我的书签
添加书签
移除书签- kubeadm init phase
- kubeadm init phase preflight
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase kubelet-start
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase certs
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- kubeadm init phase kubeconfig
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- kubeadm init phase control-plane
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- kubeadm init phase etcd
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase upload-config
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase upload-certs
- Synopsis
- Options
- Options inherited from parent commands
- kubeadm init phase mark-control-plane
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase bootstrap-token
- Synopsis
- Examples
- Options
- Options inherited from parent commands
- kubeadm init phase addon
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- Synopsis
- Options
- Options inherited from parent commands
- What’s next
- Feedback
- kubeadm init phase preflight
kubeadm init phase
kubeadm init phase enables you to invoke atomic steps of the bootstrap process.Hence, you can let kubeadm do some of the work and you can fill in the gapsif you wish to apply customization.
kubeadm init phase is consistent with the kubeadm init workflow,and behind the scene both use the same code.
kubeadm init phase preflight
Using this command you can execute preflight checks on a control-plane node.
- preflight
Synopsis
Run pre-flight checks for kubeadm init.
kubeadm init phase preflight [flags]
Examples
# Run pre-flight checks for kubeadm init using a config file.kubeadm init phase preflight --config kubeadm-config.yml
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for preflight | |
| —ignore-preflight-errors stringSlice | |
| A list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase kubelet-start
This phase will write the kubelet configuration file and environment file and then start the kubelet.
- kubelet-start
Synopsis
Write a file with KubeletConfiguration and an environment file with node specific kubelet settings, and then (re)start kubelet.
kubeadm init phase kubelet-start [flags]
Examples
# Writes a dynamic environment file with kubelet flags from a InitConfiguration file.kubeadm init phase kubelet-start --config config.yaml
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| —cri-socket string | |
| Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket. | |
| -h, —help | |
| help for kubelet-start | |
| —node-name string | |
| Specify the node name. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase certs
Can be used to create all required certificates by kubeadm.
- certs
- all
- ca
- apiserver
- apiserver-kubelet-client
- front-proxy-ca
- front-proxy-client
- etcd-ca
- etcd-server
- etcd-peer
- healthcheck-client
- apiserver-etcd-client
- sa
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase certs [flags]
Options
| -h, —help | |
| help for certs |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate all certificates
kubeadm init phase certs all [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-cert-extra-sans stringSlice | |
| Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for all | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. | |
| —service-dns-domain string Default: "cluster.local" | |
| Use alternative domain for services, e.g. "myorg.internal". |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the self-signed Kubernetes CA to provision identities for other Kubernetes components, and save them into ca.cert and ca.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs ca [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for ca | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for serving the Kubernetes API, and save them into apiserver.cert and apiserver.key files.
Default SANs are kubernetes, kubernetes.default, kubernetes.default.svc, kubernetes.default.svc.cluster.local, 10.96.0.1, 127.0.0.1
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs apiserver [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-cert-extra-sans stringSlice | |
| Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for apiserver | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. | |
| —service-dns-domain string Default: "cluster.local" | |
| Use alternative domain for services, e.g. "myorg.internal". |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for the API server to connect to kubelet, and save them into apiserver-kubelet-client.cert and apiserver-kubelet-client.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs apiserver-kubelet-client [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for apiserver-kubelet-client | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the self-signed CA to provision identities for front proxy, and save them into front-proxy-ca.cert and front-proxy-ca.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs front-proxy-ca [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for front-proxy-ca | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for the front proxy client, and save them into front-proxy-client.cert and front-proxy-client.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs front-proxy-client [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for front-proxy-client | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the self-signed CA to provision identities for etcd, and save them into etcd/ca.cert and etcd/ca.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs etcd-ca [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for etcd-ca | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for serving etcd, and save them into etcd/server.cert and etcd/server.key files.
Default SANs are localhost, 127.0.0.1, 127.0.0.1, ::1
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs etcd-server [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for etcd-server | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for etcd nodes to communicate with each other, and save them into etcd/peer.cert and etcd/peer.key files.
