What I want to do:
For my own educational purposes I'm trying to start a kube API server and register a kubelet as a node into it. I'm doing this exercise into a vagrant box which runs linux and a docker runtime.
What I did so far is:
$docker run --volume=$PWD/etcd-data:/default.etcd --detach --net=host quay.io/coreos/etcd
$docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3f4a42fce24a quay.io/coreos/etcd "/usr/local/bin/etcd" 2 hours ago Up 2 hours awesome_bartik
$./kube-apiserver --etcd-servers=http://127.0.0.1:2379 --service-cluster-ip-range=10.0.0.0/16
The server v.1.16 is up and running as seen next:
$curl http://localhost:8080/version
{
"major": "1",
"minor": "16",
"gitVersion": "v1.16.0",
"gitCommit": "2bd9643cee5b3b3a5ecbd3af49d09018f0773c77",
"gitTreeState": "clean",
"buildDate": "2019-09-18T14:27:17Z",
"goVersion": "go1.12.9",
"compiler": "gc",
"platform": "linux/amd64"
}
No nodes are registered yet.
What I can't yet achieve:
Now I want to start the kubelet and register it as a Node. In earlier versions this was maybe possible with the --api-servers
flag but this flag is already removed and the configuration is supposed to be in a separate kubelet config file.
My question is how to configure the access to the API server in the kubelet configuration file? Similar discussion is available here but it did not help me too much. The kubelet configuration options are available here.
So far the config file looks like this... Seems that staticPodURL
is definitely not the right config :-)
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
staticPodURL: http://localhost:8080
failSwapOn: false
authentication:
anonymous:
enabled: true
webhook:
enabled: false
authorization:
mode: AlwaysAllow
After a good amount of digging I've managed to make the kubelet register into the kube-api server which opens my way for further building of a small k8s cluster component by component.
The flag that I was looking for in the kubelet config is the following:
--kubeconfig string
Path to a kubeconfig file, specifying how to connect to the API server. Providing --kubeconfig enables API server mode, omitting --kubeconfig enables standalone mode.
Now I have two config files:
$ cat 02.kubelet-api-server-config.yaml
apiVersion: v1
kind: Config
clusters:
- cluster:
server: http://localhost:8080
name: kubernetes
contexts:
- context:
cluster: kubernetes
name: system:node:java2dayskube@kubernetes
current-context: system:node:java2dayskube@kubernetes
preferences: {}
$ cat 02.kubelet-base-config.yaml
kind: KubeletConfiguration
apiVersion: kubelet.config.k8s.io/v1beta1
staticPodURL: http://localhost:8080
failSwapOn: false
authentication:
anonymous:
enabled: true
webhook:
enabled: false
authorization:
mode: AlwaysAllow
As stated above the API server is up and running so I can start the kubelet now:
sudo ./kubelet --config=02.kubelet-base-config.yaml --kubeconfig=02.kubelet-api-server-config.yaml
Obviously the kubelet registered itself as a node in the API server (details skipped for brevity):
$ curl http://localhost:8080/api/v1/nodes
{
"kind": "NodeList",
"apiVersion": "v1",
"metadata": {
"selfLink": "/api/v1/nodes",
"resourceVersion": "62"
},
"items": [
{
"metadata": {
"name": "vagrant",
...
"creationTimestamp": "2019-11-03T09:12:18Z",
"labels": {
"beta.kubernetes.io/arch": "amd64",
"beta.kubernetes.io/os": "linux",
"kubernetes.io/arch": "amd64",
"kubernetes.io/hostname": "vagrant",
"kubernetes.io/os": "linux"
},
"annotations": {
"volumes.kubernetes.io/controller-managed-attach-detach": "true"
}
},
"spec": {
"taints": [
{
"key": "node.kubernetes.io/not-ready",
"effect": "NoSchedule"
}
]
}
...
}
I've managed to create one pod by making a POST request to the api-server. The kubelet was notified and span the corresponding docker containers.