Merge 7a7859b54c into 4f5cecb5ed

docs/02-client-tools.md

@@ -55,12 +55,23 @@ cfssl version
 > output
 
 ```
-Version: 1.2.0
+Version: 1.3.0
 Revision: dev
-Runtime: go1.6
+Runtime: go1.9.4
 ```
 
-> The cfssljson command line utility does not provide a way to print its version.
+Verify `cfssljson` version 1.2.0 or higher is installed:
+
+```
+cfssljson -version
+```
+> output
+
+```
+Version: 1.3.0
+Revision: dev
+Runtime: go1.9.4
+```
 
 ## Install kubectl
 
@@ -83,7 +94,7 @@ sudo mv kubectl /usr/local/bin/
 ### Linux
 
 ```
-wget https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl
+wget https://storage.googleapis.com/kubernetes-release/release/v1.9.3/bin/linux/amd64/kubectl
 ```
 
 ```
@@ -105,7 +116,7 @@ kubectl version --client
 > output
 
 ```
-Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.0", GitCommit:"925c127ec6b946659ad0fd596fa959be43f0cc05", GitTreeState:"clean", BuildDate:"2017-12-15T21:07:38Z", GoVersion:"go1.9.2", Compiler:"gc", Platform:"darwin/amd64"}
+Client Version: version.Info{Major:"1", Minor:"9", GitVersion:"v1.9.3", GitCommit:"d2835416544f298c919e2ead3be3d0864b52323b", GitTreeState:"clean", BuildDate:"2018-02-09T21:51:06Z", GoVersion:"go1.9.4", Compiler:"gc", Platform:"darwin/amd64"}
 ```
 
 Next: [Provisioning Compute Resources](03-compute-resources.md)

docs/07-bootstrapping-etcd.md

@@ -18,17 +18,17 @@ Download the official etcd release binaries from the [coreos/etcd](https://githu
 
 ```
 wget -q --show-progress --https-only --timestamping \
-  "https://github.com/coreos/etcd/releases/download/v3.2.11/etcd-v3.2.11-linux-amd64.tar.gz"
+  "https://github.com/coreos/etcd/releases/download/v3.3.1/etcd-v3.3.1-linux-amd64.tar.gz"
 ```
 
 Extract and install the `etcd` server and the `etcdctl` command line utility:
 
 ```
-tar -xvf etcd-v3.2.11-linux-amd64.tar.gz
+tar -xvf etcd-v3.3.1-linux-amd64.tar.gz
 ```
 
 ```
-sudo mv etcd-v3.2.11-linux-amd64/etcd* /usr/local/bin/
+sudo mv etcd-v3.3.1-linux-amd64/etcd* /usr/local/bin/
 ```
 
 ### Configure the etcd Server
@@ -75,7 +75,7 @@ ExecStart=/usr/local/bin/etcd \\
   --client-cert-auth \\
   --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\
   --listen-peer-urls https://${INTERNAL_IP}:2380 \\
-  --listen-client-urls https://${INTERNAL_IP}:2379,http://127.0.0.1:2379 \\
+  --listen-client-urls https://${INTERNAL_IP}:2379,https://127.0.0.1:2379 \\
   --advertise-client-urls https://${INTERNAL_IP}:2379 \\
   --initial-cluster-token etcd-cluster-0 \\
   --initial-cluster controller-0=https://10.240.0.10:2380,controller-1=https://10.240.0.11:2380,controller-2=https://10.240.0.12:2380 \\
@@ -111,10 +111,22 @@ sudo systemctl start etcd
 
 ## Verification
 
-List the etcd cluster members:
+[Source](https://github.com/kelseyhightower/kubernetes-the-hard-way/issues/220)
+
+In order to list the members of the etcd cluster from any of the controller hosts, add the following to the logged in user's `.bashrc` file:
 
