Move Advanced OS preop into requirements

Signed-off-by: Derek Nola <derek.nola@suse.com>

docs/advanced/advanced.md

@@ -280,75 +280,6 @@ An example of disabling auto-starting and service enablement with the install sc
 curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_START=true INSTALL_K3S_SKIP_ENABLE=true sh -
 ```
 
-## Additional OS Preparations
-
-### Old iptables versions
-
-Several popular Linux distributions ship a version of iptables that contain a bug which causes the accumulation of duplicate rules, which negatively affects the performance and stability of the node. See [Issue #3117](https://github.com/k3s-io/k3s/issues/3117) for information on how to determine if you are affected by this problem.
-
-K3s includes a working version of iptables (v1.8.8) which functions properly. You can tell K3s to use its bundled version of iptables by starting K3s with the `--prefer-bundled-bin` option, or by uninstalling the iptables/nftables packages from your operating system.
-
-:::info Version Gate
-
-The `--prefer-bundled-bin` flag is available starting with the 2022-12 releases (v1.26.0+k3s1, v1.25.5+k3s1, v1.24.9+k3s1, v1.23.15+k3s1).
-
-:::
-
-### Red Hat Enterprise Linux / CentOS / Fedora
-
-It is recommended to turn off firewalld:
-```bash
-systemctl disable firewalld --now
-```
-
-If you wish to keep firewalld enabled, by default, the following rules are required:
-```bash
-firewall-cmd --permanent --add-port=6443/tcp #apiserver
-firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 #pods
-firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 #services
-firewall-cmd --reload
-```
-
-Additional ports may need to be opened depending on your setup. See [Inbound Rules](../installation/requirements.md#inbound-rules-for-k3s-server-nodes) for more information. If you change the default CIDR for pods or services, you will need to update the firewall rules accordingly.
-
-If enabled, it is required to disable nm-cloud-setup and reboot the node:
-```bash
-systemctl disable nm-cloud-setup.service nm-cloud-setup.timer
-reboot
-```
-
-### Ubuntu / Debian
-
-It is recommended to turn off ufw (uncomplicated firewall):
-```bash
-ufw disable
-```
-
-If you wish to keep ufw enabled, by default, the following rules are required:
-```bash
-ufw allow 6443/tcp #apiserver
-ufw allow from 10.42.0.0/16 to any #pods
-ufw allow from 10.43.0.0/16 to any #services
-```
-
-Additional ports may need to be opened depending on your setup. See [Inbound Rules](../installation/requirements.md#inbound-rules-for-k3s-server-nodes) for more information. If you change the default CIDR for pods or services, you will need to update the firewall rules accordingly.
-
-### Raspberry Pi
-
-Raspberry Pi OS is Debian based, and may suffer from an old iptables version. See [workarounds](#old-iptables-versions).
-
-Standard Raspberry Pi OS installations do not start with `cgroups` enabled. **K3S** needs `cgroups` to start the systemd service. `cgroups`can be enabled by appending `cgroup_memory=1 cgroup_enable=memory` to `/boot/cmdline.txt`.
-
-Example cmdline.txt:
-```
-console=serial0,115200 console=tty1 root=PARTUUID=58b06195-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait cgroup_memory=1 cgroup_enable=memory
-```
-
-Starting with Ubuntu 21.10, vxlan support on Raspberry Pi has been moved into a separate kernel module. 
-```bash
-sudo apt install linux-modules-extra-raspi
-```
-
 ## Running K3s in Docker
 
 There are several ways to run K3s in Docker:

docs/faq/faq.md

@@ -63,7 +63,7 @@ If you are having an issue with deploying K3s, you should:
 
 1) Check the [Known Issues](../known-issues/known-issues.md) page.
 
-2) Check that you have resolved any [Additional OS Preparation](../advanced/advanced.md#additional-os-preparations). Run `k3s check-config` and ensure that it passes.
+2) Check that you have resolved any [Additional OS Preparation](../installation/requirements.md#operating-systems). Run `k3s check-config` and ensure that it passes.
 
 3) Search the K3s [Issues](https://github.com/k3s-io/k3s/issues) and [Discussions](https://github.com/k3s-io/k3s/discussions) for one that matches your problem.
 

docs/installation/requirements.md

@@ -33,9 +33,70 @@ K3s is expected to work on most modern Linux systems.
 
 Some OSs have additional setup requirements:
 
-- If you are using **RHEL/CentOS/Fedora**, follow [these steps](../advanced/advanced.md#red-hat-enterprise-linux--centos--fedora).
-- If you are using **Ubuntu/Debian**, follow [these steps](../advanced/advanced.md#ubuntu--debian).
-- If you are using **Raspberry Pi OS**, follow [these steps](../advanced/advanced.md#raspberry-pi).
+#### Red Hat Enterprise Linux / CentOS / Fedora
+<details>
+
+It is recommended to turn off firewalld:
+```bash
