Kubernetes kubeadm cluster initialization¶

kubeadm is the standard tool used to bootstrap a minimum viable Kubernetes cluster.^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md] The initialization process configures the control-plane components, establishes the cluster network, and prepares the system for worker nodes to join.

Initialization Command¶

The cluster is created on the designated master node using the kubeadm init command^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md]. A typical execution specifies the API server's advertisement address, the control-plane endpoint, and network CIDRs for services and pods^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

kubeadm init \
  --apiserver-advertise-address=10.4.7.11 \
  --control-plane-endpoint=cluster-endpoint \
  --service-cidr=172.16.0.0/16 \
  --pod-network-cidr=192.168.0.0/16 | tee kubeadm-init.log

During this phase, kubeadm performs a series of steps including pre-flight checks, pulling required container images, generating certificates, and writing static Pod manifests for the API server, controller-manager, and scheduler to /etc/kubernetes/manifests^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

Post-Initialization Configuration¶

Once the command finishes, the control plane is running inside static Pods, but the user must configure kubectl to interact with the cluster^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md]. This involves setting up the kubeconfig file:

mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config

At this stage, nodes typically appear in a NotReady state because the cluster network, also known as the Pod Network, has not yet been deployed^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

Network Plugin Deployment¶

To make the cluster functional, a Container Network Interface (CNI) plugin must be applied^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md]. A common choice is Flannel. The Flannel configuration file must match the --pod-network-cidr specified during initialization^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

For example, if 192.168.0.0/16 was used, the Network field in kube-flannel.yml must be updated from 10.244.0.0/16 to 192.168.0.0/16 before applying^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

[kubectl](<./kubectl.md>) apply -f kube-flannel.yml

After the network plugin is running, the nodes should transition to the Ready status^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

Adding Nodes¶

To scale the cluster, worker nodes use the kubeadm join command. This command is provided at the end of the init process and includes a token and a hash for verification^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

kubeadm join cluster-endpoint:6443 \
  --token lbl36v.0liz1h81h2nb0j5g \
  --discovery-token-ca-cert-hash sha256:d7bd29289d585c4c49da1ffa810b3a726cff7ea940f7a7d4204eae49226a824f

If the token expires, a new join command can be generated on the master node using^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md]:

kubeadm token create --print-join-command

Resetting the Cluster¶

If the initialization fails or a clean slate is required, kubeadm reset can be used to revert changes made by kubeadm^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md].

kubeadm reset
sudo rm -rf ~/.kube

Related Concepts¶

• [[Container Networking Interface (CNI)]]
• [[Control Plane]]
• Kubectl
• [[Cluster Bootstrap]]

Sources¶

^[400-devops__06-Kubernetes__k8s-learning__00.install__01.使用部署工具安装_Kubernetes.md]