update kubelet settings

docs/02-kubelet.md

@@ -22,9 +22,6 @@ So, let's begin.
 
 First of all, we need to download kubelet.
 ```bash
-wget -q --show-progress --https-only --timestamping \
-  https://storage.googleapis.com/kubernetes-release/release/v1.21.0/bin/linux/amd64/kubelet
-
 wget -q --show-progress --https-only --timestamping \
   https://dl.k8s.io/v1.32.3/kubernetes-node-linux-amd64.tar.gz
 
@@ -33,10 +30,8 @@ tar -xvzf kubernetes-node-linux-amd64.tar.gz
 
 After download process complete, move kubelet binaries to the proper folder
 ```bash
-{
+# chmod +x kubelet \
-  chmod +x kubelet 
+#   && mv kubelet /usr/local/bin/
-  sudo mv kubelet /usr/local/bin/
-}
 ```
 
 ```bash
@@ -44,6 +39,11 @@ chmod +x kubernetes/node/bin/kubelet \
   && mv kubernetes/node/bin/kubelet /usr/local/bin/
 ```
 
+```bash
+ensure swap is disabled
+swapoff -a
+```
+
 As kubelet is a service that is used to manage pods running on the node, we need to configure that service
 ```bash
 cat <<EOF | tee /etc/systemd/system/kubelet.service

docs/03-pod-networking.md

@@ -208,12 +208,12 @@ First of all, we need to download that plugin
 
 ```bash
 wget -q --show-progress --https-only --timestamping \
-  https://github.com/containernetworking/plugins/releases/download/v0.9.1/cni-plugins-linux-amd64-v0.9.1.tgz
+  https://github.com/containernetworking/plugins/releases/download/v1.6.2/cni-plugins-linux-amd64-v1.6.2.tgz
 ```
 
 Now, we will create proper folders structure
 ```bash
-sudo mkdir -p \
+mkdir -p \
   /etc/cni/net.d \
   /opt/cni/bin
 ```
@@ -225,13 +225,15 @@ here:
 Now, we will untar the plugin to the proper folder
 
 ```bash
-sudo tar -xvf cni-plugins-linux-amd64-v0.9.1.tgz -C /opt/cni/bin/
+tar -xvf cni-plugins-linux-amd64-v1.6.2.tgz -C /opt/cni/bin/
 ```
 
+do not forget about iptables
+
 And create plugin configuration
 ```bash
 {
-cat <<EOF | sudo tee /etc/cni/net.d/10-bridge.conf
+cat <<EOF | tee /etc/cni/net.d/10-bridge.conf
 {
     "cniVersion": "0.4.0",
     "name": "bridge",
@@ -249,7 +251,7 @@ cat <<EOF | sudo tee /etc/cni/net.d/10-bridge.conf
 }
 EOF
 
-cat <<EOF | sudo tee /etc/cni/net.d/99-loopback.conf
+cat <<EOF | tee /etc/cni/net.d/99-loopback.conf
 {
     "cniVersion": "0.4.0",
     "name": "lo",
@@ -265,7 +267,25 @@ Of course, all configuration options here are important, but I want to highlight
 
 Update the kubelet config (add network-plugin configuration option)
 ```bash
-cat <<EOF | sudo tee /etc/systemd/system/kubelet.service
+cat <<EOF | tee /var/lib/kubelet/kubelet-config.yaml
+apiVersion: kubelet.config.k8s.io/v1beta1
+kind: KubeletConfiguration
+authentication:
+  anonymous:
+    enabled: true
+  webhook:
+    enabled: false
+authorization:
+  mode: AlwaysAllow
+networkPlugin: "cni"
+cniConfDir: "/etc/cni/net.d"
+cniBinDir: "/opt/cni/bin"
+EOF
+```
+
+
+```bash
+cat <<EOF | tee /etc/systemd/system/kubelet.service
 [Unit]
 Description=kubelet: The Kubernetes Node Agent
 Documentation=https://kubernetes.io/docs/home/
@@ -274,11 +294,9 @@ After=network-online.target
 
 [Service]
 ExecStart=/usr/local/bin/kubelet \\
-  --container-runtime=remote \\
   --container-runtime-endpoint=unix:///var/run/containerd/containerd.sock \\
-  --image-pull-progress-deadline=2m \\
   --file-check-frequency=10s \\
-  --network-plugin=cni \\
+  --config=/var/lib/kubelet/kubelet-config.yaml \\
   --pod-manifest-path='/etc/kubernetes/manifests/' \\
   --v=10
 Restart=always
@@ -292,15 +310,13 @@ EOF
 
 After the kubelet is reconfigured, we can restart it
 ```bash
-{
+systemctl daemon-reload \
-  sudo systemctl daemon-reload
+  && systemctl restart kubelet
-  sudo systemctl restart kubelet
-}
 ```
 
 And check kubelet status
 ```bash
-sudo systemctl status kubelet
+systemctl status kubelet
 ```
 
 Output: