{"id":13451554,"url":"https://github.com/rancher/k3os","last_synced_at":"2025-09-28T21:30:35.572Z","repository":{"id":38550050,"uuid":"174089125","full_name":"rancher/k3os","owner":"rancher","description":"Purpose-built OS for Kubernetes, fully managed by Kubernetes.","archived":true,"fork":false,"pushed_at":"2023-12-08T21:52:50.000Z","size":4347,"stargazers_count":3501,"open_issues_count":217,"forks_count":401,"subscribers_count":104,"default_branch":"master","last_synced_at":"2024-09-27T03:04:38.565Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://k3os.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rancher.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2019-03-06T06:54:39.000Z","updated_at":"2024-09-24T19:37:57.000Z","dependencies_parsed_at":"2023-02-14T10:46:46.299Z","dependency_job_id":"92adde5e-4f2d-4a30-9593-1d042e6b5815","html_url":"https://github.com/rancher/k3os","commit_stats":null,"previous_names":[],"tags_count":78,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancher%2Fk3os","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancher%2Fk3os/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancher%2Fk3os/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rancher%2Fk3os/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rancher","download_url":"https://codeload.github.com/rancher/k3os/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234563127,"owners_count":18853058,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T07:00:55.759Z","updated_at":"2025-09-28T21:30:33.735Z","avatar_url":"https://github.com/rancher.png","language":"Go","funding_links":[],"categories":["Operating System","Go","others","Go (531)","HarmonyOS","Software Development"],"sub_categories":["[Jenkins](#jenkins)","Windows Manager","Cloud Native"],"readme":"\n![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/rancher/k3os)\n![GitHub release (latest SemVer including pre-releases)](https://img.shields.io/github/v/release/rancher/k3os?include_prereleases\u0026label=release\u0026sort=semver)\n\n\n# Project Status\n\n**k3os is no longer maintained and has been superceeded by [Elemental] (https://elemental.docs.rancher.com/).\nPlease do not submit PRs or issues to this repo.**\n\n# k3OS\n\nk3OS is a Linux distribution designed to remove as much OS maintenance\nas possible in a Kubernetes cluster. It is specifically designed to only\nhave what is needed to run [k3s](https://github.com/rancher/k3s). Additionally\nthe OS is designed to be managed by `kubectl` once a cluster is bootstrapped.\nNodes only need to join a cluster and then all aspects of the OS can be managed\nfrom Kubernetes. Both k3OS and k3s upgrades are handled by the k3OS operator.\n\n1. [Quick Start](#quick-start)\n1. [Design](#design)\n1. [Installation](#installation)\n1. [Configuration](#configuration)\n1. [Upgrade/Maintenance](#upgrade-and-maintenance)\n1. [Building](#building)\n1. [Configuration Reference](#configuration-reference)\n\n## Quick Start\n\nDownload the ISO from the latest [release](https://github.com/rancher/k3os/releases) and run it\nin VMware, VirtualBox, KVM, or bhyve. The server will automatically start a single node Kubernetes cluster.\nLog in with the user `rancher` and run `kubectl`. This is a \"live install\" running from the ISO media\nand changes will not persist after reboot.\n\nTo copy k3OS to local disk, after logging in as `rancher` run `sudo k3os install`. Then remove the ISO\nfrom the virtual machine and reboot.\n\nLive install (boot from ISO) requires at least 2GB of RAM. Local install requires 1GB RAM.\n\n## Design\n\nCore design goals of k3OS are\n\n1. Minimal OS for running Kubernetes by way of k3s\n2. Ability to upgrade and configure using `kubectl`\n3. Versatile installation to allow easy creation of OS images.