Merge pull request #48375 from windsonsea/creadm

k8s-ci-robot · web-flow · commit 5cc2a00a7ad0 · 2024-10-16T11:03:04.000+01:00
Tweak and clean up four kubeadm files
diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md b/content/en/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md
@@ -27,21 +27,16 @@ of cloud servers, a Raspberry Pi, and more. Whether you're deploying into the
 cloud or on-premises, you can integrate `kubeadm` into provisioning systems such
 as Ansible or Terraform.
 
-
-
 ## {{% heading "prerequisites" %}}
 
-
 To follow this guide, you need:
 
 - One or more machines running a deb/rpm-compatible Linux OS; for example: Ubuntu or CentOS.
-- 2 GiB or more of RAM per machine--any less leaves little room for your
-   apps.
+- 2 GiB or more of RAM per machine--any less leaves little room for your apps.
 - At least 2 CPUs on the machine that you use as a control-plane node.
 - Full network connectivity among all machines in the cluster. You can use either a
   public or a private network.
 
-
 You also need to use a version of `kubeadm` that can deploy the version
 of Kubernetes that you want to use in your new cluster.
 
@@ -58,8 +53,6 @@ slightly as the tool evolves, but the overall implementation should be pretty st
 Any commands under `kubeadm alpha` are, by definition, supported on an alpha level.
 {{< /note >}}
 
-
-
 <!-- steps -->
 
 ## Objectives
@@ -74,12 +67,14 @@ Any commands under `kubeadm alpha` are, by definition, supported on an alpha lev
 
 #### Component installation
 
-Install a {{< glossary_tooltip term_id="container-runtime" text="container runtime" >}} and kubeadm on all the hosts.
-For detailed instructions and other prerequisites, see [Installing kubeadm](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/).
+Install a {{< glossary_tooltip term_id="container-runtime" text="container runtime" >}}
+and kubeadm on all the hosts. For detailed instructions and other prerequisites, see
+[Installing kubeadm](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/).
 
 {{< note >}}
 If you have already installed kubeadm, see the first two steps of the
-[Upgrading Linux nodes](/docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes) document for instructions on how to upgrade kubeadm.
+[Upgrading Linux nodes](/docs/tasks/administer-cluster/kubeadm/upgrading-linux-nodes)
+document for instructions on how to upgrade kubeadm.
 
 When you upgrade, the kubelet restarts every few seconds as it waits in a crashloop for
 kubeadm to tell it what to do. This crashloop is expected and normal.
@@ -166,17 +161,17 @@ The control-plane node is the machine where the control plane components run, in
 communicates with).
 
 1. (Recommended) If you have plans to upgrade this single control-plane `kubeadm` cluster
-to [high availability](/docs/setup/production-environment/tools/kubeadm/high-availability/)
-you should specify the `--control-plane-endpoint` to set the shared endpoint for all control-plane nodes.
-Such an endpoint can be either a DNS name or an IP address of a load-balancer.
+   to [high availability](/docs/setup/production-environment/tools/kubeadm/high-availability/)
+   you should specify the `--control-plane-endpoint` to set the shared endpoint for all control-plane nodes.
+   Such an endpoint can be either a DNS name or an IP address of a load-balancer.
 1. Choose a Pod network add-on, and verify whether it requires any arguments to
-be passed to `kubeadm init`. Depending on which
-third-party provider you choose, you might need to set the `--pod-network-cidr` to
-a provider-specific value. See [Installing a Pod network add-on](#pod-network).
+   be passed to `kubeadm init`. Depending on which
+   third-party provider you choose, you might need to set the `--pod-network-cidr` to
+   a provider-specific value. See [Installing a Pod network add-on](#pod-network).
 1. (Optional) `kubeadm` tries to detect the container runtime by using a list of well
-known endpoints. To use different container runtime or if there are more than one installed
-on the provisioned node, specify the `--cri-socket` argument to `kubeadm`. See
-[Installing a runtime](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-runtime).
+   known endpoints. To use different container runtime or if there are more than one installed
+   on the provisioned node, specify the `--cri-socket` argument to `kubeadm`. See
+   [Installing a runtime](/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-runtime).
 
