Kubernetes Nodes: Difference between revisions
Jump to navigation
Jump to search
DrEdWilliams (talk | contribs) (added node-name to kubeadm join command) |
DrEdWilliams (talk | contribs) mNo edit summary |
||
| Line 1: | Line 1: | ||
The kubernetes node install is based on the prerequisites in the [[Kubernetes Cluster Installation]] page. | The kubernetes node install is based on the prerequisites in the [[Kubernetes Cluster Installation]] page. | ||
Install the kubernetes repo | == Install the kubernetes repo == | ||
=== CentOS 7=== | |||
<pre> | <pre> | ||
cat <<EOF > /etc/yum.repos.d/kubernetes.repo | cat <<EOF > /etc/yum.repos.d/kubernetes.repo | ||
| Line 16: | Line 17: | ||
'''... or just copy it from an already installed kubernetes node ...''' | '''... or just copy it from an already installed kubernetes node ...''' | ||
yum install -y kubelet kubectl kubeadm --disableexcludes=kubernetes | |||
< | === Debian 10 === | ||
systemctl start kubelet | apt-get update && apt-get install -y apt-transport-https curl | ||
systemctl enable kubelet | curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - | ||
cat <<EOF >/etc/apt/sources.list.d/kubernetes.list | |||
deb https://apt.kubernetes.io/ kubernetes-xenial main | |||
EOF | |||
apt-get update | |||
apt-get install -y kubelet kubeadm kubectl | |||
apt-mark hold kubelet kubeadm kubectl | |||
== Install the kubernetes packages == | |||
Thes needs to be done on all nodes: | |||
systemctl start kubelet | |||
systemctl enable kubelet | |||
Make sure that /etc/sysconfig/kubelet has the following line: | Make sure that /etc/sysconfig/kubelet (or /etc/default/kubelet on Debian) has the following line: | ||
KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice | KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice | ||
Join the cluster | == Join the cluster == | ||
Using the token and hash from the [[Production Cluster Configuration]], [[Development Cluster Configuration]], or [[Test Cluster Configuration]] as appropriate: | |||
kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s` | kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s` | ||
Revision as of 01:07, 16 August 2019
The kubernetes node install is based on the prerequisites in the Kubernetes Cluster Installation page.
Install the kubernetes repo
CentOS 7
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude=kube* EOF
... or just copy it from an already installed kubernetes node ...
yum install -y kubelet kubectl kubeadm --disableexcludes=kubernetes
Debian 10
apt-get update && apt-get install -y apt-transport-https curl curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - cat <<EOF >/etc/apt/sources.list.d/kubernetes.list deb https://apt.kubernetes.io/ kubernetes-xenial main EOF apt-get update apt-get install -y kubelet kubeadm kubectl apt-mark hold kubelet kubeadm kubectl
Install the kubernetes packages
Thes needs to be done on all nodes:
systemctl start kubelet systemctl enable kubelet
Make sure that /etc/sysconfig/kubelet (or /etc/default/kubelet on Debian) has the following line:
KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice
Join the cluster
Using the token and hash from the Production Cluster Configuration, Development Cluster Configuration, or Test Cluster Configuration as appropriate:
kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap --node-name=`hostname -s`
If you do not have the token, you can get it by running the following command on the control-plane node:
kubeadm token list
If you are joining a node to the cluster after the current token has expired, you can create a new token by running the following command on the control-plane node:
kubeadm token create
If you don’t have the value of --discovery-token-ca-cert-hash, you can get it by running the following command chain on the control-plane node:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'