|
| 1 | +# Provisioning |
| 2 | + |
| 3 | +This command offers all required functionality to provision an host to join a Kubernetes cluster. |
| 4 | + |
| 5 | +The following operating systems are supported |
| 6 | +- Ubuntu 18.04 |
| 7 | +- CentOS 7 |
| 8 | +- ContainerLinux / CoreOS (Not tested with RedHat CoreOS) |
| 9 | + |
| 10 | +## Requirements |
| 11 | +- The cluster needs to use the bootstrap token authentication |
| 12 | + |
| 13 | +## CLI |
| 14 | + |
| 15 | +```bash |
| 16 | +./provision \ |
| 17 | + --kubelet-version="v1.13.1" \ |
| 18 | + --cloud-provider="openstack" \ |
| 19 | + --cloud-config="/etc/kubernetes/cloud-config" \ |
| 20 | + --token="AAAAAAAAAAAAAAAA" \ |
| 21 | + --ca-cert="/etc/kubernetes/ca.crt" |
| 22 | +``` |
| 23 | + |
| 24 | +## Process |
| 25 | + |
| 26 | +Nodes will boot with a cloud-init (Or Ignition) which writes required files & a shell script (called `setup.sh` here). |
| 27 | + |
| 28 | +### cloud-init (Or ignition) |
| 29 | +Parts which will be covered by cloud-init (or Ignition) |
| 30 | + |
| 31 | +- Install SSH keys |
| 32 | +- Configure hostname |
| 33 | +- `ca.crt` |
| 34 | + The CA certificate which got used to issue the certificates of the API server serving certificates |
| 35 | +- `cloud-config` |
| 36 | + A optional cloud-config used by the kubelet to interact with the cloud provider. |
| 37 | +- `setup.sh` |
| 38 | + Is responsible for downloading the `provision` binary and to execute it. |
| 39 | + The download of the binary might also be done using built-in `cloud-init` (or Ignition) features |
| 40 | + |
| 41 | +### Provision |
| 42 | + |
| 43 | +The `provision` binary will identify the operating system and execute a set of provisioning steps. |
| 44 | + |
| 45 | +The provisioning process gets separated into 2 phases: |
| 46 | +- Base provisioning |
| 47 | + Install and configure all required dependencies |
| 48 | +- Join |
| 49 | + Write & start the kubelet systemd unit |
| 50 | + |
| 51 | +#### Base provisioning |
| 52 | +The following steps belong into the base provisioning: |
| 53 | +- Install required packages (apt & yum action) |
| 54 | +- Configure required kernel parameter (Like ip forwarding, etc.) |
| 55 | +- Configure required kernel modules |
| 56 | +- Disable swap |
| 57 | +- Download & install the CNI plugins |
| 58 | +- Download & Install docker |
| 59 | +- Download Kubelet |
| 60 | +- Install health checks (Kubelet & Docker) |
| 61 | + |
| 62 | +#### Join |
| 63 | + |
| 64 | +This part will: |
| 65 | +- Write & start the kubelet systemd unit |
| 66 | + |
| 67 | +## Offline usage |
| 68 | + |
| 69 | +The `provision` binary should also be usable for "prebaking" images, which then can be used for offline usage. |
| 70 | + |
| 71 | +## Development process |
| 72 | + |
| 73 | +To make sure the local development version of the `provision` command gets used for new machines created by the local running machine controller, |
| 74 | +a new flag `--provision-source` must be introduced. |
| 75 | +This flag will instruct the machine controller to download the `provision` binary from the specified location. |
| 76 | + |
| 77 | +For simplicity the `/hack/run-machine-controller.sh` will be updated to include a step which will compile the `provoision` command & upload it to a gcs bucket. |
0 commit comments