\n\n### File System Structure\n\nCritical to the design of k3OS is how that file system is structured. A booted system will\nlook as follows\n\n```\n/etc - ephemeral\n/usr - read-only (except /usr/local is writable and persistent)\n/k3os - system files\n/home - persistent\n/var - persistent\n/opt - persistent\n/usr/local - persistent\n```\n\n#### /etc\n\nAll configuration in the system is intended to be ephemeral. If you change anything in `/etc` it\nwill revert on next reboot. If you wish to persist changes to the configuration they must be done\nin the k3OS `config.yaml` which will be applied on each boot.\n\n#### /usr\n\nThe entire user space is stored in `/usr` and as read-only. The only way to change `/usr` is to\nchange versions of k3OS. The directory `/usr/local` is a symlink to `/var/local` and therefore\nwritable.\n\n#### /k3os\n\nThe k3OS directory contains the core operating system files references on boot to construct the\nfile system. It contains squashfs images and binaries for k3OS, k3s, and the Linux kernel. On\nboot the appropriate version for all three will be chosen and configured.\n\n#### /var, /usr/local, /home, /opt\n\nPersistent changes should be kept in `/var`, `/usr/local`, `/home`, or `/opt`.\n\n### Upstream Distros\n\nMost of the user-space binaries comes from Alpine and are repackaged for k3OS. Currently the\nkernel source is coming from Ubuntu 20.04 LTS. Some code and a lot of inspiration came from\n[LinuxKit](https://github.com/linuxkit/linuxkit)\n\n## Installation\n\n### Interactive Installation\n\nInteractive installation is done from booting from the ISO. The installation is done by running\n`k3os install`. The `k3os install` sub-command is only available on systems booted live.\nAn installation to disk will not have `k3os install`. Follow the prompts to install k3OS to disk.\n\n***The installation will format an entire disk. If you have a single hard disk attached to the system\nit will not ask which disk but just pick the first and only one.***\n\n### Automated Installation\n\nInstallation can be automated by using kernel cmdline parameters. There are a lot of creative\nsolutions to booting a machine with cmdline args. You can remaster the k3OS ISO, PXE boot,\nuse qemu/kvm, or automate input with packer. The kernel and initrd are available in the k3OS release\nartifacts, along with the ISO.\n\nThe cmdline value `k3os.mode=install` or `k3os.fallback_mode=install` is required to enable automated installations.\nBelow is a reference of all cmdline args used to automate installation\n\n| cmdline | Default | Example | Description |\n|:------------------------|---------|---------------------------------------------------|---------------------------------|\n| k3os.mode | | install | Boot k3OS to the installer, not an interactive session |\n| k3os.fallback_mode | | install | If a valid K3OS_STATE partition is not found to boot from, run the installation |\n| k3os.install.silent | false | true | Ensure no questions will be asked |\n| k3os.install.force_efi | false | true | Force EFI installation even when EFI is not detected |\n| k3os.install.device | | /dev/vda | Device to partition and format (/dev/sda, /dev/vda) |\n| k3os.install.config_url | | [https://gist.github.com/.../dweomer.yaml](https://gist.github.com/dweomer/8750d56fb21a3fbc8d888609d6e74296#file-dweomer-yaml) | The URL of the config to be installed at `/k3os/system/config.yaml` |\n| k3os.install.iso_url | | https://github.com/rancher/k3os/../k3os-amd64.iso | ISO to download and install from if booting from kernel/vmlinuz and not ISO. |\n| k3os.install.no_format | | true | Do not partition and format, assume layout exists already |\n| k3os.install.tty | auto | ttyS0 | The tty device used for console |\n| k3os.install.debug | false | true | Run installation with more logging and configure debug for installed system |\n| k3os.install.power_off | false | true | Shutdown the machine after install instead of rebooting |\n\n#### Custom partition layout\n\nBy default k3OS expects one partition to exist labeled `K3OS_STATE`. `K3OS_STATE` is expected to be an ext4 formatted filesystem with at least 2GB of disk space. The installer will create this\npartitions and file system automatically, or you can create them manually if you have a need for an advanced file system layout.