+systemctl disable firewalld --now
+```
+
+If you wish to keep firewalld enabled, by default, the following rules are required:
+```bash
+firewall-cmd --permanent --add-port=6443/tcp #apiserver
+firewall-cmd --permanent --zone=trusted --add-source=10.42.0.0/16 #pods
+firewall-cmd --permanent --zone=trusted --add-source=10.43.0.0/16 #services
+firewall-cmd --reload
+```
+
+Additional ports may need to be opened depending on your setup. See [Inbound Rules](#inbound-rules-for-k3s-server-nodes) for more information. If you change the default CIDR for pods or services, you will need to update the firewall rules accordingly.
+
+If enabled, it is required to disable nm-cloud-setup and reboot the node:
+```bash
+systemctl disable nm-cloud-setup.service nm-cloud-setup.timer
+reboot
+```
+</details>
+
+#### Ubuntu / Debian
+
+<details>
+
+Older Debian release may suffer from a known iptables bug. See [Known Issues](../known-issues/known-issues.md#iptables).
+
+It is recommended to turn off ufw (uncomplicated firewall):
+```bash
+ufw disable
+```
+
+If you wish to keep ufw enabled, by default, the following rules are required:
+```bash
+ufw allow 6443/tcp #apiserver
+ufw allow from 10.42.0.0/16 to any #pods
+ufw allow from 10.43.0.0/16 to any #services
+```
+
+Additional ports may need to be opened depending on your setup. See [Inbound Rules](#inbound-rules-for-k3s-server-nodes) for more information. If you change the default CIDR for pods or services, you will need to update the firewall rules accordingly.
+</details>
+
+#### Raspberry Pi
+
+<details>
+
+Raspberry Pi OS is Debian based, and may suffer from a known iptables bug. See [Known Issues](../known-issues/known-issues.md#iptables).
+
+Standard Raspberry Pi OS installations do not start with `cgroups` enabled. **K3S** needs `cgroups` to start the systemd service. `cgroups`can be enabled by appending `cgroup_memory=1 cgroup_enable=memory` to `/boot/cmdline.txt`.
+
+Example cmdline.txt:
+```
+console=serial0,115200 console=tty1 root=PARTUUID=58b06195-02 rootfstype=ext4 elevator=deadline fsck.repair=yes rootwait cgroup_memory=1 cgroup_enable=memory
+```
+
+Starting with Ubuntu 21.10, vxlan support on Raspberry Pi has been moved into a separate kernel module. 
+```bash
+sudo apt install linux-modules-extra-raspi
+```
+</details>
 
 For more information on which OSs were tested with Rancher managed K3s clusters, refer to the [Rancher support and maintenance terms.](https://rancher.com/support-maintenance-terms/)
 
@@ -89,7 +150,7 @@ Flannel relies on the [Bridge CNI plugin](https://www.cni.dev/plugins/current/ma
 
 Typically, all outbound traffic is allowed.
 
-Additional changes to the firewall may be required depending on the OS used. See [Additional OS Preparations](../advanced/advanced.md#additional-os-preparations).
+Additional changes to the firewall may be required depending on the OS used.
 
 ## Large Clusters
 

docs/known-issues/known-issues.md

@@ -10,9 +10,15 @@ If you plan to use K3s with docker, Docker installed via a snap package is not r
 
 ### Iptables
 
-If you are running iptables in nftables mode instead of legacy you might encounter issues. We recommend utilizing newer iptables (such as 1.6.1+) to avoid issues. 
+Iptables versions 1.8.0-1.8.4 have known issues that can cause K3s to fail. Several popular Linux distributions ship with these versions by default. One bug causes the accumulation of duplicate rules, which negatively affects the performance and stability of the node. See [Issue #3117](https://github.com/k3s-io/k3s/issues/3117) for information on how to determine if you are affected by this problem.
 
-Additionally, versions 1.8.0-1.8.4 have known issues that can cause K3s to fail. See [Additional OS Preparations](../advanced/advanced.md#old-iptables-versions) for workarounds. 
+K3s includes a working version of iptables (v1.8.8) which functions properly. You can tell K3s to use its bundled version of iptables by starting K3s with the `--prefer-bundled-bin` option, or by uninstalling the iptables/nftables packages from your operating system.
+
+:::info Version Gate
+
+The `--prefer-bundled-bin` flag is available starting with the 2022-12 releases (v1.26.0+k3s1, v1.25.5+k3s1, v1.24.9+k3s1, v1.23.15+k3s1).
+
+:::
 
 ### Rootless Mode
 

docs/quick-start/quick-start.md

@@ -5,6 +5,8 @@ weight: 10
 
 This guide will help you quickly launch a cluster with default options. The [installation section](../installation/installation.md) covers in greater detail how K3s can be set up.
 
+Make sure your nodes meet the the [requirements](../installation/requirements.md) before proceeding.
+
 For information on how K3s components work together, refer to the [architecture section.](../architecture/architecture.md)
 
 :::info