{"id":18579229,"url":"https://github.com/faust64/pi8s","last_synced_at":"2026-02-03T14:02:37.312Z","repository":{"id":76091583,"uuid":"142056520","full_name":"faust64/pi8s","owner":"faust64","description":"π8s","archived":false,"fork":false,"pushed_at":"2021-07-27T06:06:28.000Z","size":56,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-06-24T15:56:08.949Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/faust64.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-07-23T18:57:04.000Z","updated_at":"2021-07-27T06:06:31.000Z","dependencies_parsed_at":"2023-05-22T11:00:25.719Z","dependency_job_id":null,"html_url":"https://github.com/faust64/pi8s","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/faust64/pi8s","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faust64%2Fpi8s","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faust64%2Fpi8s/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faust64%2Fpi8s/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faust64%2Fpi8s/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/faust64","download_url":"https://codeload.github.com/faust64/pi8s/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faust64%2Fpi8s/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29047075,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-03T10:09:22.136Z","status":"ssl_error","status_checked_at":"2026-02-03T10:09:16.814Z","response_time":96,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T23:39:32.891Z","updated_at":"2026-02-03T14:02:37.278Z","avatar_url":"https://github.com/faust64.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# k8s on Raspbian\n\nSet of Ansible roles deploying k8s on RPI.\n\nLast tested with raspbian buster 10.3, k8s 1.17.3, on armv7l/v8l.\n\nNOTICE: better look into https://github.com/kubernetes-sigs/kubespray,\nif you want some production-ready cluster. RPI is perfectly supported.\nThe playbook given here is mainly a kubernetes-from-scratch exercise.\n\n## Configuration\n\nSet proper hostnames, enable SSH, install python-apt.\n\nUpdate `hosts`, `group_vars` \u0026 `host_vars`.\n\n## Deployment\n\nPrepare cluster variables, in `group_vars/all.yml`, then deploy cluster:\n\n```\n$ ansible-playbook -i hosts ./k8s.yml\n```\n\n## Notes\n\n### Multi-Master\n\nNote multi-master deployment is not operational - this could be done with\nthe following manual steps:\n\n- edit k8s role, do not load join tasks, stop after initializing first\n  master.\n- apply `rpi`/`containers`/`k8s` roles to all masters\n- once cluster is initialized on a first master, run the join command from\n  an other one\n- connect etcd on the initial master, add new member (`etcdctl member add`)\n- edit `/etc/kubernetes/manifests/etcd.yaml` on initial master, notice that\n  while our init script should have set a proper URL, the\n  `initial-cluster-members` param only mentions our initial master: fix it\n  to include all 3 members - beware, restarting etcd, going from 1 to 3\n  members: quorum would be broken until our second member joins in, k8s API\n  would blink, ... that shouldn't take long. though make sure you did run\n  the firt join command *before* reconfiguring etcd.\n- once etcd is back up, we may join our last master, and add it to etcd as well\n- generate new kube-apiserver certificates for additional masters\n  (see `roles/k8s/templates/post-init.j2` -- arguably, consider generating\n  a unique apiserver certificate whose SAN covers all masters)\n- next, scale out `controllers`/`apiserver`/`scheduler` Pods to all masters (see\n  `roles/k8s/templates/post-init.j2`), consider fixing addresses in\n  `/etc/kubernetes/(admin|scheduler|controller-manager|kubelet).conf`. Not sure\n  what's best -- in my case, I have 3 racks of 4 RPIs: kubelets from rack N\n  would connect to whichever master is on the same rack, masters services in\n  general rely on locally hosted services. In most cases, you may just want to\n  use your LB address, some VIP, a DNS record resolving to all masters, ...\n  Either way, make your re-generate the API server certificate with proper SAN.\n\n### Crio\n\nNote that cri-o runtime does not seem to work with kubernetes, when running\nwith systemd cgroups driver. Turns out container would fail to start applying\nCPU quotas. On raspbian, we should expect those sysctls [to be missing](https://raspberrypi.stackexchange.com/questions/87779/missing-cpu-cfs-period-us-cgroup-subsystem-in-raspbian-stretch-on-raspberry-pi-z).\n\nDocker also complains about those, yet shows it as a warning and still starts\ncontainers - whereas I could not start etcd, initializing my first master with\ncri-o. A workaround may be to build your own kernel. Or prefer the cgroupfs\ndriver -- which, using Raspbian, would require enablig memory cgroups (in\n/boot/cmdline.txt).\n\n### Docker Pool\n\nOnly applies when using Docker runtime. And even then: not mandatory.\n\nBefore first booting Raspbian, having provisionned our flash media, we may\nadd a separate partition, such as our rootfs would have about 8G of\ndisk space, while the rest of our SD card can be used as a Volume Group:\n\n```\n# fdisk /dev/mmcblk0\np\nd\n2\nn\np\n2\n[start-offset-as-seen-with-p-command]\n+8G\nn\np\n3\n[start-offset-as-seen-with-p-command]\n[confirm-next-free-offset-is-fine]\n[confirm-last-free-offset-is-fine]\nw\n```\n\nThen, having booted Raspbian:\n\n```\n# apt-get update\n# apt-get install lvm2\n# pvcreate /dev/mmcblk0p3\n# vgcreate data /dev/mmcblk0p3\n# lvcreate -n docker -l95%VG data\n# lvcreate -n dockermeta -l1%VG data\n# lvconvert -y --zero n -c 512K \\\n    --thinpool data/docker \\\n    --poolmetadata data/dockermeda\n```\n\nOn masters, consider creating a LV hosting etcd.\n\n## Special Thanks\n\nSpecial thanks to:\n\n * Anne Fernandes\n * Dimitris Finas\n * Nicolas Fleury-Gobert\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaust64%2Fpi8s","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffaust64%2Fpi8s","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaust64%2Fpi8s/lists"}