This guide covers bootstrapping your KubeAid-managed Kubernetes cluster. The installation process is the same for all providers and the configuration files you prepared in the previous step contain all provider-specific details.
Ensure you have completed:
- Prerequisites - All required tools installed
- Pre-Configuration -
general.yamlandsecrets.yamlconfigured or,
Make sure :
- Docker is running locally
- Your configuration files are in
outputs/configs/ - Your
secrets.yamlis backed up in your password store
If you haven't already installed the KubeAid CLI, run:
KUBEAID_CLI_VERSION=$(curl -s "https://api.github.com/repos/Obmondo/kubeaid-cli/releases/latest" | jq -r .tag_name)
OS=$([ "$(uname -s)" = "Linux" ] && echo "Linux" || echo "Darwin")
CPU_ARCHITECTURE=$([ "$(uname -m)" = "x86_64" ] && echo "amd64" || echo "arm64")
wget "https://github.com/Obmondo/kubeaid-cli/releases/download/${KUBEAID_CLI_VERSION}/kubeaid-cli_${OS}_${CPU_ARCHITECTURE}.tar.gz"
tar -xzf kubeaid-cli_${OS}_${CPU_ARCHITECTURE}.tar.gz
sudo mv kubeaid-cli /usr/local/bin/kubeaid-cli
sudo chmod +x /usr/local/bin/kubeaid-cli
rm kubeaid-cli_${OS}_${CPU_ARCHITECTURE}.tar.gzNote: This script works on both Linux and macOS. For Linux users who prefer native package managers, see the Native Package Installation section below.
Verify the installation:
kubeaid-cli --versionYou can also manually download the appropriate tar.gz package for your platform from the releases page.
| Platform | Architecture | Package Name |
|---|---|---|
| macOS | ARM64 (Apple Silicon) | kubeaid-cli_Darwin_arm64.tar.gz |
| macOS | x86_64 (Intel) | kubeaid-cli_Darwin_x86_64.tar.gz |
| Linux | ARM64 | kubeaid-cli_Linux_arm64.tar.gz |
| Linux | x86_64 | kubeaid-cli_Linux_x86_64.tar.gz |
-
Download the appropriate package for your platform:
# Example for Linux x86_64 wget https://github.com/Obmondo/kubeaid-cli/releases/latest/download/kubeaid-cli_Linux_x86_64.tar.gz -
Extract the archive:
tar -xzf kubeaid-cli_<OS>_<ARCH>.tar.gz
-
Move the binary to your PATH:
sudo mv kubeaid-cli /usr/local/bin/ sudo chmod +x /usr/local/bin/kubeaid-cli
-
Verify the installation:
kubeaid-cli --version
Native packages are available for Linux distributions in both amd64 and arm64 architectures:
| Format | Architecture | Package Name | Distribution |
|---|---|---|---|
.deb |
amd64 | kubeaid-cli_v<VERSION>_linux_amd64.deb |
Debian, Ubuntu |
.deb |
arm64 | kubeaid-cli_v<VERSION>_linux_arm64.deb |
Debian, Ubuntu |
.rpm |
amd64 | kubeaid-cli_v<VERSION>_linux_amd64.rpm |
RHEL, Fedora, CentOS |
.rpm |
arm64 | kubeaid-cli_v<VERSION>_linux_arm64.rpm |
RHEL, Fedora, CentOS |
.apk |
amd64 | kubeaid-cli_v<VERSION>_linux_amd64.apk |
Alpine Linux |
.apk |
arm64 | kubeaid-cli_v<VERSION>_linux_arm64.apk |
Alpine Linux |
.pkg.tar.zst |
amd64 | kubeaid-cli_v<VERSION>_linux_amd64.pkg.tar.zst |
Arch Linux |
.pkg.tar.zst |
arm64 | kubeaid-cli_v<VERSION>_linux_arm64.pkg.tar.zst |
Arch Linux |
Note: Replace
<VERSION>with the actual version number (e.g.,v0.17.1).
