mirrors/kubernetes-the-hard-way
1
0
Fork 0
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way.git synced 2025-12-16 01:38:58 +03:00
Code Issues Projects Releases Wiki Activity

doc clean up and basic formatting improvements

Browse Source
This commit is contained in:
Kelsey Hightower
2017-03-25 18:52:58 -07:00
parent 8022f4077b
commit f49493d286
6 changed files with 22 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/06-kubernetes-worker.md
View File

@@ -17,9 +17,13 @@ Some people would like to run workers and cluster services anywhere in the clust
## Prerequisites
Each worker node will provision a unqiue TLS client certificate as defined in the [kubelet TLS bootstrapping guide](https://kubernetes.io/docs/admin/kubelet-tls-bootstrapping/). The `kubelet-bootstrap` user must be granted permission to request a client TLS certificate. Run the following command on a controller node to enable TLS bootstrapping:
Each worker node will provision a unqiue TLS client certificate as defined in the [kubelet TLS bootstrapping guide](https://kubernetes.io/docs/admin/kubelet-tls-bootstrapping/). The `kubelet-bootstrap` user must be granted permission to request a client TLS certificate.
Bind the `kubelet-bootstrap` user to the `system:node-bootstrapper` cluster role:
```
gcloud compute ssh controller0
```
Enable TLS bootstrapping by binding the `kubelet-bootstrap` user to the `system:node-bootstrapper` cluster role:
```
kubectl create clusterrolebinding kubelet-bootstrap \
@@ -32,21 +36,13 @@ kubectl create clusterrolebinding kubelet-bootstrap \
Run the following commands on `worker0`, `worker1`, `worker2`:
```
sudo mkdir -p /var/lib/kubelet
```
```
sudo mkdir -p /var/lib/kube-proxy
sudo mkdir -p /var/lib/{kubelet,kube-proxy,kubernetes}
```
```
sudo mkdir -p /var/run/kubernetes
```
```
sudo mkdir -p /var/lib/kubernetes
```
```
sudo mv bootstrap.kubeconfig /var/lib/kubelet
```