Kubernetes Nodes
The kubernetes node install is based on the prerequisites in the Kubernetes Cluster Installation page.
Install the kubernetes repo:
cat <<EOF > /etc/yum.repos.d/kubernetes.repo [kubernetes] name=Kubernetes baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 enabled=1 gpgcheck=1 repo_gpgcheck=1 gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude=kube* EOF
... or just copy it from an already installed kubernetes node ...
Install the pieces of the kubeadm installation on all nodes
yum install -y kubelet kubectl kubeadm --disableexcludes=kubernetes systemctl start kubelet systemctl enable kubelet
Make sure that /etc/sysconfig/kubelet has the following line:
KUBELET_EXTRA_ARGS=--authentication-token-webhook --fail-swap-on=false --runtime-cgroups=/systemd/system.slice --kubelet-cgroups=/systemd/system.slice
Join the cluster using the token and hash from the Production Cluster Configuration, Development Cluster Configuration, or Test Cluster Configuration as appropriate:
kubeadm join <master IP>:6443 --token <token> --discovery-token-ca-cert-hash <hash> --ignore-preflight-errors Swap
If you do not have the token, you can get it by running the following command on the control-plane node:
kubeadm token list
If you are joining a node to the cluster after the current token has expired, you can create a new token by running the following command on the control-plane node:
kubeadm token create
If you don’t have the value of --discovery-token-ca-cert-hash, you can get it by running the following command chain on the control-plane node:
openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
openssl dgst -sha256 -hex | sed 's/^.* //'