 To initialize the control-plane node run:
 
@@ -186,7 +181,7 @@ kubeadm init <args>
 
 ### Considerations about apiserver-advertise-address and ControlPlaneEndpoint
 
-While `--apiserver-advertise-address` can be used to set the advertise address for this particular
+While `--apiserver-advertise-address` can be used to set the advertised address for this particular
 control-plane node's API server, `--control-plane-endpoint` can be used to set the shared endpoint
 for all control-plane nodes.
 
@@ -201,7 +196,7 @@ Here is an example mapping:
 
 Where `192.168.0.102` is the IP address of this node and `cluster-endpoint` is a custom DNS name that maps to this IP.
 This will allow you to pass `--control-plane-endpoint=cluster-endpoint` to `kubeadm init` and pass the same DNS name to
-`kubeadm join`. Later you can modify `cluster-endpoint` to point to the address of your load-balancer in an
+`kubeadm join`. Later you can modify `cluster-endpoint` to point to the address of your load-balancer in a
 high availability scenario.
 
 Turning a single control plane cluster created without `--control-plane-endpoint` into a highly available cluster
@@ -334,7 +329,6 @@ support [Network Policy](/docs/concepts/services-networking/network-policies/).
 See a list of add-ons that implement the
 [Kubernetes networking model](/docs/concepts/cluster-administration/networking/#how-to-implement-the-kubernetes-network-model).
 
-
 Please refer to the [Installing Addons](/docs/concepts/cluster-administration/addons/#networking-and-network-policy)
 page for a non-exhaustive list of networking addons supported by Kubernetes.
 You can install a Pod network add-on with the following command on the
@@ -399,8 +393,8 @@ kubectl label nodes --all node.kubernetes.io/exclude-from-external-load-balancer
 
 ### Adding more control plane nodes
 
-See [Creating Highly Available Clusters with kubeadm](/docs/setup/production-environment/tools/kubeadm/high-availability/) for steps on creating a high availability kubeadm cluster by adding more control plane
-nodes.
+See [Creating Highly Available Clusters with kubeadm](/docs/setup/production-environment/tools/kubeadm/high-availability/)
+for steps on creating a high availability kubeadm cluster by adding more control plane nodes.
 
 ### Adding worker nodes {#join-nodes}
 
@@ -439,7 +433,7 @@ privileges by using `kubectl create (cluster)rolebinding`.
 
 ### (Optional) Proxying API Server to localhost
 
-If you want to connect to the API Server from outside the cluster you can use
+If you want to connect to the API Server from outside the cluster, you can use
 `kubectl proxy`:
 
 ```bash
@@ -474,7 +468,8 @@ Before removing the node, reset the state installed by `kubeadm`:
 kubeadm reset
 ```
 
-The reset process does not reset or clean up iptables rules or IPVS tables. If you wish to reset iptables, you must do so manually:
+The reset process does not reset or clean up iptables rules or IPVS tables.
+If you wish to reset iptables, you must do so manually:
 
 ```bash
 iptables -F && iptables -t nat -F && iptables -t mangle -F && iptables -X
@@ -487,6 +482,7 @@ ipvsadm -C
 ```
 
 Now remove the node:
+
 ```bash
 kubectl delete node <node name>
 ```
@@ -503,7 +499,6 @@ See the [`kubeadm reset`](/docs/reference/setup-tools/kubeadm/kubeadm-reset/)
 reference documentation for more information about this subcommand and its
 options.
 
-
 ## Version skew policy {#version-skew-policy}
 
 While kubeadm allows version skew against some components that it manages, it is recommended that you
@@ -519,6 +514,7 @@ field when using `--config`. This option will control the versions
 of kube-apiserver, kube-controller-manager, kube-scheduler and kube-proxy.
 
