Skip to content

Configuration options for worker nodes#

Although the k0s worker command does not take in any special yaml configuration, there are still methods for configuring the workers to run various components.

Node labels#

The k0s worker command accepts the --labels flag, with which you can make the newly joined worker node the register itself, in the Kubernetes API, with the given set of labels.

For example, running the worker with k0s worker --token-file k0s.token --labels="k0sproject.io/foo=bar,k0sproject.io/other=xyz" results in:

kubectl get node --show-labels
NAME      STATUS     ROLES    AGE   VERSION        LABELS
worker0   NotReady   <none>   10s   v1.29.4+k0s  beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,k0sproject.io/foo=bar,k0sproject.io/other=xyz,kubernetes.io/arch=amd64,kubernetes.io/hostname=worker0,kubernetes.io/os=linux

Controller worker nodes are assigned node.k0sproject.io/role=control-plane and node-role.kubernetes.io/control-plane=true labels:

kubectl get node --show-labels
NAME          STATUS     ROLES           AGE   VERSION        LABELS
controller0   NotReady   control-plane   10s   v1.29.4+k0s  beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=worker0,kubernetes.io/os=linux,node.k0sproject.io/role=control-plane,node-role.kubernetes.io/control-plane=true

Note: Setting the labels is only effective on the first registration of the node. Changing the labels thereafter has no effect.

Taints#

The k0s worker command accepts the --taints flag, with which you can make the newly joined worker node the register itself with the given set of taints.

Note: Controller nodes running with --enable-worker are assigned node-role.kubernetes.io/master:NoExecute taint automatically. You can disable default taints using --no-taints parameter.

kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints
NAME          TAINTS
controller0   [map[effect:NoSchedule key:node-role.kubernetes.io/master]]
worker0       <none>

Kubelet configuration#

The k0s worker command accepts a generic flag to pass in any set of arguments for kubelet process.

For example, running k0s worker --token-file=k0s.token --kubelet-extra-args="--node-ip=1.2.3.4 --address=0.0.0.0" passes in the given flags to Kubelet as-is. As such, you must confirm that any flags you are passing in are properly formatted and valued as k0s will not validate those flags.

Worker Profiles#

Kubelet configuration fields can also be set via a worker profiles. Worker profiles are defined in the main k0s.yaml and are used to generate ConfigMaps containing a custom kubelet.config.k8s.io/v1beta1/KubeletConfiguration object. To see examples of k0s.yaml containing worker profiles: go here. For a list of possible Kubelet configuration fields: go here.

IPTables Mode#

k0s detects iptables backend automatically based on the existing records. On a brand-new setup, iptables-nft will be used.
There is a --iptables-mode flag to specify the mode explicitly. Valid values: nft, legacy and auto (default).

k0s worker --iptables-mode=nft