├── .gitignore ├── ARCHS ├── files ├── usr │ └── bin │ │ └── k3s-wrapper └── etc │ └── init.d │ └── k3s ├── VERSIONS ├── .circleci └── config.yml ├── README.md └── Makefile /.gitignore: -------------------------------------------------------------------------------- 1 | build 2 | *.opk 3 | -------------------------------------------------------------------------------- /ARCHS: -------------------------------------------------------------------------------- 1 | x86_64 2 | arm64 3 | armhf 4 | aarch64_cortex-a72 5 | -------------------------------------------------------------------------------- /files/usr/bin/k3s-wrapper: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | k3s "$@" 2>&1 | logger -t k3s & 3 | PID="$!" 4 | 5 | trap "kill $PID; wait $PID" 6 | -------------------------------------------------------------------------------- /VERSIONS: -------------------------------------------------------------------------------- 1 | 1.27.4+k3s1 2 | 1.24.2+k3s1 3 | 1.23.8+k3s1 4 | 1.22.11+k3s1 5 | 1.21.14+k3s1 6 | 1.20.4+k3s1 7 | 1.20.2+k3s1 8 | 1.18.10+k3s1 9 | 1.17.4+k3s1 10 | 0.9.1 11 | 0.4.0 12 | 0.3.0 13 | 0.2.0 14 | -------------------------------------------------------------------------------- /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2 2 | jobs: 3 | all: 4 | docker: 5 | - image: circleci/golang:1.11 6 | steps: 7 | - checkout 8 | - setup_remote_docker 9 | - run: 10 | name: build-and-release 11 | command: | 12 | curl -L https://github.com/tcnksm/ghr/releases/download/v0.12.0/ghr_v0.12.0_linux_amd64.tar.gz \ 13 | | sudo tar --strip=1 -C /usr/bin -xzvf - 14 | make release PVERSION=${CIRCLE_TAG} 15 | 16 | workflows: 17 | version: 2 18 | all: 19 | jobs: 20 | - all: 21 | context: default 22 | filters: 23 | tags: 24 | only: /^.*$/ 25 | branches: 26 | ignore: /.*/ 27 | -------------------------------------------------------------------------------- /files/etc/init.d/k3s: -------------------------------------------------------------------------------- 1 | #!/bin/sh /etc/rc.common 2 | 3 | START=60 4 | STOP=20 5 | 6 | PIDFILE=/var/run/k3s.pid 7 | EXEC="/usr/bin/k3s-wrapper" 8 | 9 | ensure_cgroup_mount() { 10 | # Unmount /sys/fs/cgroup if mounted as cgroup 11 | grep -q ' /sys/fs/cgroup cgroup' /proc/self/mounts && umount /sys/fs/cgroup 12 | 13 | grep -q ' /sys/fs/cgroup tmpfs' /proc/self/mounts \ 14 | || mount -t tmpfs -o uid=0,gid=0,mode=0755 cgroup /sys/fs/cgroup 15 | 16 | for sys in $(awk '!/^#/ { if ($4 == 1) print $1 }' /proc/cgroups); do 17 | mnt="/sys/fs/cgroup/$sys" 18 | grep -q "cgroup $mnt " /proc/self/mounts && continue 19 | mkdir -p "$mnt" 20 | mount -n -t cgroup -o $sys cgroup "$mnt" 21 | done 22 | } 23 | 24 | start() { 25 | ensure_cgroup_mount 26 | start-stop-daemon -S -b -x "$EXEC" -m -p "$PIDFILE" \ 27 | -- server $(uci_get k3s.globals.opts) \ 28 | --data-dir $(uci_get k3s.globals.root) 29 | } 30 | 31 | stop() { 32 | start-stop-daemon -K -p "$PIDFILE" 33 | } 34 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # k3s on OpenWrt 2 | Makefile to generate OpenWrt .opkg packages from official k3s binaries. 