\n\n### Bootstrapped Installation\n\nYou can install k3OS to a block device from any modern Linux distribution. Just download and run [install.sh](https://raw.githubusercontent.com/rancher/k3os/master/install.sh).\nThis script will run the same installation as the ISO but is a bit more raw and will not prompt for configuration.\n\n```\nUsage: ./install.sh [--force-efi] [--debug] [--tty TTY] [--poweroff] [--takeover] [--no-format] [--config https://.../config.yaml] DEVICE ISO_URL\n\nExample: ./install.sh /dev/vda https://github.com/rancher/k3os/releases/download/v0.10.0/k3os.iso\n\nDEVICE must be the disk that will be partitioned (/dev/vda). If you are using --no-format it should be the device of the K3OS_STATE partition (/dev/vda2)\n\nThe parameters names refer to the same names used in the cmdline, refer to README.md for\nmore info.\n```\n\n### Remastering ISO\n\nTo remaster the ISO all you need to do is copy `/k3os` and `/boot` from the ISO to a new folder. Then modify `/boot/grub/grub.cfg` to add whatever kernel cmdline args for auto-installation.\nTo build a new ISO just use the utility `grub-mkrescue` as follows:\n\n```bash\n# Ubuntu: apt install grub-efi grub-pc-bin mtools xorriso\n# CentOS: dnf install grub2-efi grub2-pc mtools xorriso\n# Alpine: apk add grub-bios grub-efi mtools xorriso\nmount -o loop k3os.iso /mnt\nmkdir -p iso/boot/grub\ncp -rf /mnt/k3os iso/\ncp /mnt/boot/grub/grub.cfg iso/boot/grub/\n\n# Edit iso/boot/grub/grub.cfg\n\ngrub-mkrescue -o k3os-new.iso iso/ -- -volid K3OS\n```\n\nGRUB2 CAVEAT: Some non-Alpine installations of grub2 will create `${ISO}/boot/grub2` instead of `${ISO}/boot/grub`\nwhich will generally lead to broken installation media. Be mindful of this and modify the above commands\n(that work with this path) accordingly. *Systems that exhibit this behavior typically have `grub2-mkrescue`\non the path instead of `grub-mkrescue`.*\n\n### Takeover Installation\n\nA special mode of installation is designed to install to a current running Linux system. This only works on ARM64 and x86_64. Download [install.sh](https://raw.githubusercontent.com/rancher/k3os/master/install.sh)\nand run with the `--takeover` flag. This will install k3OS to the current root and override the grub.cfg. After you reboot the system k3OS will then delete all files on the root partition that are not k3OS and then shutdown. This mode is particularly handy when creating cloud images. This way you can use an existing base image like Ubuntu and install k3OS over the top, snapshot, and create a new image.\n\nIn order for this to work a couple of assumptions are made. First the root (/) is assumed to be an ext4 partition. Also it is assumed that grub2 is installed and looking for the configuration at `/boot/grub/grub.cfg`. When running `--takeover` ensure that you also set `--no-format` and DEVICE must be set to the partition of `/`. Refer to the AWS packer template to see this mode in action. Below is any example of how to run a takeover installation.\n\n```bash\n./install.sh --takeover --debug --tty ttyS0 --config /tmp/config.yaml --no-format /dev/vda1 https://github.com/rancher/k3os/releases/download/v0.10.0/k3os.iso\n```\n\n### ARM Overlay Installation\n\nIf you have a custom ARMv7 or ARM64 device you can easily use an existing bootable ARM image to create a k3OS setup.\nAll you must do is boot the ARM system and then extract `k3os-rootfs-arm.tar.gz` to the root (stripping one path,\nlook at the example below) and then place your cloud-config at `/k3os/system/config.yaml`. For example:\n\n```bash\ncurl -sfL https://github.com/rancher/k3os/releases/download/v0.10.0/k3os-rootfs-arm.tar.gz | tar zxvf - --strip-components=1 -C /\ncp myconfig.yaml /k3os/system/config.yaml\nsync\nreboot -f\n```\n\nThis method places k3OS on disk and also overwrites `/sbin/init`.\nOn next reboot your ARM bootloader and kernel should be loaded,\nbut then when user space is to be initialized k3OS should take over.\nOne important consideration at the moment is that k3OS assumes the root device is not read only.