Default SANs are localhost, 127.0.0.1, 127.0.0.1, ::1
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs etcd-peer [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for etcd-peer | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate for liveness probes to healthcheck etcd, and save them into etcd/healthcheck-client.cert and etcd/healthcheck-client.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs etcd-healthcheck-client [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for etcd-healthcheck-client | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the certificate the apiserver uses to access etcd, and save them into apiserver-etcd-client.cert and apiserver-etcd-client.key files.
If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs apiserver-etcd-client [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —csr-dir string | |
| The path to output the CSRs and private keys to | |
| —csr-only | |
| Create CSRs instead of generating certificates | |
| -h, —help | |
| help for apiserver-etcd-client | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the private key for signing service account tokens along with its public key, and save them into sa.key and sa.pub files. If both files already exist, kubeadm skips the generation step and existing files will be used.
Alpha Disclaimer: this command is currently alpha.
kubeadm init phase certs sa [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| -h, —help | |
| help for sa |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase kubeconfig
You can create all required kubeconfig files by calling the all subcommand or call them individually.
- kubeconfig
- all
- admin
- kubelet
- controller-manager
- scheduler
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase kubeconfig [flags]
Options
| -h, —help | |
| help for kubeconfig |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate all kubeconfig files
kubeadm init phase kubeconfig all [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for all | |
| —kubeconfig-dir string Default: "/etc/kubernetes" | |
| The path where to save the kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —node-name string | |
| Specify the node name. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the kubeconfig file for the admin and for kubeadm itself, and save it to admin.conf file.
kubeadm init phase kubeconfig admin [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for admin | |
| —kubeconfig-dir string Default: "/etc/kubernetes" | |
| The path where to save the kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the kubeconfig file for the kubelet to use and save it to kubelet.conf file.
Please note that this should only be used for cluster bootstrapping purposes. After your control plane is up, you should request all kubelet credentials from the CSR API.
kubeadm init phase kubeconfig kubelet [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for kubelet | |
| —kubeconfig-dir string Default: "/etc/kubernetes" | |
| The path where to save the kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —node-name string | |
| Specify the node name. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the kubeconfig file for the controller manager to use and save it to controller-manager.conf file
kubeadm init phase kubeconfig controller-manager [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for controller-manager | |
| —kubeconfig-dir string Default: "/etc/kubernetes" | |
| The path where to save the kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the kubeconfig file for the scheduler to use and save it to scheduler.conf file.
kubeadm init phase kubeconfig scheduler [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for scheduler | |
| —kubeconfig-dir string Default: "/etc/kubernetes" | |
| The path where to save the kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase control-plane
Using this phase you can create all required static Pod files for the control plane components.
- control-plane
- all
- apiserver
- controller-manager
- scheduler
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase control-plane [flags]
Options
| -h, —help | |
| help for control-plane |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate all static Pod manifest files
kubeadm init phase control-plane all [flags]
Examples
# Generates all static Pod manifest files for control plane components,# functionally equivalent to what is generated by kubeadm init.kubeadm init phase control-plane all# Generates all static Pod manifest files using options read from a configuration file.kubeadm init phase control-plane all --config config.yaml
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —apiserver-extra-args mapStringString | |
| A set of extra flags to pass to the API Server or override default ones in form of <flagname>=<value> | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| —controller-manager-extra-args mapStringString | |
| A set of extra flags to pass to the Controller Manager or override default ones in form of <flagname>=<value> | |
| -k, —experimental-kustomize string | |
| The path where kustomize patches for static pod manifests are stored. | |
| —feature-gates string | |
| A set of key=value pairs that describe feature gates for various features. Options are:IPv6DualStack=true|false (ALPHA - default=false) | |
| -h, —help | |
| help for all | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —pod-network-cidr string | |
| Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. | |
| —scheduler-extra-args mapStringString | |
| A set of extra flags to pass to the Scheduler or override default ones in form of <flagname>=<value> | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generates the kube-apiserver static Pod manifest
kubeadm init phase control-plane apiserver [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —apiserver-extra-args mapStringString | |
| A set of extra flags to pass to the API Server or override default ones in form of <flagname>=<value> | |
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -k, —experimental-kustomize string | |
| The path where kustomize patches for static pod manifests are stored. | |
| —feature-gates string | |
| A set of key=value pairs that describe feature gates for various features. Options are:IPv6DualStack=true|false (ALPHA - default=false) | |
| -h, —help | |
| help for apiserver | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generates the kube-controller-manager static Pod manifest
kubeadm init phase control-plane controller-manager [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —controller-manager-extra-args mapStringString | |
| A set of extra flags to pass to the Controller Manager or override default ones in form of <flagname>=<value> | |
| -k, —experimental-kustomize string | |
| The path where kustomize patches for static pod manifests are stored. | |
| -h, —help | |
| help for controller-manager | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —pod-network-cidr string | |
| Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generates the kube-scheduler static Pod manifest
kubeadm init phase control-plane scheduler [flags]
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -k, —experimental-kustomize string | |
| The path where kustomize patches for static pod manifests are stored. | |
| -h, —help | |
| help for scheduler | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —scheduler-extra-args mapStringString | |
| A set of extra flags to pass to the Scheduler or override default ones in form of <flagname>=<value> |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase etcd
Use the following phase to create a local etcd instance based on a static Pod file.
