From 7a92bb4c2b35d17f1f76f76f3bbef86801d62572 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Thu, 22 Feb 2018 09:14:06 -0500 Subject: [PATCH 01/18] Adding getting version details for cfssljson --- docs/02-client-tools.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/02-client-tools.md b/docs/02-client-tools.md index e6b728d..f29ab77 100644 --- a/docs/02-client-tools.md +++ b/docs/02-client-tools.md @@ -60,7 +60,11 @@ Revision: dev Runtime: go1.6 ``` -> The cfssljson command line utility does not provide a way to print its version. +Verify `cfssljson` version 1.2.0 or higher is installed: + +``` +cfssljson -version +``` ## Install kubectl From 69121ea689ff847fd2b7fe3485e31cff8e0df5c7 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Thu, 22 Feb 2018 09:15:03 -0500 Subject: [PATCH 02/18] Update 02-client-tools.md --- docs/02-client-tools.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/02-client-tools.md b/docs/02-client-tools.md index f29ab77..97f6442 100644 --- a/docs/02-client-tools.md +++ b/docs/02-client-tools.md @@ -65,6 +65,13 @@ Verify `cfssljson` version 1.2.0 or higher is installed: ``` cfssljson -version ``` +> output + +``` +Version: 1.2.0 +Revision: dev +Runtime: go1.6 +``` ## Install kubectl From 3e4472b8abc5a8e53e00288c21cfaa2cb491921c Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sat, 24 Feb 2018 14:45:07 -0500 Subject: [PATCH 03/18] Added .bashrc configuration for etcdctl Liberally plagiarized the idea from https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/220 --- docs/07-bootstrapping-etcd.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 93ad388..8dcddd3 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -111,10 +111,20 @@ sudo systemctl start etcd ## Verification -List the etcd cluster members: +In order to list the members of the etcd cluster from any of the controller hosts, add the following to the logged in user's `.bashrc` file: ``` -ETCDCTL_API=3 etcdctl member list +export ETCDCTL_API=3 +export ETCDCTL_ENDPOINTS="https://127.0.0.1:2379" +export ETCDCTL_CACERT="/etc/etcd/ca.pem" +export ETCDCTL_CERT="/etc/etcd/kubernetes.pem" +export ETCDCTL_KEY="/etc/etcd/kubernetes-key.pem" +``` + +You might have to change file permissions (or ownership) of the PEM files to make sure that there are no permission issues while running the following command: + +``` +etcdctl member list ``` > output From 56912fae73311ec5b454091dced1a46b041fd39c Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sat, 24 Feb 2018 14:51:23 -0500 Subject: [PATCH 04/18] Added link to the issue that fixed etcdctl call --- docs/07-bootstrapping-etcd.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 8dcddd3..9e183ac 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -111,6 +111,7 @@ sudo systemctl start etcd ## Verification +[Source](https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/220) In order to list the members of the etcd cluster from any of the controller hosts, add the following to the logged in user's `.bashrc` file: ``` From 8a1f0354bf95976a948da80501d2ac1cce1c5bfe Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sat, 24 Feb 2018 14:52:02 -0500 Subject: [PATCH 05/18] Formatting changes --- docs/07-bootstrapping-etcd.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 9e183ac..6eba8d0 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -112,6 +112,7 @@ sudo systemctl start etcd ## Verification [Source](https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/220) + In order to list the members of the etcd cluster from any of the controller hosts, add the following to the logged in user's `.bashrc` file: ``` From 52e780a0863122ea3398e6ec11ed17d68fbdf7e0 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sat, 24 Feb 2018 17:33:33 -0500 Subject: [PATCH 06/18] Pass "address" to fetch Public IP --- docs/08-bootstrapping-kubernetes-controllers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 06012d9..2e2e050 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -269,7 +269,7 @@ gcloud compute target-pools add-instances kubernetes-target-pool \ ``` KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \ --region $(gcloud config get-value compute/region) \ - --format 'value(name)') + --format 'value(address)') ``` ``` From 77ab88f6eb8961e9c9a1b62781578d0ca73c010f Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 10:09:41 -0500 Subject: [PATCH 07/18] Added --no-same-owner to keep ownership with root --- docs/09-bootstrapping-kubernetes-workers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index a4e8624..4fd4911 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -50,7 +50,7 @@ sudo tar -xvf cni-plugins-amd64-v0.6.0.tgz -C /opt/cni/bin/ ``` ``` -sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C / +sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C / --no-same-owner ``` ``` From 75377e73e01108a2c52a9a1ae273baa02f366f61 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 11:47:21 -0500 Subject: [PATCH 08/18] etcdctl needs more than ETCD_API --- docs/13-smoke-test.md | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/13-smoke-test.md b/docs/13-smoke-test.md index 7e91805..3ce7f0f 100644 --- a/docs/13-smoke-test.md +++ b/docs/13-smoke-test.md @@ -13,11 +13,16 @@ kubectl create secret generic kubernetes-the-hard-way \ --from-literal="mykey=mydata" ``` -Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd: +Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd from `controller-0`: ``` -gcloud compute ssh controller-0 \ - --command "ETCDCTL_API=3 etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C" +gcloud compute ssh controller-0 -C +``` + +Once you have logged in, run the following command: + +``` +etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C ``` > output From ca97d579909c711010059702923b4638adfa4719 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 11:47:46 -0500 Subject: [PATCH 09/18] Fixed a typo --- docs/13-smoke-test.