Airgap install

In this tutorial we are going to cover k0s deployment in the environment with restricted internet access. As usually in the k0sproject we aim to give you the best user experience with the least possible amount of friction.

Prerequisites for exporting images bundle from running cluster

Working cluster with at least one controller (this cluster will be used to build images bundle). Please, refer to the getting started guide. You also need to have containerd CLI management tool ctr installed on the worker machine. Please refer to the ContainerD getting-started guide.

Steps

1. Create OCI bundle

k0s supports only uncompressed image bundles.

1.1 Using Docker

Use following commands to build OCI bundle by utilizing your docker environment.

  1. ## Pull images
  2. # k0s airgap list-images | xargs -I{} docker pull {}
  4. ## Create bundle
  5. # docker image save $(k0s airgap list-images | xargs) -o bundle_file
1.2 Using previously set up k0s worker

To build OCI bundle with images we can utilize the fact that containerd pulls all images during the k0s worker normal bootstrap. Use following commands on the machine with previously installed k0s worker:

  1. ## The command k0s airgap list-images prints images used by the current setup
  2. ## It respects the k0s.yaml values
  4. # export IMAGES=`k0s airgap list-images | xargs`
  5. # ctr --namespace k8s.io --address /run/k0s/containerd.sock images export bundle_file $IMAGES

Pay attention to the address and namespace arguments given to the ctr tool.

2. Sync bundle file with airgapped machine

Copy the bundle_file from the previous step to the target machine. Place the file under the images directory in the k0s data directory. Use following commands to place bundle into the default location:

  1. # mkdir -p /var/lib/k0s/images
  2. # cp bundle_file /var/lib/k0s/images/bundle_file

3. Ensure pull policy in the k0s.yaml (optional)

Use the following k0s.yaml to force containerd to never pull images for the k0s components. Otherwise containerd pulls the images, which are not found from the bundle, from the internet.

  1. apiVersion: k0s.k0sproject.io/v1beta1
  2. kind: Cluster
  3. metadata:
  4.   name: k0s
  5. spec:
  6.   images:
  7.     default_pull_policy: Never

4. Controller

Set up the controller node as usual. Please refer to the getting started guide.

5. Run worker

Do the worker set up as usually on the airgapped machine. During the start up k0s worker will import all bundles from the $K0S_DATA_DIR/images before even starting kubelet