Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updates HA kubeadm docs #9066

Merged
merged 11 commits into from
Jun 21, 2018
Merged

Conversation

chuckha
Copy link
Contributor

@chuckha chuckha commented Jun 13, 2018

Signed-off-by: Chuck Ha [email protected]

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels Jun 13, 2018
@k8sio-netlify-preview-bot
Copy link
Collaborator

Deploy preview for kubernetes-io-vnext-staging processing.

Built with commit 1ae82ef

https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5b219e2bb312745f3e797104

@k8s-ci-robot k8s-ci-robot added the size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. label Jun 13, 2018
@k8sio-netlify-preview-bot
Copy link
Collaborator

k8sio-netlify-preview-bot commented Jun 13, 2018

Deploy preview for kubernetes-io-vnext-staging processing.

Built with commit 715f9b1

https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5b2abaa0dd6a547a2a5b5e87

1. Figure out your pod CIDR. Please read the [CNI network
section](/docs/setup/independent/create-cluster-kubeadm/#pod-network) of the
docs for more information. Some CNI providers do not require a value to be
set. This guide uses calico for no particular reason. Because of this choice
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would phrase this in a more positive way:

"Some CNI providers do not require a value to be set. This guide uses calico for no particular reason."

To something like:

In this in example we have chose to use Calico (please note that some cni providers do not require special pod CIDR).

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feedback on the feedback, I would not state that you're using Calico for "no particular reason."

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MistyHacks exactly. Which is I why I'm suggesting he rephrased it to something more affirmative.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know we don't want to "pick winners" or "take sides", but there are very valid reason why Calico is a great choice for most use cases.

Copy link
Contributor

@Bradamant3 Bradamant3 Jun 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The whole paragraph/step doesn't hold together very well, and any explanations are extraneous to a task-based doc. Try something like:

1. Find your pod CIDR. For details, see [the CNI network documentation](/docs/setup/independent/create-cluster-kubeadm/#pod-network). This example uses Calico, so the pod CIDR is `192.168.0.0/16`.

(without the code fences -- added them so you could see the whole thing)


#### Prerequisites

1. This node must have [kubeadm, kubelet and kubectl][installation] installed.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd link and list individually:

This node must have installed

@Bradamant3
Copy link
Contributor

/assign

(kubeadm-related)

@Bradamant3 Bradamant3 added this to the 1.11 milestone Jun 14, 2018
For each master that has been provisioned, follow the [installation guide](/docs/setup/independent/install-kubeadm/) on how to install kubeadm and its dependencies. At the end of this step, you should have all the dependencies installed on each master.

## Setting up an HA etcd cluster
# Stacked Masters (one etcd member and one control-plane co-located per host)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having an overview section describing the different deployments would probably be helpful.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1. This could help the multiple prerequisites issue, too. But you can't put H1s inside a docs page (Hugo has cannibalized them for the page titles). This has to be an H2, and its children H3s or further nested as required. (Take a look at the preview again to see what happens -- H1 doesn't show up in the TOC, and the content isn't displayed in the order you intend.

Also, parenthetical remarks are a bad idea anywhere, but especially in headings. This remark plus the one for external etcd could go nicely in the overview section, though.

Copy link
Member

@timothysc timothysc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's chat about wordsmithing content together.

/cc @detiber

```bash
systemctl status etcd
```
Now we can take that value and put it in `~/.ssh/authorized_keys` of any other host we want to connect to.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd add a snippet folks can use to copy keys around.

for host in m1.example.com \
    m2.example.com \
    m3.example.com; \
    do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
    done

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. This should be another numbered step, too:

  1. Add the returned value to ~/.ssh/authorized_keys on the other hosts to connect to:
    <Tim's snippet>


This guide assumes calico will be used as the pod network and will therefore use
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this here?

EOF
```
```
scp /etc/kubernetes/pki/etcd/ca.crt ubuntu@ETCD_HOST_1:/home/ubuntu
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nix the ubuntu name imo , and keep is generic user


**Note:** If you are using Kubernetes 1.9+, you can replace the `apiserver-count: 3` extra argument with `endpoint-reconciler-type: lease`. For more information, see [the documentation](/docs/admin/high-availability/#endpoint-reconciler).
### Swizzling certs
Copy link
Member

@timothysc timothysc Jun 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's just call it copying, that term is non-standard.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

YES THANK YOU TIM

Copy link
Contributor

@Bradamant3 Bradamant3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some rewording changes, a lot of reformatting (template compliance, procedure steps). You know where else to ask questions :-)

For each master that has been provisioned, follow the [installation guide](/docs/setup/independent/install-kubeadm/) on how to install kubeadm and its dependencies. At the end of this step, you should have all the dependencies installed on each master.