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/13-smoke-test.md b/docs/13-smoke-test.md index 3ce7f0f..49a1278 100644 --- a/docs/13-smoke-test.md +++ b/docs/13-smoke-test.md @@ -16,7 +16,7 @@ kubectl create secret generic kubernetes-the-hard-way \ Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd from `controller-0`: ``` -gcloud compute ssh controller-0 -C +gcloud compute ssh controller-0 ``` Once you have logged in, run the following command: From cf6c6158047c4da2a0bc517445e7306ef0df4426 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 13:31:29 -0500 Subject: [PATCH 10/18] Updating the versions of the tools used --- docs/02-client-tools.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/02-client-tools.md b/docs/02-client-tools.md index 97f6442..d216d87 100644 --- a/docs/02-client-tools.md +++ b/docs/02-client-tools.md @@ -55,9 +55,9 @@ cfssl version > output ``` -Version: 1.2.0 +Version: 1.3.0 Revision: dev -Runtime: go1.6 +Runtime: go1.9.4 ``` Verify `cfssljson` version 1.2.0 or higher is installed: @@ -68,9 +68,9 @@ cfssljson -version > output ``` -Version: 1.2.0 +Version: 1.3.0 Revision: dev -Runtime: go1.6 +Runtime: go1.9.4 ``` ## Install kubectl @@ -94,7 +94,7 @@ sudo mv kubectl /usr/local/bin/ ### Linux ``` -wget https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl +wget https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl ``` ``` @@ -116,7 +116,7 @@ kubectl version --client > output ``` -Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.0", GitCommit:"925c127ec6b946659ad0fd596fa959be43f0cc05", GitTreeState:"clean", BuildDate:"2017-12-15T21:07:38Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"darwin/amd64"} +Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"d2835416544f298c919e2ead3be3d0864b52323b", GitTreeState:"clean", BuildDate:"2018-02-09T21:51:06Z", GoVersion:"go1.9.4", Compiler:"gc", Platform:"darwin/amd64"} ``` Next: [Provisioning Compute Resources](03-compute-resources.md) From 092ed5b4b2d4f47291eb28568ef8106b57abb73a Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 13:37:56 -0500 Subject: [PATCH 11/18] Updating versions used --- docs/08-bootstrapping-kubernetes-controllers.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index 2e2e050..f2b1fb0 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -18,10 +18,10 @@ Download the official Kubernetes release binaries: ``` wget -q --show-progress --https-only --timestamping \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-apiserver" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-controller-manager" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-scheduler" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl" + "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-apiserver" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-controller-manager" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-scheduler" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl" ``` Install the Kubernetes binaries: From 07226a796f9b5b5ec4f8a684326a110dd610575e Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 13:39:32 -0500 Subject: [PATCH 12/18] Updating version. Removed reference to /var/run/kubernetes --- docs/09-bootstrapping-kubernetes-workers.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index 4fd4911..4e6a0cf 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -26,9 +26,9 @@ sudo apt-get -y install socat wget -q --show-progress --https-only --timestamping \ https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz \ https://github.com/containerd/cri-containerd/releases/download/v1.0.0-beta.1/cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-proxy \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubelet + https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-proxy \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubelet ``` Create the installation directories: @@ -39,8 +39,7 @@ sudo mkdir -p \ /opt/cni/bin \ /var/lib/kubelet \ /var/lib/kube-proxy \ - /var/lib/kubernetes \ - /var/run/kubernetes + /var/lib/kubernetes ``` Install the worker binaries: From a230a027eee3e2aa6a770a02bc8dc46c1adfa36c Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 13:42:05 -0500 Subject: [PATCH 13/18] Embedding certs for the client as well --- docs/10-configuring-kubectl.