Debian/Ubuntu:
KUBEAID_CLI_VERSION=$(curl -s "https://api.github.com/repos/Obmondo/kubeaid-cli/releases/latest" | jq -r .tag_name)
CPU_ARCHITECTURE=$([ "$(uname -m)" = "x86_64" ] && echo "amd64" || echo "arm64")
wget "https://github.com/Obmondo/kubeaid-cli/releases/download/${KUBEAID_CLI_VERSION}/kubeaid-cli_${KUBEAID_CLI_VERSION}_linux_${CPU_ARCHITECTURE}.deb"
sudo dpkg -i kubeaid-cli_${KUBEAID_CLI_VERSION}_linux_${CPU_ARCHITECTURE}.debRHEL/Fedora/CentOS:
KUBEAID_CLI_VERSION=$(curl -s "https://api.github.com/repos/Obmondo/kubeaid-cli/releases/latest" | jq -r .tag_name)
CPU_ARCHITECTURE=$([ "$(uname -m)" = "x86_64" ] && echo "amd64" || echo "arm64")
wget "https://github.com/Obmondo/kubeaid-cli/releases/download/${KUBEAID_CLI_VERSION}/kubeaid-cli_${KUBEAID_CLI_VERSION}_linux_${CPU_ARCHITECTURE}.rpm"
sudo rpm -i kubeaid-cli_${KUBEAID_CLI_VERSION}_linux_${CPU_ARCHITECTURE}.rpmEach release includes a checksums file (kubeaid-cli_<VERSION>_checksums.txt) for verifying download integrity:
KUBEAID_CLI_VERSION=$(curl -s "https://api.github.com/repos/Obmondo/kubeaid-cli/releases/latest" | jq -r .tag_name)
wget "https://github.com/Obmondo/kubeaid-cli/releases/download/${KUBEAID_CLI_VERSION}/kubeaid-cli_${KUBEAID_CLI_VERSION#v}_checksums.txt"
sha256sum -c kubeaid-cli_${KUBEAID_CLI_VERSION#v}_checksums.txt --ignore-missingRun the bootstrap command:
kubeaid-cli cluster bootstrapThe bootstrap process will:
- Create a local management cluster - A temporary K3D cluster for orchestration
- Provision infrastructure - Create cloud resources (for cloud providers) or configure SSH access (for bare metal)
- Initialize Kubernetes - Deploy the control plane and worker nodes
- Install core components - Deploy Cilium, ArgoCD, Sealed Secrets, and KubePrometheus
- Configure GitOps - Set up ArgoCD to sync with your kubeaid-config repository
flowchart TB
subgraph Local["Your Local Machine"]
subgraph MgmtCluster["Temp Management Cluster"]
CAPI["ClusterAPI<br/>Operator"]
Kubeadm["Kubeadm<br/>Bootstrap"]
InfraProv["Infrastructure<br/>Provider<br/>(AWS/Azure/Hetzner)"]
end
end
subgraph MainCluster["Your Main Cluster"]
CP["Control Plane<br/>Nodes"]
W1["Worker<br/>Node 1"]
W2["Worker<br/>Node 2"]
WN["Worker<br/>Node N"]
end
CAPI -->|Provisions| CP
Kubeadm -->|Configures| CP
InfraProv -->|Creates<br/>Infrastructure| CP
Note: For KubeOne (SSH-only bare metal), there is no management cluster. KubeOne connects directly to your servers via SSH.
- Logs are streamed to your terminal in real-time
- All logs are saved to
outputs/.logfor later review - The process typically takes 10-30 minutes (depending on provider and cluster size)
Upon successful completion, you'll see:
✓ Cluster bootstrap complete!
Kubeconfig saved to: outputs/kubeconfigs/clusters/main.yaml
Set your kubeconfig and verify access:
export KUBECONFIG=./outputs/kubeconfigs/main.yaml
kubectl cluster-infoExpected output:
Kubernetes control plane is running at https://<cluster-endpoint>:6443
CoreDNS is running at https://<cluster-endpoint>:6443/api/v1/namespaces/kube-system/services/kube-dns:dns/proxy
kubectl get nodesAll nodes should show Ready status.
# Check all pods are running
kubectl get pods -A
# Check ArgoCD applications
kubectl get applications -n argocd| Issue | Cause | Solution |
|---|---|---|
| Bootstrap hangs | Network issues or resource constraints | Check logs in outputs/.log |
| Management cluster fails to create | Docker not running | Start Docker and retry |
| Cloud resources fail to provision | Invalid credentials | Verify secrets.yaml credentials |
| SSH connection fails (bare metal) | SSH key issues | Verify SSH key permissions and host connectivity |
| Nodes not joining | Network or firewall issues | Check security groups/firewall rules |
# View bootstrap logs
cat outputs/.log
# Follow logs in real-time (if bootstrap is running)
tail -f outputs/.logIf bootstrap fails partway through, you can retry:
# Clean up partial state
kubeaid-cli cluster delete management
# Retry bootstrap
kubeaid-cli cluster bootstrapThe bootstrap creates:
- VPC with public/private subnets
- NAT Gateway for private subnet egress
- Security groups for control plane and workers
- EC2 instances for nodes
- Elastic Load Balancer for API server
The bootstrap creates:
- Resource group for all resources
- Virtual network with subnets
- Network security groups
- Virtual machines for nodes
- Azure Load Balancer for API server
- Creates cloud servers for control plane and workers
- Sets up private network for inter-node communication
- Configures load balancer for API server
- Connects to existing servers via SSH
- Configures networking and disk layout
- Does not create new infrastructure
- Connects to your servers via SSH
- Installs Kubernetes components directly
- No cloud resources created
- You manage the server lifecycle
- Creates a K3D cluster in Docker
- For testing only-not for production
- No cluster upgrades or disaster recovery support
Once your cluster is up and running:
- Post-Configuration - Access dashboards, verify setup, configure services