3 | 4 | ## Usage 5 | This requires a custom kernel with support for various cgroup, namespaces, vxlan, cfs 6 | scheduler etc. See here for my openwrt config: https://github.com/5pi-home/openwrt/blob/master/config 7 | 8 | ### Firewall 9 | To allow the k3s' flannel bridge to access the internet, configure a interface 10 | for cni0 in uci: 11 | 12 | /etc/config/network: 13 | ``` 14 | config interface 'k8s' 15 | option proto 'none' 16 | option ifname 'cni0' 17 | ``` 18 | 19 | /etc/config/firewall 20 | ``` 21 | config zone 22 | option name 'k8s' 23 | option input 'ACCEPT' 24 | option output 'ACCEPT' 25 | option forward 'ACCEPT' 26 | option network 'k8s' 27 | ``` 28 | 29 | ## Building 30 | Run `make` to build the default version for `x86_64`. You can override ARCH and 31 | VERSION, e.g `make ARCH=armhf`. See ARCHS and VERSIONS files for available 32 | architectures and versions. 33 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | VERSION ?= $(shell head -1 VERSIONS) 2 | PVERSION ?= 1 3 | ARCH ?= x86_64 4 | suffix := $(subst -x86_64,,-$(ARCH)) 5 | 6 | FILES = $(shell find files/ -type f) 7 | DIR = build/$(VERSION)/$(ARCH) 8 | OUT = build/k3s_$(VERSION)_$(ARCH).opk 9 | 10 | define CONTROL 11 | Package: k3s 12 | Version: ${VERSION}-${PVERSION} 13 | Architecture: $(ARCH) 14 | Maintainer: Johannes 'fish' Ziemke 15 | Depends: iptables iptables-mod-extra kmod-ipt-extra iptables-mod-extra kmod-br-netfilter ca-certificates 16 | Description: The Docker Engine packages for OpenWrt 17 | endef 18 | export CONTROL 19 | 20 | .PHONY: all 21 | all: $(OUT) 22 | 23 | build-all: 24 | if [ -n "$$(ls build/)" ]; then echo build/ not empty && exit 1; fi 25 | for a in $$(cat ARCHS); do \ 26 | for v in $$(cat VERSIONS); do \ 27 | make ARCH=$$a VERSION=$$v; \ 28 | done; \ 29 | done 30 | 31 | .PHONY: release 32 | release: build-all 33 | ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} \ 34 | -c ${CIRCLE_SHA1} -delete ${PVERSION} build/ 35 | 36 | $(OUT): $(DIR)/pkg/control.tar.gz $(DIR)/pkg/data.tar.gz $(DIR)/pkg/debian-binary 37 | tar -C $(DIR)/pkg -czvf "$@" debian-binary data.tar.gz control.tar.gz 38 | 39 | $(DIR)/data: $(FILES) 40 | mkdir -p "$@/usr/bin" 41 | cp -r files/* "$@" 42 | curl -sfLo "$@/usr/bin/k3s" \ 43 | https://github.com/k3s-io/k3s/releases/download/v$(VERSION)/k3s${suffix} 44 | chmod a+x "$@/usr/bin/k3s" 45 | 46 | $(DIR)/pkg/data.tar.gz: $(DIR)/data 47 | tar -C "$<" -czvf "$@" . 48 | 49 | $(DIR)/pkg: 50 | mkdir -p $@ 51 | 52 | $(DIR)/pkg/debian-binary: $(DIR)/pkg 53 | echo 2.0 > $@ 54 | 55 | $(DIR)/pkg/control: $(DIR)/pkg 56 | echo "$$CONTROL" > "$@" 57 | 58 | $(DIR)/pkg/control.tar.gz: $(DIR)/pkg/control 59 | tar -C $(DIR)/pkg -czvf "$@" control 60 | 61 | .PHONY: clean 62 | clean: 63 | rm -rf build/ 64 | --------------------------------------------------------------------------------