### /etc/pve/lxc/301.conf

```
lxc.apparmor.profile: unconfined
lxc.cgroup.devices.allow: a
lxc.cap.drop:
lxc.cgroup2.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file
lxc.mount.auto: proc:rw sys:rw
```



### /dev/kmsg

```bash
cat <<'EOF' | tee /usr/local/bin/conf-kmsg.sh > /dev/null
#!/bin/sh -e
if [ ! -e /dev/kmsg ];then
ln -s /dev/console /dev/kmsg
fi
mount --make-rshared /

EOF
```



### 开机自启

```bash
chmod +x /usr/local/bin/conf-kmsg.sh
chmod +x /etc/rc.local
chmod +x /etc/rc.d/rc.local
```



### /etc/rc.local

```
sh /usr/local/bin/conf-kmsg.sh
```



### ip forward

```bash
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.conf
sysctl --system
```



### K3s_token

```bash
cat /var/lib/rancher/k3s/server/node-token
```

> K103ecfc393250507782a8275efe48fb3a27bfb010e14862ebfd7145448514b9f8b::server:0ef7e0ba1534843bcc8637dd8c9a31e9

### 主节点

```bash
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_VERSION=v1.28.12+k3s1 INSTALL_K3S_MIRROR=cn sh -
```



### agent加入集群

```bash
curl -sfL https://rancher-mirror.rancher.cn/k3s/k3s-install.sh | INSTALL_K3S_VERSION=v1.28.12+k3s1 INSTALL_K3S_MIRROR=cn K3S_URL=https://192.168.0.20:6443 K3S_TOKEN=K103ecfc393250507782a8275efe48fb3a27bfb010e14862ebfd7145448514b9f8b::server:0ef7e0ba1534843bcc8637dd8c9a31e9 sh -
```