 Example:
+
 * kubeadm is at {{< skew currentVersion >}}
 * `kubernetesVersion` must be at {{< skew currentVersion >}} or {{< skew currentVersionAddMinor -1 >}}
 
@@ -528,8 +524,10 @@ Similarly to the Kubernetes version, kubeadm can be used with a kubelet version
 the same version as kubeadm or three versions older.
 
 Example:
+
 * kubeadm is at {{< skew currentVersion >}}
-* kubelet on the host must be at {{< skew currentVersion >}}, {{< skew currentVersionAddMinor -1 >}}, {{< skew currentVersionAddMinor -2 >}} or {{< skew currentVersionAddMinor -3 >}}
+* kubelet on the host must be at {{< skew currentVersion >}}, {{< skew currentVersionAddMinor -1 >}},
+  {{< skew currentVersionAddMinor -2 >}} or {{< skew currentVersionAddMinor -3 >}}
 
 ### kubeadm's skew against kubeadm
 
@@ -542,6 +540,7 @@ the same node with `kubeadm upgrade`. Similar rules apply to the rest of the kub
 with the exception of `kubeadm upgrade`.
 
 Example for `kubeadm join`:
+
 * kubeadm version {{< skew currentVersion >}} was used to create a cluster with `kubeadm init`
 * Joining nodes must use a kubeadm binary that is at version {{< skew currentVersion >}}
 
@@ -550,9 +549,10 @@ version or one MINOR version newer than the version of kubeadm used for managing
 node.
 
 Example for `kubeadm upgrade`:
+
 * kubeadm version {{< skew currentVersionAddMinor -1 >}} was used to create or upgrade the node
 * The version of kubeadm used for upgrading the node must be at {{< skew currentVersionAddMinor -1 >}}
-or {{< skew currentVersion >}}
+  or {{< skew currentVersion >}}
 
 To learn more about the version skew between the different Kubernetes component see
 the [Version Skew Policy](/releases/version-skew-policy/).
@@ -577,8 +577,7 @@ Workarounds:
 ### Platform compatibility {#multi-platform}
 
 kubeadm deb/rpm packages and binaries are built for amd64, arm (32-bit), arm64, ppc64le, and s390x
-following the [multi-platform
-proposal](https://git.k8s.io/design-proposals-archive/multi-platform.md).
+following the [multi-platform proposal](https://git.k8s.io/design-proposals-archive/multi-platform.md).
 
 Multiplatform container images for the control plane and addons are also supported since v1.12.
 
@@ -591,10 +590,9 @@ supports your chosen platform.
 If you are running into difficulties with kubeadm, please consult our
 [troubleshooting docs](/docs/setup/production-environment/tools/kubeadm/troubleshooting-kubeadm/).
 
-
 <!-- discussion -->
 
-## What's next {#whats-next}
+## {{% heading "whatsnext" %}}
 
 * Verify that your cluster is running properly with [Sonobuoy](https://github.com/heptio/sonobuoy)
 * <a id="lifecycle" />See [Upgrading kubeadm clusters](/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade/)
diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/ha-topology.md b/content/en/docs/setup/production-environment/tools/kubeadm/ha-topology.md
@@ -18,12 +18,11 @@ You can set up an HA cluster:
 You should carefully consider the advantages and disadvantages of each topology before setting up an HA cluster.
 
 {{< note >}}
-kubeadm bootstraps the etcd cluster statically. Read the etcd [Clustering Guide](https://github.com/etcd-io/etcd/blob/release-3.4/Documentation/op-guide/clustering.md#static)
+kubeadm bootstraps the etcd cluster statically. Read the etcd
+[Clustering Guide](https://github.com/etcd-io/etcd/blob/release-3.4/Documentation/op-guide/clustering.md#static)
 for more details.
 {{< /note >}}
 
-
-
 <!-- body -->
 
 ## Stacked etcd topology
@@ -54,24 +53,26 @@ on control plane nodes when using `kubeadm init` and `kubeadm join --control-pla
 
 ## External etcd topology
 
-An HA cluster with external etcd is a [topology](https://en.wikipedia.org/wiki/Network_topology) where the distributed data storage cluster provided by etcd is external to the cluster formed by the nodes that run control plane components.
+An HA cluster with external etcd is a [topology](https://en.wikipedia.org/wiki/Network_topology)
+where the distributed data storage cluster provided by etcd is external to the cluster formed by
+the nodes that run control plane components.
 
