Update and refactor the kubeadm documentation + add HypriotOS instructions as well#1420
Conversation
lukemarsden
left a comment
There was a problem hiding this comment.
Hey @luxas! I think the ARM/rpi stuff should be moved into a separate document and linked to from here. It's really cool that kubeadm supports ARM, but having it all inline here "if ARM, do this, otherwise, do that" makes it much harder to follow for the 80% case which is users installing Kubernetes on x86-64.
Please have a go at splitting it out into a separate doc and then resubmit for review. Thanks!
| EOF | ||
| # apt-get update | ||
| # apt-get install -y docker.io kubelet kubeadm kubectl kubernetes-cni | ||
| # # Install docker if you don't have it already. Version 1.11.2 is recommended, but 1.10.3 and 1.12.1 are known to work as well. |
There was a problem hiding this comment.
Not sure if this helps the user here, may be we can have these extra version number in footnotes?
| ## Prerequisites | ||
|
|
||
| 1. One or more machines running Ubuntu 16.04 or CentOS 7 | ||
| 1. One or more machines running Ubuntu 16.04, CentOS 7 or HypriotOS |
There was a problem hiding this comment.
Any version of HypriotOS?
| The master is the machine where the "control plane" components run, including `etcd` (the cluster database) and the API server (which the `kubectl` CLI communicates with). | ||
| All of these components run in pods started by `kubelet`. | ||
|
|
||
| Before you run this, make sure nothing is listening on `2379`, `2380`, `8080`, `443` or `10250` and kubelet and docker is running (check with `systemctl status kubelet`). |
There was a problem hiding this comment.
443 is subject to change, I have some WIP... just FYI :)
| This will remove the "dedicated" taint from any nodes that have it, including the master node, meaning that the scheduler will then be able to schedule pods everywhere. | ||
|
|
||
| ### (3/4) Joining your nodes | ||
| ### (3/4) Installing a pod network |
There was a problem hiding this comment.
So the purpose of moving this here is that people don't forget to do it, right?
| ip link set cni0 down; ip link del cni0; | ||
| systemctl start kubelet</code></pre> | ||
| </details> <!-- *syntax-highlighting-hack --> | ||
| systemctl stop kubelet; |
There was a problem hiding this comment.
You will need to rebase this part after my PR gets merged...
| rm -rf /var/lib/kubelet /etc/kubernetes /var/lib/etcd /etc/cni; | ||
| ip link set cni0 down; ip link del cni0; | ||
| systemctl start kubelet | ||
| <!-- *syntax-highlighting-hack --> |
There was a problem hiding this comment.
Any ideas what this tag really means? I am not sure I can see any highlighting on this code, and generally shell syntax is just to ambiguous for highlighters...
There was a problem hiding this comment.
it's to stop vim highlighting the rest of the document as bold
| 1. `kubectl logs` is broken with `kubeadm` clusters due to [#22770](https://github.com/kubernetes/kubernetes/issues/22770). | ||
|
|
||
| Workaround: use `docker logs` on the nodes where the containers are running as a workaround. | ||
| 1. There is not yet an easy way to generate a `kubeconfig` file which can be used to authenticate to the cluster remotely with `kubectl` on, for example, your workstation. |
There was a problem hiding this comment.
Thanks for promoting this to the main section.
11612ed to
c709021
Compare
c709021 to
f9aa4a1
Compare
|
|
||
| If you want to use flannel, run this: | ||
|
|
||
| # ARCH=amd64 curl -sSL https://raw.githubusercontent.com/luxas/flannel/update-daemonset/Documentation/kube-flannel.yml | sed "s/amd64/${ARCH}/g" | kubectl create -f - |
There was a problem hiding this comment.
I understand what you are trying to do, but it's a bit confusing as it stand - sed expression has no effect...
There was a problem hiding this comment.
It has, since an arm user will understand to swap ARCH=amd64 to ARCH=arm
Should I point that out explicitely?
I don't think you addressed this, @luxas? |
There was a problem hiding this comment.
Update looks good. Have comments throughout.
I am not saying something negative about the tool,
but I would like to have a comment added calling out that this tool does not create a production grade or HA install yet.
This tool is still alpha, and it is listed on the site as the primary install tool, by website organization. I am concerned about optics, and people having a challenging experience with this tool.
