diff --git a/docs/02-client-tools.md b/docs/02-client-tools.md index e6b728d..d216d87 100644 --- a/docs/02-client-tools.md +++ b/docs/02-client-tools.md @@ -55,12 +55,23 @@ cfssl version > output ``` -Version: 1.2.0 +Version: 1.3.0 Revision: dev -Runtime: go1.6 +Runtime: go1.9.4 ``` -> The cfssljson command line utility does not provide a way to print its version. +Verify `cfssljson` version 1.2.0 or higher is installed: + +``` +cfssljson -version +``` +> output + +``` +Version: 1.3.0 +Revision: dev +Runtime: go1.9.4 +``` ## Install kubectl @@ -83,7 +94,7 @@ sudo mv kubectl /usr/local/bin/ ### Linux ``` -wget https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl +wget https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl ``` ``` @@ -105,7 +116,7 @@ kubectl version --client > output ``` -Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.0", GitCommit:"925c127ec6b946659ad0fd596fa959be43f0cc05", GitTreeState:"clean", BuildDate:"2017-12-15T21:07:38Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"darwin/amd64"} +Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"d2835416544f298c919e2ead3be3d0864b52323b", GitTreeState:"clean", BuildDate:"2018-02-09T21:51:06Z", GoVersion:"go1.9.4", Compiler:"gc", Platform:"darwin/amd64"} ``` Next: [Provisioning Compute Resources](03-compute-resources.md) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 93ad388..e586365 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -18,17 +18,17 @@ Download the official etcd release binaries from the [coreos/etcd](https://githu ``` wget -q --show-progress --https-only --timestamping \ - "https://github.com/coreos/etcd/releases/download/v3.2.11/etcd-v3.2.11-linux-amd64.tar.gz" + "https://github.com/coreos/etcd/releases/download/v3.3.1/etcd-v3.3.1-linux-amd64.tar.gz" ``` Extract and install the `etcd` server and the `etcdctl` command line utility: ``` -tar -xvf etcd-v3.2.11-linux-amd64.tar.gz +tar -xvf etcd-v3.3.1-linux-amd64.tar.gz ``` ``` -sudo mv etcd-v3.2.11-linux-amd64/etcd* /usr/local/bin/ +sudo mv etcd-v3.3.1-linux-amd64/etcd* /usr/local/bin/ ``` ### Configure the etcd Server @@ -75,7 +75,7 @@ ExecStart=/usr/local/bin/etcd \\ --client-cert-auth \\ --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\ --listen-peer-urls https://${INTERNAL_IP}:2380 \\ - --listen-client-urls https://${INTERNAL_IP}:2379,http://127.0.0.1:2379 \\ + --listen-client-urls https://${INTERNAL_IP}:2379,https://127.0.0.1:2379 \\ --advertise-client-urls https://${INTERNAL_IP}:2379 \\ --initial-cluster-token etcd-cluster-0 \\ --initial-cluster controller-0=https://10.240.0.10:2380,controller-1=https://10.240.0.11:2380,controller-2=https://10.240.0.12:2380 \\ @@ -111,10 +111,22 @@ sudo systemctl start etcd ## Verification -List the etcd cluster members: +[Source](https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/220) + +In order to list the members of the etcd cluster from any of the controller hosts, add the following to the logged in user's `.bashrc` file: ``` -ETCDCTL_API=3 etcdctl member list +export ETCDCTL_API=3 +export ETCDCTL_ENDPOINTS="https://127.0.0.1:2379" +export ETCDCTL_CACERT="/etc/etcd/ca.pem" +export ETCDCTL_CERT="/etc/etcd/kubernetes.pem" +export ETCDCTL_KEY="/etc/etcd/kubernetes-key.pem" +``` + +You might have to change file permissions (or ownership) of the PEM files to make sure that there are no permission issues while running the following command: + +``` +etcdctl member list ``` > output diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 06012d9..532a9d3 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -18,10 +18,10 @@ Download the official Kubernetes release binaries: ``` wget -q --show-progress --https-only --timestamping \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-apiserver" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-controller-manager" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-scheduler" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl" + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-apiserver" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-controller-manager" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-scheduler" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl" ``` Install the Kubernetes binaries: @@ -269,7 +269,7 @@ gcloud compute target-pools add-instances kubernetes-target-pool \ ``` KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \ --region $(gcloud config get-value compute/region) \ - --format 'value(name)') + --format 'value(address)') ``` ``` diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index a4e8624..0c99d15 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -26,9 +26,9 @@ sudo apt-get -y install socat wget -q --show-progress --https-only --timestamping \ https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz \ https://github.com/containerd/cri-containerd/releases/download/v1.0.0-beta.1/cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-proxy \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubelet + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-proxy \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubelet ``` Create the installation directories: @@ -39,8 +39,7 @@ sudo mkdir -p \ /opt/cni/bin \ /var/lib/kubelet \ /var/lib/kube-proxy \ - /var/lib/kubernetes \ - /var/run/kubernetes + /var/lib/kubernetes ``` Install the worker binaries: @@ -50,7 +49,7 @@ sudo tar -xvf cni-plugins-amd64-v0.6.0.tgz -C /opt/cni/bin/ ``` ``` -sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C / +sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C / --no-same-owner ``` ``` diff --git a/docs/10-configuring-kubectl.md b/docs/10-configuring-kubectl.md index 3d63825..1d8d7fd 100644 --- a/docs/10-configuring-kubectl.md +++ b/docs/10-configuring-kubectl.md @@ -25,9 +25,12 @@ kubectl config set-cluster kubernetes-the-hard-way \ --server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443 ``` +Choose the `--embed-certs=true` below if that's convenient for your setup. + ``` kubectl config set-credentials admin \ --client-certificate=admin.pem \ + --embed-certs=true \ --client-key=admin-key.pem ``` @@ -70,9 +73,9 @@ kubectl get nodes ``` NAME STATUS ROLES AGE VERSION -worker-0 Ready 1m v1.9.0 -worker-1 Ready 1m v1.9.0 -worker-2 Ready 1m v1.9.0 +worker-0 Ready 3h v1.9.3 +worker-1 Ready 3h v1.9.3 +worker-2 Ready 3h v1.9.3 ``` Next: [Provisioning Pod Network Routes](11-pod-network-routes.md) diff --git a/docs/13-smoke-test.md b/docs/13-smoke-test.md index 7e91805..49a1278 100644 --- a/docs/13-smoke-test.md +++ b/docs/13-smoke-test.md @@ -13,11 +13,16 @@ kubectl create secret generic kubernetes-the-hard-way \ --from-literal="mykey=mydata" ``` -Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd: +Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd from `controller-0`: ``` -gcloud compute ssh controller-0 \ - --command "ETCDCTL_API=3 etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C" +gcloud compute ssh controller-0 +``` + +Once you have logged in, run the following command: + +``` +etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C ``` > output