\nThis typically means you need to remove `ro` from the kernel cmdline.\nThis should be fixed in a future release.\n\n## Configuration\n\nAll configuration is done through a single cloud-init style config file that is\neither packaged in the image, downloaded though cloud-init or managed by\nKubernetes. The configuration file is found at\n\n```\n/k3os/system/config.yaml\n/var/lib/rancher/k3os/config.yaml\n/var/lib/rancher/k3os/config.d/*\n```\n\nThe `/k3os/system/config.yaml` file is reserved for the system installation and should not be\nmodified on a running system. This file is usually populated by during the image build or\ninstallation process and contains important bootstrap information (such as networking or cloud-init\ndata sources).\n\nThe `/var/lib/rancher/k3os/config.yaml` or `config.d/*` files are intended to be used at runtime.\nThese files can be manipulated manually, through scripting, or managed with the Kubernetes operator.\n\n### Sample `config.yaml`\n\nA full example of the k3OS configuration file is as below.\n\n```yaml\nssh_authorized_keys:\n- ssh-rsa AAAAB3NzaC1yc2EAAAADAQAB...\n- github:ibuildthecloud\nwrite_files:\n- encoding: \"\"\n content: |-\n #!/bin/bash\n echo hello, local service start\n owner: root\n path: /etc/local.d/example.start\n permissions: '0755'\nhostname: myhost\ninit_cmd:\n- \"echo hello, init command\"\nboot_cmd:\n- \"echo hello, boot command\"\nrun_cmd:\n- \"echo hello, run command\"\n\nk3os:\n data_sources:\n - aws\n - cdrom\n modules:\n - kvm\n - nvme\n sysctl:\n kernel.printk: \"4 4 1 7\"\n kernel.kptr_restrict: \"1\"\n dns_nameservers:\n - 8.8.8.8\n - 1.1.1.1\n ntp_servers:\n - 0.us.pool.ntp.org\n - 1.us.pool.ntp.org\n wifi:\n - name: home\n passphrase: mypassword\n - name: nothome\n passphrase: somethingelse\n password: rancher\n server_url: https://someserver:6443\n token: TOKEN_VALUE\n labels:\n region: us-west-1\n somekey: somevalue\n k3s_args:\n - server\n - \"--cluster-init\"\n environment:\n http_proxy: http://myserver\n https_proxy: http://myserver\n taints:\n - key1=value1:NoSchedule\n - key1=value1:NoExecute\n```\n\nRefer to the [configuration reference](#configuration-reference) for full details of each\nconfiguration key.\n\n### Kubernetes\n\nSince k3OS is built on k3s all Kubernetes configuration is done by configuring\nk3s. This is primarily done through `environment` and `k3s_args` keys in `config.yaml`.\nThe `write_files` key can be used to populate the `/var/lib/rancher/k3s/server/manifests`\nfolder with apps you'd like to deploy on boot.\n\nRefer to [k3s docs](https://github.com/rancher/k3s/blob/master/README.md) for more\ninformation on how to configure Kubernetes.\n\n### Kernel cmdline\n\nAll configuration can be passed as kernel cmdline parameters too. The keys are dot\nseparated. For example `k3os.token=TOKEN`. If the key is a slice, multiple values are set by\nrepeating the key, for example `k3os.dns_nameserver=1.1.1.1 k3os.dns_nameserver=8.8.8.8`. You\ncan use the plural or singular form of the name, just ensure you consistently use the same form. For\nmap values the form `key[key]=value` form is used, for example `k3os.sysctl[kernel.printk]=\"4 4 1 7\"`.\nIf the value has spaces in it ensure that the value is quoted. Boolean keys expect a value of\n`true` or `false` or no value at all means `true`. For example `k3os.install.efi` is the same\nas `k3os.install.efi=true`.\n\n### Phases\n\nConfiguration is applied in three distinct phases: `initrd`, `boot`, `runtime`. `initrd`\nis run during the initrd phase before the root disk has been mounted. `boot` is run after\nthe root disk is mounted and the file system is setup, but before any services have started.\nThere is no networking available yet at this point. The final stage `runtime` is executed after\nnetworking has come online. If you are using a configuration from a cloud provider (like AWS\nuserdata) it will only be run in the `runtime` phase. Below is a table of which config keys\nare supported in each phase.