-Like the stacked etcd topology, each control plane node in an external etcd topology runs an instance of the `kube-apiserver`, `kube-scheduler`, and `kube-controller-manager`. And the `kube-apiserver` is exposed to worker nodes using a load balancer. However, etcd members run on separate hosts, and each etcd host communicates with the `kube-apiserver` of each control plane node.
+Like the stacked etcd topology, each control plane node in an external etcd topology runs
+an instance of the `kube-apiserver`, `kube-scheduler`, and `kube-controller-manager`.
+And the `kube-apiserver` is exposed to worker nodes using a load balancer. However,
+etcd members run on separate hosts, and each etcd host communicates with the
+`kube-apiserver` of each control plane node.
 
 This topology decouples the control plane and etcd member. It therefore provides an HA setup where
 losing a control plane instance or an etcd member has less impact and does not affect
 the cluster redundancy as much as the stacked HA topology.
 
 However, this topology requires twice the number of hosts as the stacked HA topology.
-A minimum of three hosts for control plane nodes and three hosts for etcd nodes are required for an HA cluster with this topology.
+A minimum of three hosts for control plane nodes and three hosts for etcd nodes are
+required for an HA cluster with this topology.
 
 ![External etcd topology](/images/kubeadm/kubeadm-ha-topology-external-etcd.svg)
 
-
-
 ## {{% heading "whatsnext" %}}
 
-
 - [Set up a highly available cluster with kubeadm](/docs/setup/production-environment/tools/kubeadm/high-availability/)
-
-
diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/high-availability.md b/content/en/docs/setup/production-environment/tools/kubeadm/high-availability.md
@@ -17,7 +17,8 @@ cluster using kubeadm:
   control plane nodes and etcd members are separated.
 
 Before proceeding, you should carefully consider which approach best meets the needs of your applications
-and environment. [Options for Highly Available topology](/docs/setup/production-environment/tools/kubeadm/ha-topology/) outlines the advantages and disadvantages of each.
+and environment. [Options for Highly Available topology](/docs/setup/production-environment/tools/kubeadm/ha-topology/)
+outlines the advantages and disadvantages of each.
 
 If you encounter issues with setting up the HA cluster, please report these
 in the kubeadm [issue tracker](https://github.com/kubernetes/kubeadm/issues/new).
@@ -85,6 +86,7 @@ You need:
 <!-- end of shared prerequisites -->
 
 And you also need:
+
 - Three or more additional machines, that will become etcd cluster members.
   Having an odd number of members in the etcd cluster is a requirement for achieving
   optimal voting quorum.
@@ -97,8 +99,10 @@ _See [External etcd topology](/docs/setup/production-environment/tools/kubeadm/h
 
 ### Container images
 
-Each host should have access read and fetch images from the Kubernetes container image registry, `registry.k8s.io`.
-If you want to deploy a highly-available cluster where the hosts do not have access to pull images, this is possible. You must ensure by some other means that the correct container images are already available on the relevant hosts.
+Each host should have access read and fetch images from the Kubernetes container image registry,
+`registry.k8s.io`. If you want to deploy a highly-available cluster where the hosts do not have
+access to pull images, this is possible. You must ensure by some other means that the correct
+container images are already available on the relevant hosts.
 
 ### Command line interface {#kubectl}
 
@@ -288,7 +292,6 @@ in the kubeadm config file.
 