- etcd
- local
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase etcd [flags]
Options
| -h, —help | |
| help for etcd |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Generate the static Pod manifest file for a local, single-node local etcd instance
kubeadm init phase etcd local [flags]
Examples
# Generates the static Pod manifest file for etcd, functionally# equivalent to what is generated by kubeadm init.kubeadm init phase etcd local# Generates the static Pod manifest file for etcd using options# read from a configuration file.kubeadm init phase etcd local --config config.yaml
Options
| —cert-dir string Default: "/etc/kubernetes/pki" | |
| The path where to save and store the certificates. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -k, —experimental-kustomize string | |
| The path where kustomize patches for static pod manifests are stored. | |
| -h, —help | |
| help for local | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase upload-config
You can use this command to upload the kubeadm configuration to your cluster.Alternatively, you can use kubeadm config.
- upload-config
- all
- kubeadm
- kubelet
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase upload-config [flags]
Options
| -h, —help | |
| help for upload-config |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Upload all configuration to a config map
kubeadm init phase upload-config all [flags]
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for all | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Upload the kubeadm ClusterConfiguration to a ConfigMap called kubeadm-config in the kube-system namespace. This enables correct configuration of system components and a seamless user experience when upgrading.
Alternatively, you can use kubeadm config.
kubeadm init phase upload-config kubeadm [flags]
Examples
# upload the configuration of your clusterkubeadm init phase upload-config --config=myConfig.yaml
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for kubeadm | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Upload kubelet configuration extracted from the kubeadm InitConfiguration object to a ConfigMap of the form kubelet-config-1.X in the cluster, where X is the minor version of the current (API Server) Kubernetes version.
kubeadm init phase upload-config kubelet [flags]
Examples
# Upload the kubelet configuration from the kubeadm Config file to a ConfigMap in the cluster.kubeadm init phase upload-config kubelet --config kubeadm.yaml
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for kubelet | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase upload-certs
Use the following phase to upload control-plane certificates to the cluster.By default the certs and encryption key expire after two hours.
- upload-certs
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase upload-certs [flags]
Options
| —certificate-key string | |
| Key used to encrypt the control-plane certificates in the kubeadm-certs Secret. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for upload-certs | |
| —skip-certificate-key-print | |
| Don't print the key used to encrypt the control-plane certificates. | |
| —upload-certs | |
| Upload control-plane certificates to the kubeadm-certs Secret. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase mark-control-plane
Use the following phase to label and taint the node with the node-role.kubernetes.io/master="" key-value pair.
- mark-control-plane
Synopsis
Mark a node as a control-plane
kubeadm init phase mark-control-plane [flags]
Examples
# Applies control-plane label and taint to the current node, functionally equivalent to what executed by kubeadm init.kubeadm init phase mark-control-plane --config config.yml# Applies control-plane label and taint to a specific nodekubeadm init phase mark-control-plane --node-name myNode
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for mark-control-plane | |
| —node-name string | |
| Specify the node name. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase bootstrap-token
Use the following phase to configure bootstrap tokens.