\n\n| Key | initrd | boot | runtime |\n|----------------------|--------|------|---------|\n| ssh_authorized_keys | | x | x |\n| write_files | x | x | x |\n| hostname | x | x | x |\n| run_cmd | | | x |\n| boot_cmd | | x | |\n| init_cmd | x | | |\n| k3os.data_sources | | | x |\n| k3os.modules | x | x | x |\n| k3os.sysctls | x | x | x |\n| k3os.ntp_servers | | x | x |\n| k3os.dns_nameservers | | x | x |\n| k3os.wifi | | x | x |\n| k3os.password | x | x | x |\n| k3os.server_url | | x | x |\n| k3os.token | | x | x |\n| k3os.labels | | x | x |\n| k3os.k3s_args | | x | x |\n| k3os.environment | x | x | x |\n| k3os.taints | | x | x |\n\n### Networking\n\nNetworking is powered by `connman`. To configure networking a couple of helper keys are\navailable: `k3os.dns_nameserver`, `k3os.ntp_servers`, `k3os.wifi`. Refer to the\n[reference](#configuration-reference) for a full explanation of those keys. If you wish\nto configure a HTTP proxy set the `http_proxy`, and `https_proxy` fields in `k3os.environment`.\nAll other networking configuration should be done by configuring connman directly by using the\n`write_files` key to create connman [service](https://manpages.debian.org/testing/connman/connman-service.config.5.en.html)\nfiles.\n\n## Upgrade and Maintenance\n\nUpgrading and reconfiguring k3OS is all handled through the Kubernetes operator. The operator\nis still in development. More details to follow. The basic design is that one can set the\ndesired k3s and k3OS versions, plus their configuration and the operator will roll that out to\nthe cluster.\n\n### Automatic Upgrades\n\nIntegration with [rancher/system-upgrade-controller](https://github.com/rancher/system-upgrade-controller) has been implemented as of [v0.9.0](https://github.com/rancher/k3os/releases/tag/v0.9.0).\nTo enable a k3OS node to automatically upgrade from the [latest GitHub release](https://github.com/rancher/k3os/releases/latest) you will need to make sure it has the label\n`k3os.io/upgrade` with value `latest` (for k3OS versions prior to v0.11.x please use label `plan.upgrade.cattle.io/k3os-latest`). The upgrade controller will then spawn an upgrade job\nthat will drain most pods, upgrade the k3OS content under `/k3os/system`, and then reboot. The system should come back up running the latest\nkernel and k3s version bundled with k3OS and ready to schedule pods.\n\n#### Pre v0.9.0\n\nIf your k3OS installation is running a version prior to the v0.9.0 release or one of its release candidates you can setup\nthe system upgrade controller to upgrade your k3OS by following these steps:\n\n```shell script\n# apply the system-upgrade-controller manifest (once per cluster)\nkubectl apply -f https://raw.githubusercontent.com/rancher/k3os/v0.10.0/overlay/share/rancher/k3s/server/manifests/system-upgrade-controller.yaml\n# after the system-upgrade-controller pod is Ready, apply the plan manifest (once per cluster)\nkubectl apply -f https://raw.githubusercontent.com/rancher/k3os/v0.10.0/overlay/share/rancher/k3s/server/manifests/system-upgrade-plans/k3os-latest.yaml\n# apply the `plan.upgrade.cattle.io/k3os-latest` label as described above (for every k3OS node), e.g.\nkubectl label nodes -l k3os.io/mode plan.upgrade.cattle.io/k3os-latest=enabled # this should work on any cluster with k3OS installations at v0.7.0 or greater\n```\n\n### Manual Upgrades\n\nFor single-node or development use cases, where the operator is not being used, you can upgrade the rootfs and kernel with the following commands. If you do not specify K3OS_VERSION, it will default to the latest release.\n\nWhen using an overlay install such as on Raspberry Pi (see [ARM Overlay Installation](#arm-overlay-installation)) the original distro kernel (such as Raspbian) will continue to be used. On these systems the k3os-upgrade-kernel script will exit with a warning and perform no action.\n\n```bash\nexport K3OS_VERSION=v0.10.0\n/usr/share/rancher/k3os/scripts/k3os-upgrade-rootfs\n/usr/share/rancher/k3os/scripts/k3os-upgrade-kernel\n```\n\nYou should always remember to backup your data first, and reboot after upgrading.