K3s Master Node (OCI)
The Master Node functions as the control plane for the production K3s cluster hosted on OCI.
Role: Production Cluster Control Plane
Instance: k3s-master (Oracle Ampere A1)
OS: Ubuntu 22.04 Minimal (ARM64)
1. Hardware Specification
The master node is the primary compute resource for cluster management:
| Component | Specification | Description |
|---|---|---|
| CPU | 3 OCPU | High availability for control plane services |
| RAM | 20 GB | Sufficient for control plane + core apps |
| Storage | 150 GB | Block Volume (High Performance) |
| Network | Public IP | Secured via Tailscale |
2. Software Architecture
Core Components
- Orchestrator: K3s v1.28+ (Lightweight Kubernetes).
- Storage Provider: Longhorn (Distributed block storage).
- Network CNI: Flannel (Standard K3s configuration).
3. Deployment and Provisioning
Infrastructure is provisioned using the following standard procedures:
- Base OS: Ubuntu 22.04 Minimal is deployed with cloud-init configuration.
-
K3s Installation: Executed via the official install script with specific flags for ARM64 optimization:
-
Token Management: The cluster-join token is secured and stored within the secret management system.
4. Security Hardening
Control plane security is maintained through:
- Firewall Rules: OCI VCN Security Lists restricted to cluster internal communication and authorized VPN IPs.
- Authentication: RBAC (Role-Based Access Control) is strictly enforced.
- Audit Logging: System and Kubernetes audit logs are captured and monitored.
5. Resource Management
To maintain optimal performance for hosted applications like OpenClaw, heavy compute services are offloaded:
- Ollama Offloading: The local Ollama deployment has been removed from the K3s cluster.
- External Failover: AI inference tasks are routed to an external Ollama instance (Windows PC) or cloud providers via OpenRouter to preserve OCPU and RAM for core application services.