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/10-configuring-kubectl.md b/docs/10-configuring-kubectl.md index 3d63825..2d1eed6 100644 --- a/docs/10-configuring-kubectl.md +++ b/docs/10-configuring-kubectl.md @@ -25,9 +25,12 @@ kubectl config set-cluster kubernetes-the-hard-way \ --server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443 ``` +Choose the `--embed-certs=true` below if that's convenient for your setup. + ``` kubectl config set-credentials admin \ --client-certificate=admin.pem \ + --embed-certs=true \ --client-key=admin-key.pem ``` From 3f3f41892063a76b74986bdb96390d6746b1f684 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 13:54:30 -0500 Subject: [PATCH 14/18] Forgot to update the screenshot for kubectl get nodes --- docs/10-configuring-kubectl.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/10-configuring-kubectl.md b/docs/10-configuring-kubectl.md index 2d1eed6..1d8d7fd 100644 --- a/docs/10-configuring-kubectl.md +++ b/docs/10-configuring-kubectl.md @@ -73,9 +73,9 @@ kubectl get nodes ``` NAME STATUS ROLES AGE VERSION -worker-0 Ready 1m v1.9.0 -worker-1 Ready 1m v1.9.0 -worker-2 Ready 1m v1.9.0 +worker-0 Ready 3h v1.9.3 +worker-1 Ready 3h v1.9.3 +worker-2 Ready 3h v1.9.3 ``` Next: [Provisioning Pod Network Routes](11-pod-network-routes.md) From e111526b77a201928127e7d5234a0be5e51526a9 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Feb 2018 14:13:30 -0500 Subject: [PATCH 15/18] Fixed the version of etcd used! --- docs/07-bootstrapping-etcd.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 6eba8d0..5685e09 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -18,17 +18,17 @@ Download the official etcd release binaries from the [coreos/etcd](https://githu ``` wget -q --show-progress --https-only --timestamping \ - "https://github.com/coreos/etcd/releases/download/v3.2.11/etcd-v3.2.11-linux-amd64.tar.gz" + "https://github.com/coreos/etcd/releases/download/v3.3.1/etcd-v3.3.1-linux-amd64.tar.gz" ``` Extract and install the `etcd` server and the `etcdctl` command line utility: ``` -tar -xvf etcd-v3.2.11-linux-amd64.tar.gz +tar -xvf etcd-v3.3.1-linux-amd64.tar.gz ``` ``` -sudo mv etcd-v3.2.11-linux-amd64/etcd* /usr/local/bin/ +sudo mv etcd-v3.3.1-linux-amd64/etcd* /usr/local/bin/ ``` ### Configure the etcd Server From 6cb783c012e3169f860a1c65bfbadec8b26e8ab6 Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Mar 2018 17:16:04 -0400 Subject: [PATCH 16/18] Update 07-bootstrapping-etcd.md --- docs/07-bootstrapping-etcd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/07-bootstrapping-etcd.md b/docs/07-bootstrapping-etcd.md index 5685e09..e586365 100644 --- a/docs/07-bootstrapping-etcd.md +++ b/docs/07-bootstrapping-etcd.md @@ -75,7 +75,7 @@ ExecStart=/usr/local/bin/etcd \\ --client-cert-auth \\ --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\ --listen-peer-urls https://${INTERNAL_IP}:2380 \\ - --listen-client-urls https://${INTERNAL_IP}:2379,http://127.0.0.1:2379 \\ + --listen-client-urls https://${INTERNAL_IP}:2379,https://127.0.0.1:2379 \\ --advertise-client-urls https://${INTERNAL_IP}:2379 \\ --initial-cluster-token etcd-cluster-0 \\ --initial-cluster controller-0=https://10.240.0.10:2380,controller-1=https://10.240.0.11:2380,controller-2=https://10.240.0.12:2380 \\ From 55456115b7a7edd0dc65e3e2f937310e841a6e7a Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Mar 2018 17:17:18 -0400 Subject: [PATCH 17/18] Update 08-bootstrapping-kubernetes-controllers.md --- docs/08-bootstrapping-kubernetes-controllers.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index f2b1fb0..532a9d3 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -18,10 +18,10 @@ Download the official Kubernetes release binaries: ``` wget -q --show-progress --https-only --timestamping \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-apiserver" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-controller-manager" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-scheduler" \ - "https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl" + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-apiserver" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-controller-manager" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-scheduler" \ + "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl" ``` Install the Kubernetes binaries: From 7a7859b54cd7f51e6621ff175d55bdbd021f856c Mon Sep 17 00:00:00 2001 From: Anand Sharma Date: Sun, 25 Mar 2018 18:29:15 -0400 Subject: [PATCH 18/18] Update 09-bootstrapping-kubernetes-workers.md --- docs/09-bootstrapping-kubernetes-workers.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/09-bootstrapping-kubernetes-workers.md b/docs/09-bootstrapping-kubernetes-workers.md index 4e6a0cf..0c99d15 100644 --- a/docs/09-bootstrapping-kubernetes-workers.md +++ b/docs/09-bootstrapping-kubernetes-workers.md @@ -26,9 +26,9 @@ sudo apt-get -y install socat wget -q --show-progress --https-only --timestamping \ https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz \ https://github.com/containerd/cri-containerd/releases/download/v1.0.0-beta.1/cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kube-proxy \ - https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubelet + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-proxy \ + https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubelet ``` Create the installation directories: