Cluster configuration file template: cluster_config_template.yml.
- Make sure you have “master-lb:6443” is ready. Choose your own podSubnet and serviceSubnet.
- Based on CRI-O Container Runtime.
apiVersion: kubeadm.k8s.io/v1beta2
kind: ClusterConfiguration
controlPlaneEndpoint: "master-lb:6443"
kubernetesVersion: stable
networking:
podSubnet: 10.100.0.0/16
serviceSubnet: 10.200.0.0/16
---
apiVersion: kubeadm.k8s.io/v1beta1
kind: InitConfiguration
nodeRegistration:
criSocket: unix:///var/run/crio/crio.sock
---
apiVersion: kubeproxy.config.k8s.io/v1alpha1
kind: KubeProxyConfiguration
ipvs:
excludeCIDRs: null
minSyncPeriod: 0s
scheduler: rr
strictARP: false
syncPeriod: 30s
mode: ipvs
---
apiVersion: kubelet.config.k8s.io/v1beta1
kind: KubeletConfiguration
cgroupDriver: systemd
maxPods: 400Convert old configuration file to a current version.
kubeadm config migrate --old-config cluster_config_template.yml --new-config config.ymlInitializes a Kubernetes control-plane with new configuration file from previous step. Don’t forget to add “ — upload-certs” flag.
kubeadm init --config=config.yml --upload-certsAfter a few seconds, you will have join command for master node and another join command for worker node.
Your Kubernetes control-plane has initialized successfully!To start using your cluster, you need to run the following as a regular user:mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/configYou should now deploy a pod network to the cluster.
Run "kubectl apply -f [podnetwork].yaml" with one of the options listed at:
https://kubernetes.io/docs/concepts/cluster-administration/addons/You can now join any number of the control-plane node running the following command on each as root:kubeadm join master-lb:6443 --token fwdo2y.097ahzl3jpxhk2ha \
--discovery-token-ca-cert-hash sha256:f47ec928cf9d10ac3755fd0c0fe604f711a093bc1e7d7a6bffc5c78c70a94611 \
--control-plane --certificate-key 5a8c302d2d735486a47bd62a2789241e9899eba058b4c6e02fac3c483662992cPlease note that the certificate-key gives access to cluster sensitive data, keep it secret!
As a safeguard, uploaded-certs will be deleted in two hours; If necessary, you can use
"kubeadm init phase upload-certs --upload-certs" to reload certs afterward.Then you can join any number of worker nodes by running the following on each as root:kubeadm join master-lb:6443 --token fwdo2y.097ahzl3jpxhk2ha \
--discovery-token-ca-cert-hash sha256:f47ec928cf9d10ac3755fd0c0fe604f711a093bc1e7d7a6bffc5c78c70a94611
Done.
