Kubernetes Nodes: Difference between revisions
Jump to navigation
Jump to search
DrEdWilliams (talk | contribs) (added node-name to kubeadm join command) |
|||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
The kubernetes node install is based on the prerequisites in the [[Kubernetes Cluster Installation]] page. | The kubernetes node install is based on the prerequisites in the [[Kubernetes Cluster Installation]] page. | ||
Install the kubernetes repo | == Install the kubernetes repo == | ||
=== CentOS 7=== | |||
<pre> | <pre> | ||
cat <<EOF > /etc/yum.repos.d/kubernetes.repo | cat <<EOF > /etc/yum.repos.d/kubernetes.repo | ||
| Line 16: | Line 17: | ||
'''... or just copy it from an already installed kubernetes node ...''' | '''... or just copy it from an already installed kubernetes node ...''' | ||
yum install -y kubelet kubectl kubeadm --disableexcludes=kubernetes | |||
=== Debian 10 === | |||
apt-get update && apt-get install -y apt-transport-https curl | |||
curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - | |||
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list | |||
deb https://apt.kubernetes.io/ kubernetes-xenial main | |||
EOF | |||
apt-get update | |||
apt-get install -y kubelet kubeadm kubectl | |||
apt-mark hold kubelet kubeadm kubectl | |||
Make sure that /etc/sysconfig/kubelet has the following line: | == Start the kubernetes packages == | ||
Make sure that /etc/sysconfig/kubelet (or /etc/default/kubelet on Debian) has the following line: | |||
KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice | KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice | ||
Join the cluster | This needs to be done on all nodes: | ||
systemctl start kubelet | |||
systemctl enable kubelet | |||
== Join the cluster == | |||
Using the token and hash from the [[Production Cluster Configuration]], [[Development Cluster Configuration]], or [[Test Cluster Configuration]] as appropriate: | |||
kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s` | kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s` | ||
| Line 41: | Line 54: | ||
If you don’t have the value of '''--discovery-token-ca-cert-hash''', you can get it by running the following command chain on the control-plane node: | If you don’t have the value of '''--discovery-token-ca-cert-hash''', you can get it by running the following command chain on the control-plane node: | ||
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \ | openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \ | ||
openssl dgst -sha256 -hex | sed 's/^.* //' | openssl dgst -sha256 -hex | sed 's/^.* //' | ||
Latest revision as of 19:51, 8 August 2020
The kubernetes node install is based on the prerequisites in the Kubernetes Cluster Installation page.
Install the kubernetes repo[edit]
CentOS 7[edit]
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude=kube* EOF
... or just copy it from an already installed kubernetes node ...
yum install -y kubelet kubectl kubeadm --disableexcludes=kubernetes
Debian 10[edit]
apt-get update && apt-get install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb https://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl apt-mark hold kubelet kubeadm kubectl
Start the kubernetes packages[edit]
Make sure that /etc/sysconfig/kubelet (or /etc/default/kubelet on Debian) has the following line:
KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice
This needs to be done on all nodes:
systemctl start kubelet systemctl enable kubelet
Join the cluster[edit]
Using the token and hash from the Production Cluster Configuration, Development Cluster Configuration, or Test Cluster Configuration as appropriate:
kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s`
If you do not have the token, you can get it by running the following command on the control-plane node:
kubeadm token list
If you are joining a node to the cluster after the current token has expired, you can create a new token by running the following command on the control-plane node:
kubeadm token create
If you don’t have the value of --discovery-token-ca-cert-hash, you can get it by running the following command chain on the control-plane node:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \ openssl dgst -sha256 -hex | sed 's/^.* //'