 ```
-ETCDCTL_API=3 etcdctl member list
+export ETCDCTL_API=3
+export ETCDCTL_ENDPOINTS="https://127.0.0.1:2379"
+export ETCDCTL_CACERT="/etc/etcd/ca.pem"
+export ETCDCTL_CERT="/etc/etcd/kubernetes.pem"
+export ETCDCTL_KEY="/etc/etcd/kubernetes-key.pem"
+```
+
+You might have to change file permissions (or ownership) of the PEM files to make sure that there are no permission issues while running the following command:
+
+```
+etcdctl member list
 ```
 
 > output

docs/08-bootstrapping-kubernetes-controllers.md

@@ -18,10 +18,10 @@ Download the official Kubernetes release binaries:
 
 ```
 wget -q --show-progress --https-only --timestamping \
-  "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-apiserver" \
+  "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-apiserver" \
-  "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-controller-manager" \
+  "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-controller-manager" \
-  "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-scheduler" \
+  "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-scheduler" \
-  "https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl"
+  "https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl"
 ```
 
 Install the Kubernetes binaries:
@@ -269,7 +269,7 @@ gcloud compute target-pools add-instances kubernetes-target-pool \
 ```
 KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
   --region $(gcloud config get-value compute/region) \
-  --format 'value(name)')
+  --format 'value(address)')
 ```
 
 ```

docs/09-bootstrapping-kubernetes-workers.md

@@ -26,9 +26,9 @@ sudo apt-get -y install socat
 wget -q --show-progress --https-only --timestamping \
   https://github.com/containernetworking/plugins/releases/download/v0.6.0/cni-plugins-amd64-v0.6.0.tgz \
   https://github.com/containerd/cri-containerd/releases/download/v1.0.0-beta.1/cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz \
-  https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubectl \
+  https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl \
-  https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kube-proxy \
+  https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kube-proxy \
-  https://storage.googleapis.com/kubernetes-release/release/v1.9.0/bin/linux/amd64/kubelet
+  https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubelet
 ```
 
 Create the installation directories:
@@ -39,8 +39,7 @@ sudo mkdir -p \
   /opt/cni/bin \
   /var/lib/kubelet \
   /var/lib/kube-proxy \
-  /var/lib/kubernetes \
+  /var/lib/kubernetes
-  /var/run/kubernetes
 ```
 
 Install the worker binaries:
@@ -50,7 +49,7 @@ sudo tar -xvf cni-plugins-amd64-v0.6.0.tgz -C /opt/cni/bin/
 ```
 
 ```
-sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C /
+sudo tar -xvf cri-containerd-1.0.0-beta.1.linux-amd64.tar.gz -C / --no-same-owner
 ```
 
 ```

docs/10-configuring-kubectl.md

@@ -25,9 +25,12 @@ kubectl config set-cluster kubernetes-the-hard-way \
   --server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443
 ```
 
+Choose the `--embed-certs=true` below if that's convenient for your setup.
+
 ```
 kubectl config set-credentials admin \
   --client-certificate=admin.pem \
+  --embed-certs=true \
   --client-key=admin-key.pem
 ```
 
@@ -70,9 +73,9 @@ kubectl get nodes
 
 ```
 NAME       STATUS    ROLES     AGE       VERSION
-worker-0   Ready     <none>    1m        v1.9.0
+worker-0   Ready     <none>    3h        v1.9.3
-worker-1   Ready     <none>    1m        v1.9.0
+worker-1   Ready     <none>    3h        v1.9.3
-worker-2   Ready     <none>    1m        v1.9.0
+worker-2   Ready     <none>    3h        v1.9.3
 ```
 
 Next: [Provisioning Pod Network Routes](11-pod-network-routes.md)

docs/13-smoke-test.md

@@ -13,11 +13,16 @@ kubectl create secret generic kubernetes-the-hard-way \
   --from-literal="mykey=mydata"
 ```
 
-Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd:
+Print a hexdump of the `kubernetes-the-hard-way` secret stored in etcd from `controller-0`:
 
 ```
-gcloud compute ssh controller-0 \
+gcloud compute ssh controller-0
-  --command "ETCDCTL_API=3 etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C"
+```
+
+Once you have logged in, run the following command:
+
+```
+etcdctl get /registry/secrets/default/kubernetes-the-hard-way | hexdump -C
 ```
 
 > output