Configuration options for worker nodes#
Although the k0s worker
command does not take in any special yaml configuration, there are still methods for configuring the workers to run various components.
Node labels#
The k0s worker
command accepts the --labels
flag, with which you can make the newly joined worker node the register itself, in the Kubernetes API, with the given set of labels.
For example, running the worker with k0s worker --token-file k0s.token --labels="k0sproject.io/foo=bar,k0sproject.io/other=xyz"
results in:
kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
worker0 NotReady <none> 10s v1.27.16+k0s beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,k0sproject.io/foo=bar,k0sproject.io/other=xyz,kubernetes.io/arch=amd64,kubernetes.io/hostname=worker0,kubernetes.io/os=linux
Controller worker nodes are assigned node.k0sproject.io/role=control-plane
and node-role.kubernetes.io/control-plane=true
labels:
kubectl get node --show-labels
NAME STATUS ROLES AGE VERSION LABELS
controller0 NotReady control-plane 10s v1.27.16+k0s beta.kubernetes.io/arch=amd64,beta.kubernetes.io/os=linux,kubernetes.io/hostname=worker0,kubernetes.io/os=linux,node.k0sproject.io/role=control-plane,node-role.kubernetes.io/control-plane=true
Note: Setting the labels is only effective on the first registration of the node. Changing the labels thereafter has no effect.
Taints#
The k0s worker
command accepts the --taints
flag, with which you can make the newly joined worker node the register itself with the given set of taints.
Note: Controller nodes running with --enable-worker
are assigned node-role.kubernetes.io/master:NoExecute
taint automatically. You can disable default taints using --no-taints
parameter.
kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints
NAME TAINTS
controller0 [map[effect:NoSchedule key:node-role.kubernetes.io/master]]
worker0 <none>
Kubelet configuration#
The k0s worker
command accepts a generic flag to pass in any set of arguments
for kubelet process.
For example, running k0s worker --token-file=k0s.token
--kubelet-extra-args="--node-ip=1.2.3.4 --address=0.0.0.0"
passes in the given
flags to Kubelet as-is. As such, you must confirm that any flags you are passing
in are properly formatted and valued as k0s will not validate those flags.
Worker Profiles#
Kubelet configuration fields can also be set via a worker profiles. Worker
profiles are defined in the main k0s.yaml and are used to generate ConfigMaps
containing a custom kubelet.config.k8s.io/v1beta1/KubeletConfiguration
object.
To see examples of k0s.yaml containing worker profiles: go
here. For a list of possible Kubelet
configuration fields: go
here.
IPTables Mode#
k0s detects iptables backend automatically based on the existing records. On a brand-new setup, iptables-nft
will be used.
There is a --iptables-mode
flag to specify the mode explicitly. Valid values: nft
, legacy
and auto
(default).
k0s worker --iptables-mode=nft