## Setting up an HA etcd cluster
# Stacked Masters (one etcd member and one control-plane co-located per host)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1. This could help the multiple prerequisites issue, too. But you can't put H1s inside a docs page (Hugo has cannibalized them for the page titles). This has to be an H2, and its children H3s or further nested as required. (Take a look at the preview again to see what happens -- H1 doesn't show up in the TOC, and the content isn't displayed in the order you intend.

Also, parenthetical remarks are a bad idea anywhere, but especially in headings. This remark plus the one for external etcd could go nicely in the overview section, though.


While the first option provides more performance and better hardware isolation, it is also more expensive and requires an additional support burden.
# External Etcd (etcd members and control-planes are on separate hosts)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fix H1 and prerequisites, lower-case etcd throughout


1. Install `cfssl` and `cfssljson`:
# Common Steps
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

H2. Also sentence case for headings everywhere ("Common steps"). Also not sure this is quite the right wording, but it'll do for now.


### Generate etcd client certs
### Create an ssh key pair
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/ssh/SSH

This looks like a step, not a heading. See next comment.

cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client client.json | cfssljson -bare client
# The -N flag sets an empty passphrase
ssh-keygen -N '' -f ~/.ssh/id_rsa
cat ~/.ssh/id_rsa.pub
```
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks as though you deleted the start of this code fence?


This guide assumes calico will be used as the pod network and will therefore use
some default values, but they will be called out explicitly so replacing calico
with another pod network is possible.
Copy link
Contributor

@Bradamant3 Bradamant3 Jun 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about calling this out in a note in the prerequisites? Then we could get rid of the comment about Calico in the Pod CIDR step, too. The note would look something like:

{{< note >}}
**Note**: The following examples run Calico as the Pod networking provider. If you run another networking provider, make sure to replace any default values as needed.
{{< /note >}}


Only follow this step if your etcd is hosted on dedicated nodes (**Option 1**). If you are hosting etcd on the masters (**Option 2**), you can skip this step since you've already generated the etcd certificates on the masters.
Please see [setting up an HA etcd cluster using kubeadm](/docs/tasks/administer-cluster/setup-etcd-with-kubeadm).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lines 88-90 should be a numbered listitem instead:

1. [Set up an HA etcd cluster using kubeadm](/docs/tasks/administer-cluster/setup-etcd-with-kubeadm).

```
1. `/etc/kubernetes/pki/etcd/ca.crt`
1. `/etc/kubernetes/pki/apiserver-etcd-client.crt`
1. `/etc/kubernetes/pki/apiserver-etcd-client.key`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ll 95-97 (each):
s/1./- (or your preferred character for a bulleted list)


## Run `kubeadm init` on `master0` {#kubeadm-init-master0}
Here is one way to do it, but there are many reasons why this might not work for
you. For instance, you may be running any other linux distro.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(continue as block within the numbered list -- lmk if you need help figuring out the markup cuz it's different in Hugo/Blackfriday, although I think there might be OK models in some of the content you deleted). Also edit:

For example, you can run the following:

(note note that I suggest to follow)