\n\n#### Manual Upgrade Scripts Have Been DEPRECATED\n\nThese scripts have been deprecated as of v0.9.0 are still on the system at `/usr/share/rancher/k3os/scripts`.\n\n## Building\n\nTo build k3OS you just need Docker and then run `make`. All artifacts will be put in `./dist/artifacts`.\nIf you are running on Linux you can run `./scripts/run` to run a VM of k3OS in the terminal. To exit\nthe instance type `CTRL+a c` to get the qemu console and then `q` for quit.\n\nThe source for the kernel is in `https://github.com/rancher/k3os-kernel` and similarly you\njust need to have Docker and run `make` to compile the kernel.\n\n## Configuration Reference\n\nBelow is a reference of all keys available in the `config.yaml`\n\n### `ssh_authorized_keys`\n\nA list of SSH authorized keys that should be added to the `rancher` user. k3OS primarily\nhas one user, `rancher`. The `root` account is always disabled, has no password, and is never\nassigned a ssh key. SSH keys can be obtained from GitHub user accounts by using the format\n`github:${USERNAME}`. This is done by downloading the keys from `https://github.com/${USERNAME}.keys`.\n\nExample\n\n```yaml\nssh_authorized_keys:\n- \"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2TBZGjE+J8ag11dzkFT58J3XPONrDVmalCNrKxsfADfyy0eqdZrG8hcAxAR/5zuj90Gin2uBR4Sw6Cn4VHsPZcFpXyQCjK1QDADj+WcuhpXOIOY3AB0LZBly9NI0ll+8lo3QtEaoyRLtrMBhQ6Mooy2M3MTG4JNwU9o3yInuqZWf9PvtW6KxMl+ygg1xZkljhemGZ9k0wSrjqif+8usNbzVlCOVQmZwZA+BZxbdcLNwkg7zWJSXzDIXyqM6iWPGXQDEbWLq3+HR1qKucTCSxjbqoe0FD5xcW7NHIME5XKX84yH92n6yn+rxSsyUfhJWYqJd+i0fKf5UbN6qLrtd/D\"\n- \"github:ibuildthecloud\"\n```\n\n### `write_files`\n\nA list of files to write to disk on boot. These files can be either plain text, gziped, base64 encoded,\nor base64+gzip encoded.\n\nExample\n\n```yaml\nwrite_files:\n- encoding: b64\n content: CiMgVGhpcyBmaWxlIGNvbnRyb2xzIHRoZSBzdGF0ZSBvZiBTRUxpbnV4...\n owner: root:root\n path: /etc/connman/main.conf\n permissions: '0644'\n- content: |\n # My new /etc/sysconfig/samba file\n\n SMDBOPTIONS=\"-D\"\n path: /etc/sysconfig/samba\n- content: !!binary |\n f0VMRgIBAQAAAAAAAAAAAAIAPgABAAAAwARAAAAAAABAAAAAAAAAAJAVAAAAAA\n AEAAHgAdAAYAAAAFAAAAQAAAAAAAAABAAEAAAAAAAEAAQAAAAAAAwAEAAAAAAA\n AAAAAAAAAwAAAAQAAAAAAgAAAAAAAAACQAAAAAAAAAJAAAAAAAAcAAAAAAAAAB\n ...\n path: /bin/arch\n permissions: '0555'\n- content: |\n 15 * * * * root ship_logs\n path: /etc/crontab\n```\n\n### `hostname`\n\nSet the system hostname. This value will be overwritten by DHCP if DHCP supplies a hostname for\nthe system.\n\nExample\n\n```yaml\nhostname: myhostname\n```\n\n### `init_cmd`, `boot_cmd`, `run_cmd`\n\nAll three keys are used to run arbitrary commands on startup in the respective phases of `initrd`,\n`boot` and `runtime`. Commands are ran after `write_files` so it is possible to write a script to\ndisk and run it from these commands. That often makes it easier to do longer form setup.\n\n### `k3os.data_sources`\n\nThese are the data sources used for download config from cloud provider. The valid options are:\n\n aws\n cdrom\n digitalocean\n gcp\n hetzner\n openstack\n packet\n scaleway\n vultr\n\nMore than one can be supported at a time, for example:\n\n```yaml\nk3os:\n data_sources:\n - openstack\n - cdrom\n```\n\nWhen multiple data sources are specified they are probed in order and the first to provide `/run/config/userdata` will halt further processing.\n\n### `k3os.modules`\n\nA list of kernel modules to be loaded on start.\n\nExample\n\n```yaml\nk3os:\n modules:\n - kvm\n - nvme\n```\n\n### `k3os.sysctls`\n\nKernel sysctl to setup on start. These are the same configuration you'd typically find in `/etc/sysctl.conf`.\nMust be specified as string values.\n\n```yaml\nk3os:\n sysctl:\n kernel.printk: 4 4 1 7 # the YAML parser will read as a string\n kernel.kptr_restrict: \"1\" # force the YAML parser to read as a string\n```\n\n### `k3os.ntp_servers`\n\n**Fallback** ntp servers to use if NTP is not configured elsewhere in connman.\n\nExample\n\n```yaml\nk3os:\n ntp_servers:\n - 0.us.pool.ntp.org\n - 1.us.pool.ntp.org\n```\n\n### `k3os.dns_nameservers`\n\n**Fallback** DNS name servers to use if DNS is not configured by DHCP or in a connman service config.