How can we lead them better?
| ### (3/4) Joining your nodes | ||
| ### (3/4) Installing a pod network | ||
|
|
||
| You must install a pod network add-on so that your pods can communicate with each other. |
There was a problem hiding this comment.
Kubenet does not work?
| If you prefer [Calico](https://github.com/projectcalico/calico-containers/tree/master/docs/cni/kubernetes/manifests/kubeadm) or [Canal](https://github.com/tigera/canal/tree/master/k8s-install/kubeadm), please refer to their respective installation guides. | ||
| You can install _only one_ pod network per cluster. | ||
|
|
||
| Once a pod network has been installed, you can confirm that it is working by checking that the `kube-dns` pod is `Running` in the output of `kubectl get pods --all-namespaces`. |
There was a problem hiding this comment.
Should we give an example output?
| @@ -149,28 +183,12 @@ For example: | |||
|
|
|||
| A few seconds later, you should notice that running `kubectl get nodes` on the master shows a cluster with as many machines as you created. | |||
There was a problem hiding this comment.
Also, should the user validate the number of running nodes and cluster-info with kubectl?
|
|
||
| If you prefer [Calico](https://github.com/projectcalico/calico-containers/tree/master/docs/cni/kubernetes/manifests/kubeadm) or [Canal](https://github.com/tigera/canal/tree/master/k8s-install/kubeadm), please refer to their respective installation guides. | ||
| You should only install one pod network per cluster. | ||
| In order to get a kubectl on your laptop for example to talk to your cluster, you need to copy the `KubeConfig` file from your master to your laptop like this: |
There was a problem hiding this comment.
kubeadmin does not export the cluster kubeconf for the user?
There was a problem hiding this comment.
It does create a admin.json kubeconfig file that can be used for accessing the cluster, but not tied to a specific user with permissions
|
|
||
|
|
||
| ## Cleanup | ||
| ## Turndown |
There was a problem hiding this comment.
Don't think you mean Turndown.
noun: turndown; plural noun: turndowns; noun: turn-down; plural noun: turn-downs
- a rejection or refusal.
- a decline in something; a downturn
Tear down?
There was a problem hiding this comment.
Tear down was the word I was searching for, thanks
|
This needs a rebase. |
f9aa4a1 to
1aaab3e
Compare
|
Rebased and updated. |
|
I'll take a look tomorrow... |
1aaab3e to
c723f7b
Compare
| **Note:** this will autodetect the network interface to advertise the master on as the interface with the default gateway. | ||
| If you want to use a different interface, specify `--api-advertise-addresses=<ip-address>` argument to `kubeadm init`. | ||
|
|
||
| If you want to use [flannel](https://github.com/coreos/flannel) as the pod network; specify `--pod-network-cidr=10.244.0.0/16` if you're using the daemonset manifest below. |
There was a problem hiding this comment.
I am not entirely sure about this flag, have you tested this and it's required 100%? From what I know, this flag is entirely incompatible with any CNI plugin.
There was a problem hiding this comment.
Yes, it's unfortunately required
There was a problem hiding this comment.
Ok, may be we should make it more explicit by adding: "However, this is not required for any other networks, including Weave, which is recommended."
| * Mailing List: [kubernetes-sig-cluster-lifecycle](https://groups.google.com/forum/#!forum/kubernetes-sig-cluster-lifecycle) | ||
| * [GitHub Issues](https://github.com/kubernetes/kubernetes/issues): please tag `kubeadm` issues with `@kubernetes/sig-cluster-lifecycle` | ||
|
|
||
| ## kubeadm is multi-platform |
There was a problem hiding this comment.
This is better here, thank you.
c723f7b to
519ceca
Compare
|
Thanks a lot! |
* Added Self Healing Italian localization Signed-off-by: Paolo <ugho16@users.noreply.github.com> * Update content/it/self-healing.md Co-authored-by: Francesco Sbaraglia <23255586+fsbaraglia@users.noreply.github.com> Signed-off-by: Paolo <81316809+ugho16@users.noreply.github.com> Signed-off-by: Paolo <ugho16@users.noreply.github.com> Signed-off-by: Paolo <81316809+ugho16@users.noreply.github.com> Co-authored-by: Paolo <ugho16@users.noreply.github.com> Co-authored-by: Francesco Sbaraglia <23255586+fsbaraglia@users.noreply.github.com>
@errordeveloper @lukemarsden @mikedanese
PTAL
This change is