 1. Create a file called `kubeadm-config.yaml` with the following contents:
 
-
    ```yaml
    ---
    apiVersion: kubeadm.k8s.io/v1beta4
@@ -366,13 +369,13 @@ SSH is required if you want to control all nodes from a single machine.
 1. Enable ssh-agent on your main device that has access to all other nodes in
    the system:
 
-   ```
+   ```shell
    eval $(ssh-agent)
    ```
 
 1. Add your SSH identity to the session:
 
-   ```
+   ```shell
    ssh-add ~/.ssh/path_to_private_key
    ```
 
@@ -382,14 +385,14 @@ SSH is required if you want to control all nodes from a single machine.
      have logged into via SSH to access the SSH agent on your PC. Consider alternative
      methods if you do not fully trust the security of your user session on the node.
 
-     ```
+     ```shell
      ssh -A 10.0.0.7
      ```
 
    - When using sudo on any node, make sure to preserve the environment so SSH
      forwarding works:
 
-     ```
+     ```shell
      sudo -E -s
      ```
 
@@ -399,6 +402,7 @@ SSH is required if you want to control all nodes from a single machine.
 
    In the following example, replace `CONTROL_PLANE_IPS` with the IP addresses of the
    other control plane nodes.
+
    ```sh
    USER=ubuntu # customizable
    CONTROL_PLANE_IPS="10.0.0.7 10.0.0.8"
@@ -413,7 +417,7 @@ SSH is required if you want to control all nodes from a single machine.
        # Skip the next line if you are using external etcd
        scp /etc/kubernetes/pki/etcd/ca.key "${USER}"@$host:etcd-ca.key
    done
-    ```
+   ```
 
    {{< caution >}}
    Copy only the certificates in the above list. kubeadm will take care of generating the rest of the certificates
diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md
@@ -31,7 +31,8 @@ see the [Creating a cluster with kubeadm](/docs/setup/production-environment/too
 The `kubeadm` installation is done via binaries that use dynamic linking and assumes that your target system provides `glibc`.
 This is a reasonable assumption on many Linux distributions (including Debian, Ubuntu, Fedora, CentOS, etc.)
 but it is not always the case with custom and lightweight distributions which don't include `glibc` by default, such as Alpine Linux.
-The expectation is that the distribution either includes `glibc` or a [compatibility layer](https://wiki.alpinelinux.org/wiki/Running_glibc_programs)
+The expectation is that the distribution either includes `glibc` or a
+[compatibility layer](https://wiki.alpinelinux.org/wiki/Running_glibc_programs)
 that provides the expected symbols.
 {{< /note >}}
 
@@ -197,7 +198,8 @@ These instructions are for Kubernetes v{{< skew currentVersion >}}.
    ```
 
 {{< note >}}
-In releases older than Debian 12 and Ubuntu 22.04, directory `/etc/apt/keyrings` does not exist by default, and it should be created before the curl command.
+In releases older than Debian 12 and Ubuntu 22.04, directory `/etc/apt/keyrings` does not
+exist by default, and it should be created before the curl command.
 {{< /note >}}
 
 3. Add the appropriate Kubernetes `apt` repository. Please note that this repository have packages
@@ -240,11 +242,11 @@ In releases older than Debian 12 and Ubuntu 22.04, directory `/etc/apt/keyrings`
 
 {{< caution >}}
 - Setting SELinux in permissive mode by running `setenforce 0` and `sed ...`
-effectively disables it. This is required to allow containers to access the host
-filesystem; for example, some cluster network plugins require that. You have to
-do this until SELinux support is improved in the kubelet.
+  effectively disables it. This is required to allow containers to access the host
+  filesystem; for example, some cluster network plugins require that. You have to
+  do this until SELinux support is improved in the kubelet.
 - You can leave SELinux enabled if you know how to configure it but it may require
-settings that are not supported by kubeadm.
+  settings that are not supported by kubeadm.
 {{< /caution >}}
 
 2. Add the Kubernetes `yum` repository. The `exclude` parameter in the