\n\nExample\n\n```yaml\nk3os:\n dns_nameservers:\n - 8.8.8.8\n - 1.1.1.1\n```\n\n### `k3os.wifi`\n\nSimple wifi configuration. All that is accepted is `name` and `passphrase`. If you require more\ncomplex configuration then you should use `write_files` to write a connman service config.\n\nExample:\n\n```yaml\nk3os:\n wifi:\n - name: home\n passphrase: mypassword\n - name: nothome\n passphrase: somethingelse\n```\n\n### `k3os.password`\n\nThe password for the `rancher` user. By default there is no password for the `rancher` user.\nIf you set a password at runtime it will be reset on next boot because `/etc` is ephemeral. The\nvalue of the password can be clear text or an encrypted form. The easiest way to get this encrypted\nform is to just change your password on a Linux system and copy the value of the second field from\n`/etc/shadow`. You can also encrypt a password using `openssl passwd -1`.\n\nExample\n\n```yaml\nk3os:\n password: \"$1$tYtghCfK$QHa51MS6MVAcfUKuOzNKt0\"\n```\n\nOr clear text\n\n```yaml\nk3os:\n password: supersecure\n```\n\n### `k3os.server_url`\n\nThe URL of the k3s server to join as an agent.\n\nExample\n\n```yaml\nk3os:\n server_url: https://myserver:6443\n```\n\n### `k3os.token`\n\nThe cluster secret or node token. If the value matches the format of a node token it will\nautomatically be assumed to be a node token. Otherwise it is treated as a cluster secret.\n\nExample\n\n```yaml\nk3os:\n token: myclustersecret\n```\n\nOr a node token\n\n```yaml\nk3os:\n token: \"K1074ec55daebdf54ef48294b0ddf0ce1c3cb64ee7e3d0b9ec79fbc7baf1f7ddac6::node:77689533d0140c7019416603a05275d4\"\n```\n\n### `k3os.labels`\n\nLabels to be assigned to this node in Kubernetes on registration. After the node is first registered\nin Kubernetes the value of this setting will be ignored.\n\nExample\n\n```yaml\nk3os:\n labels:\n region: us-west-1\n somekey: somevalue\n```\n\n### `k3os.k3s_args`\n\nArguments to be passed to the k3s process. The arguments should start with `server` or `agent` to be valid.\n`k3s_args` is an exec-style (aka uninterpreted) argument array which means that when specifying a flag with a value one\nmust either join the flag to the value with an `=` in the same array entry or specify the flag in an entry by itself\nimmediately followed the value in another entry, e.g.:\n\n```yaml\n# K3s flags with values joined with `=` in single entry\nk3os:\n k3s_args:\n - server\n - \"--cluster-cidr=10.107.0.0/23\"\n - \"--service-cidr=10.107.1.0/23\"\n\n# Effectively invokes k3s as:\n# exec \"k3s\" \"server\" \"--cluster-cidr=10.107.0.0/23\" \"--service-cidr=10.107.1.0/23\" \n```\n\n```yaml\n# K3s flags with values in following entry\nk3os:\n k3s_args:\n - server\n - \"--cluster-cidr\"\n - \"10.107.0.0/23\"\n - \"--service-cidr\"\n - \"10.107.1.0/23\"\n\n# Effectively invokes k3s as:\n# exec \"k3s\" \"server\" \"--cluster-cidr\" \"10.107.0.0/23\" \"--service-cidr\" \"10.107.1.0/23\" \n```\n\n### `k3os.environment`\n\nEnvironment variables to be set on k3s and other processes like the boot process.\nPrimary use of this field is to set the http proxy.\n\nExample\n\n```yaml\nk3os:\n environment:\n http_proxy: http://myserver\n https_proxy: http://myserver\n```\n\n### `k3os.taints`\n\nTaints to set on the current node when it is first registered. After the\nnode is first registered the value of this field is ignored.\n\n```yaml\nk3os:\n taints:\n - \"key1=value1:NoSchedule\"\n - \"key1=value1:NoExecute\"\n```\n\n## License\n\nCopyright (c) 2014-2020 [Rancher Labs, Inc.](http://rancher.com)\n\nLicensed under the Apache License, Version 2.0 (the \"License\"); you may not use\nthis file except in compliance with the License. You may obtain a copy of the\nLicense at\n\n[http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)\n\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Francher%2Fk3os","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Francher%2Fk3os","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Francher%2Fk3os/lists"}