- bootstrap-token
Synopsis
Bootstrap tokens are used for establishing bidirectional trust between a node joining the cluster and a control-plane node.
This command makes all the configurations required to make bootstrap tokens works and then creates an initial token.
kubeadm init phase bootstrap-token [flags]
Examples
# Make all the bootstrap token configurations and create an initial token, functionally# equivalent to what generated by kubeadm init.kubeadm init phase bootstrap-token
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| -h, —help | |
| help for bootstrap-token | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. | |
| —skip-token-print | |
| Skip printing of the default bootstrap token generated by 'kubeadm init'. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
kubeadm init phase addon
You can install all the available addons with the all subcommand, orinstall them selectively.
- addon
- all
- coredns
- kube-proxy
Synopsis
This command is not meant to be run on its own. See list of available subcommands.
kubeadm init phase addon [flags]
Options
| -h, —help | |
| help for addon |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Install all the addons
kubeadm init phase addon all [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| —feature-gates string | |
| A set of key=value pairs that describe feature gates for various features. Options are:IPv6DualStack=true|false (ALPHA - default=false) | |
| -h, —help | |
| help for all | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —pod-network-cidr string | |
| Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. | |
| —service-dns-domain string Default: "cluster.local" | |
| Use alternative domain for services, e.g. "myorg.internal". |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Install the CoreDNS addon components via the API server. Please note that although the DNS server is deployed, it will not be scheduled until CNI is installed.
kubeadm init phase addon coredns [flags]
Options
| —config string | |
| Path to a kubeadm configuration file. | |
| —feature-gates string | |
| A set of key=value pairs that describe feature gates for various features. Options are:IPv6DualStack=true|false (ALPHA - default=false) | |
| -h, —help | |
| help for coredns | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —service-cidr string Default: "10.96.0.0/12" | |
| Use alternative range of IP address for service VIPs. | |
| —service-dns-domain string Default: "cluster.local" | |
| Use alternative domain for services, e.g. "myorg.internal". |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
Synopsis
Install the kube-proxy addon components via the API server.
kubeadm init phase addon kube-proxy [flags]
Options
| —apiserver-advertise-address string | |
| The IP address the API Server will advertise it's listening on. If not set the default network interface will be used. | |
| —apiserver-bind-port int32 Default: 6443 | |
| Port for the API Server to bind to. | |
| —config string | |
| Path to a kubeadm configuration file. | |
| —control-plane-endpoint string | |
| Specify a stable IP address or DNS name for the control plane. | |
| -h, —help | |
| help for kube-proxy | |
| —image-repository string Default: "k8s.gcr.io" | |
| Choose a container registry to pull control plane images from | |
| —kubeconfig string Default: "/etc/kubernetes/admin.conf" | |
| The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file. | |
| —kubernetes-version string Default: "stable-1" | |
| Choose a specific Kubernetes version for the control plane. | |
| —pod-network-cidr string | |
| Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. |
Options inherited from parent commands
| —rootfs string | |
| [EXPERIMENTAL] The path to the 'real' host root filesystem. |
To use kube-dns instead of CoreDNS you have to pass a configuration file:
# for installing a DNS addon onlykubeadm init phase addon coredns --config=someconfig.yaml# for creating a complete control plane nodekubeadm init --config=someconfig.yaml# for listing or pulling imageskubeadm config images list/pull --config=someconfig.yaml# for upgradeskubeadm upgrade apply --config=someconfig.yaml
The file has to contain a DNS field inClusterConfigurationand also a type for the addon - kube-dns (default value is CoreDNS).
apiVersion: kubeadm.k8s.io/v1beta2kind: ClusterConfigurationdns:type: "kube-dns"
For more details on each field in the v1beta2 configuration you can navigate to ourAPI reference pages.
What’s next
- kubeadm init to bootstrap a Kubernetes control-plane node
- kubeadm join to connect a node to the cluster
- kubeadm reset to revert any changes made to this host by
kubeadm initorkubeadm join - kubeadm alpha to try experimental functionality
Feedback
Was this page helpful?
Thanks for the feedback. If you have a specific, answerable question about how to use Kubernetes, ask it onStack Overflow.Open an issue in the GitHub repo if you want toreport a problemorsuggest an improvement.
