* Fix Kubelet skew version for the Kubeadm
* Update content/en/docs/setup/production-environment/tools/kubeadm/create-cluster-kubeadm.md
Co-authored-by: Rey Lejano <rlejano@gmail.com>
---------
Co-authored-by: Rey Lejano <rlejano@gmail.com>
This PR updates all the references to the CNCF landscape (v2). This includes migrating to the new embeddable views that the new landscape provides, changing how iframe-resizer is used and updating a few links.
Related to #44022
Signed-off-by: Cintia Sanchez Garcia <cynthiasg@icloud.com>
* create folder for key
The following command will fail without the folder created manually beforhand.
```
curl -fsSL https://dl.k8s.io/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
```
* updated instruction
updated according to the comment in the PR
* updated mkdir part
* Updated mkdir
the note about the keyring directory not existing applies to a step earlier in the document, I think it'd make more sense for it to be moved closer to the relevant section
For the isse which is reported recently: https://github.com/kubernetes/kubeadm/issues/2957
We'd better to provide some tips to workaround this known issue.
Signed-off-by: Dave Chen <dave.chen@arm.com>
- In a early note explain that there could be multiple
default gateways on a host.
- Do not have 1 note, 1 warning, then other note.
- Leave the warning that the "custom IP" setup is not recommended
at the end of the section.
This is a top 3 question on support forums.
"How to pass custom IP to kubeadm?"
At one point there was a blog post on how to do this step-by-step,
but we rejected that blog due to too many mistakes and not being
a recommended practices, generally.
In this PR, we add some detail on how to do it and tag
the non-default-route-IP way as not-recommended with a warning.
It is not considered as a foot gun for users, per se,
but the setup is just awkward, prone to mistakes and not easy
to maintain. If k8s supported something like a global
/etc/kubernetes/DEFAULT_IP config of sorts, it would have
seemed much more manageable.
The kube-apiserver flag --kubelet-client-certificate
accepts a client certificate (kube-apiserver-kubelet-client.crt)
to connect to the kubelet. There is no need for this certificate
to have "system:masters" as "O" in the Subject, instead it
can be a less privileged group like kubeadm's "kubeadm:cluster-admins".
* Add legacy-repos-deprecation shortcode and localization
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
* Update install/upgrade guides to clarify that legacy repos are frozen
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
* Update the legacy repos message
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
---------
Signed-off-by: Marko Mudrinić <mudrinic.mare@gmail.com>
Both tools have there own site and documentation. We can remove the
details from the website, leaving only some pointers for users who
really need to find out more.
tamilselvan1102
Mohammed Affan
Kubernetes Prow Robot
steve-hardman
Prashant Rewar
Cintia Sanchez Garcia
Christine K
Kubernetes Prow Robot
Mike Coleman
hunshcn
Kat Cosgrove
Michael
Dave Chen
Lubomir I. Ivanov
Paco Xu
Manuel Gómez
Marko Mudrinić
Sascha Grunert
Saumya
Qiming Teng
niranjandarshann
nnlkcncff
Amarnath N