# K3s # Setting Up Our K3s for our Homelab Flow: Flow 1: K3s Setup + Traefik + Rancher Flow 2: Memcached, Redis Cluster Flow 3: Setup External Storage ( ZFS, Minio ), Internal Storage should be deployment only, i don't use containers as storage. Why i don't use longhorn as storage: 1. High load of network traffic, requirement of 10Gb ethernet 2. Faster & less complex management , less problems, less errors. # K3s issue when trying to access cluster from another machine ### problem: one day you don't know why the hell is going on with kubectl on your machine and you've already copied remote\_machine:./kube/config into your local machine and that worked before but now it keep telling wrong api group list or authorized. kubectl get ns ``` E0108 21:42:56.860495  805013 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials E0108 21:42:56.862131  805013 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials E0108 21:42:56.863214  805013 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials E0108 21:42:56.864421  805013 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials E0108 21:42:56.865299  805013 memcache.go:265] couldn't get current server API group list: the server has asked for the client to provide credentials error: You must be logged in to the server (the server has asked for the client to provide credentials) ``` or when you access to the api: ``` { "kind": "Status", "apiVersion": "v1", "metadata": {}, "status": "Failure", "message": "Unauthorized", "reason": "Unauthorized", "code": 401 } ``` ### solution: use the value config from the path into your ~/.kube/config SSH to your k3s primary server look for this file ``` /etc/rancher/k3s/k3s.yaml ``` view it using cat /etc/rancher/k3s/k3s.yaml use the value certification inside the file that includes: ```yaml certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tC..... client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0.... client-key-data: MgUFJJVkFURSBLRVktLS0t..... ``` Open your local machine ~/kube/config and replace them here is my complete .kube/config file content: ```yaml apiVersion: v1 clusters: - cluster: certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJ.....ekZiSVlGcUtNQWlHVk5yMjBaeUMvQml6Y0QKWEpjMzJ0RHF2NHlzOVFua29rVE1GUlYvalA2Z3pqaW9uaXBlQ1lJRVUyMkpvMEl3U.....1DQXFRd0R3WURW.....JNdVV6KzI5QWlCM21n.....Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K server: https://192.168.1.xxx:6443 name: k3s contexts: - context: cluster: k3s user: son name: k3s current-context: k3s kind: Config preferences: {} users: - name: son user: client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JS.....lFlQzh3Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOekF3TURVd05UY3lNQ.... client-key-data: LS0tLS1CRUdJTiBFQyBQUklW....0NBUUVFSU5nQzZqVEh4TUhXNGQ2SnZ5ZGs5OVVqOTBDaFQzMWU2dllkdE5QR2RUSTBvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFa0hOOTRxWVBFS2pVaVUr.... ``` Happy! [![image.png](https://wiki.kyluat.com/uploads/images/gallery/2025-01/scaled-1680-/BALimage.png)](https://wiki.kyluat.com/uploads/images/gallery/2025-01/BALimage.png) Some useful commands to remember: ``` kubectl config get-contexts ``` CURRENT NAME CLUSTER AUTHINFO NAMESPACE \* k3s k3s son ``` kubectl config use-context k3s ```