer in the tech space - it depends. Normally I'd advise against it because you want your k8s nodes to be as ephemeral as possible. But depending on the applications you could get away with it. The cool thing about containers is they are portable in a way java could only dream of 😛. So instead of running them side by side why node build and test your apps as containers then redeploy the entire box all at once. if you want to have a local way of testing rancher-desktop comes will all the tools you need for a workstation. once you get it working in 1 k8s cluster - it will work in all of them 🙂
e
this seems like a bot response 🙃
b
Yup you caught me I'm totally a bot 🤣
rancher employee 1
🤠 1
e
sorry if it’s a genuine response
I’m not familiar with rancher-desktop
I’d rather not atm, if I can help it 🙂
I have a couple of different environments. each with its own stack
b
So this all comes down to what you are trying to do. Are you migrating production apps? Or can you afford some downtime. There a lot of ways to 'migrate'
Rancher-desktop is just a development environment so you can run k8s locally and test it before you push into a prod stack.
e
we are a team of two. there are around 50+ servers to manage. there are two ‘clouds’. one of which has kubernetes. don’t ask about the version, please 😄
our stack is all over the place
b
Great k8s can literally replace your entire data center and consolidate everything
There is a lot of opportunities here. I would start by getting your apps in containers. Then start getting kubernetes manifests declared and in git
e
in the last year we migrated our dev env from vagrant/docker(-compose)
we have one k8s cluster, one bare-metal cloud and 20+ on-premise installations
b
Ok so is the goal to eventually move all the apps to containers then? Or do you want to keep 2 infrastructure styles in play?
e
the goal is to consolidate the stack as much as possible. so yes. move everything to containers. for the past week I’ve been reading up on k3s and I think/hope k3s is the way to go (k3d for dev on macOS).
b
I'm gonna say don't worry too much about the 'distributions' of k8s manifests work the same in all of them. It's just about what comes baked in by default. K3s is lightweight at the cost of not being as flexible as some other distributions. As for dev k3d is one of my personal favorites just because its simple out of the box and it runs natively on my Linux box (working at SUSE I run Linux on everything :)). The reason I recommend rancher desktop is it's a bit bigger but comes with more tools and a gui.
e
the reason I’m worrying about k8s distributions is because I didn’t have a choice before I joined where I’m at. Now is the time I can make a difference. In my team, we are two. 🙂
b
I really feel like step one is to start getting your apps into containers. Then start bringing up k3s in your production environment. Small bites will help the most here
At the end of the day k3s uses the same kube-api- server, the same kube-config-manager and the same etcd as any other k8s distro such as EKS, AKS, GKE, the linode one that I can't remember the name of right now, kubeadm, RKE1 and rke2. K3s uses traefik by default as an ingress controller. But in kubernetes an ingress is an ingress regardless of what the controller is.
There are minor irrelevant details between them all. The idea is once you have it set up. Destroying and rebuilding clusters should be second nature... Seriously k8s is designed to be destroyed constantly.
e
at this time, I have one cluster on bare-metal 🙃
I’m afraid to touch it
b
You're not stuck with anything - it's all vendor neutral and even platform neutral
That is exactly what needs to be fixed in your environment. :) You should reinvent your IT Ops to a state of continuous integration and continuous delivery. Fail often, fail fast and recover fast.
A constant state of change is better then a constant state of stagnation
Think about it like this You have container images that are just static binary files and you have a bunch of yaml files called manifests that make up a kubernetes cluster. Imagine if you took those images and put them in something like harbor or docker hub and all of the manifests and you put them in git. What stateful information does your cluster have left after that? Would it even matter if the OS on all the nodes was just blown away at that point?
e
that’s the dream 🙂
not sure about secrets. sealed/external hashicorp vault
still figuring those out
b
Sealed secrets are pretty cool but not quite as flexible as vault imo. That again all comes down to exactly what you're storing and how.
e
to my original question:
Copy code
can anyone tell me how bad of an idea it is to start running k3s along 'regular baremetal services' and slowly starting to migrate everything to k3s provided I have enough CPU/memory resources for both?
do you think it’s doable?
b
Yes - it's doable. Unless your apps start interfering with k8s services on the node. This is why I say it depends...
For example on k8s node your ingress controller will use 80/443 on the node... Will another app on the system conflict with these ports?
e
I get you. I can get around that 🙂
b
as a migration path - sure as long as you're careful. But you're playing with fire in a way... I would have a solid plan to start shifting things over and dedicate the entire node for k8s
e
yeah. at the start I just want to have a path to switch back if necessary. but I’m worried about https://github.com/k3s-io/k3s/discussions/7337
I can’t disable swap while in ‘hybrid’ mode
b
Yea that's gonna be an issue. You should not run swap on k8s nodes at all. The terrible thing about this is it's hard to tell what will happen just because Linux swap doesn't really know how to swap k8s services and things start to break in strange ways.
🎯 1
Good news is the swap support may go ga in 1.28: https://github.com/kubernetes/enhancements/issues/2400
e
dude/dette!!! thanks for your all your ingisht! 🙂 to you and 
iamkiloman
🙂
I’ll have a lot of more questions. just checking, I shoudn’t ping you, right? 🙂
thanks for everything 🙂
b
I would ask that you please keep asking in public channels I watch from time to time but I'm not very reliably watching this channel
You can ping me but I might not see it for a while
e
👍
❤️
Open in Slack
PreviousNext
Powered by