scp /etc/kubernetes/pki/etcd/ca.crt ubuntu@ETCD_HOST_1:/home/ubuntu
scp /etc/kubernetes/pki/apiserver-etcd-client.crt ubuntu@ETCD_HOST_1:/home/ubuntu
scp /etc/kubernetes/pki/apiserver-etcd-client.key ubuntu@ETCD_HOST_2:/home/ubuntu
```

Copy link
Contributor

@Bradamant3 Bradamant3 Jun 14, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add note here:

"This is an example only. Your environment or Linux distribution might require different commands."

Note markup:

{{< note >}}
**Note**: <note_text>
{{< /note >}}

@chuckha chuckha force-pushed the external-ha branch 2 times, most recently from 51bfd4a to 2de0d89 Compare June 14, 2018 18:59
@chuckha
Copy link
Contributor Author

chuckha commented Jun 14, 2018

ptal @Bradamant3 @timothysc

@chuckha chuckha changed the title [WIP] first pass at external etcd ha Updates HA kubeadm docs Jun 14, 2018
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jun 14, 2018
@chuckha chuckha force-pushed the external-ha branch 2 times, most recently from d0d1437 to cace4bf Compare June 14, 2018 19:45
@detiber
Copy link
Member

detiber commented Jun 14, 2018

/hold

I need to make a few tweaks to the stacked control plane config, will wrap up after family time :)

@k8s-ci-robot k8s-ci-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 14, 2018
@detiber
Copy link
Member

detiber commented Jun 15, 2018

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Jun 15, 2018
title: Creating HA clusters with kubeadm
content_template: templates/task
---

{{% capture steps %}}'
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I need help here. I don't want this but if I don't include a non-empty steps section then I end up with a big error page

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

edit nvm! taken care of

@chuckha
Copy link
Contributor Author

chuckha commented Jun 15, 2018

@Bradamant3 I integrated your changes as best I could but it has changed dramatically since you looked at it. please take a look when you've got time

- With an external etcd cluster. This approach requires more infrastructure. The
control plane nodes and etcd members are separated.

Your clusters must run Kubernetes version 1.11 or later.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@chuckha @Bradamant3 I think we need to reword this, but I'm failing on thinking of a better way to say that this doc will only work for v1.11 and later.

Also, should this be highlighted as a note to draw more attention to this?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I haven't come up with anything better either, but I'll keep working on it.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe a "before you begin" section like this one? https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/

You should add the control plane nodes to the load balancer but be aware they
will fail the health check until the kube-apiserver is running.

## Stacked control plane nodes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@chuckha @Bradamant3 would it make sense (and is it even possible) to hide the two approaches here behind tabs, I think it would make the flow a bit better since there are common before/after steps for both.

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 20, 2018
@mdlinville
Copy link
Contributor

I had to rebase 1.11 on master before the release so I rebased this PR to get it into good shape again.

- errordeveloper
- jbeda
title: Creating HA clusters with kubeadm
- timothysc
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be sig-cluster-lifecycle instead of names

on the apiserver port. It must also allow incoming traffic on its
listening port.

1. Add the control plane nodes to the load balancer, but be aware they
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should add a section to ensure our connections through the LB don't time out.

Something like

  1. Confirm the connection is working. A timeout confirms some settings need to be adjusted. A connection refused is ok because the API server is not running yet.
nc -v <load balancer ip> <port>
# example: nc -v 10.0.0.0 6443

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💯 👍

Copy link
Member

@detiber detiber left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm outside of the stray sudo I accidentally left in there 😂

* `CP0_HOSTNAME`
* `CP0_IP`

1. Run `sudo kubeadm init --config kubeadm-config.yaml`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

stray sudo left over, should be removed since we are telling users that commands should be run as root

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll remove in the commit I'm finishing now

- `/etc/kubernetes/admin.conf`

In the following example, replace
`CONTROL_PLANE_IP` with the IP addresses of the other control plane nodes.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be CONTROL_PLANE_IPS rather than CONTROL_PLANE_IP


In the section `vrrp_instance VI_1`, change few lines depending on your setup:
{{< note >}}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The preview shows this note sitting in a nested code block 😢

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup. Blackfriday/CSS FTW. I decided to live with it. If it drives you crazy, lmk and that'll make two of us :D

- `/etc/kubernetes/pki/front-proxy-ca.key`

In the following example, replace the list of
`CONTROL_PLANE_IP` values with the IP addresses of the other control plane nodes.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be CONTROL_PLANE_IPS as well.


In the section `vrrp_instance VI_1`, change few lines depending on your setup:
- This command causes the etcd cluster to become unavailable for a
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I hate to say it, but I think the previous version was a bit better, this version doesn't really bring attention to the statement

Copy link
Contributor

@Bradamant3 Bradamant3 Jun 20, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

layout so ugly as to be distracting, though. Also there are so many notes in the doc that their effectiveness is getting lost.

@Bradamant3
Copy link
Contributor

changes, so lost this again:

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jun 20, 2018
@mdlinville
Copy link
Contributor

Thanks everyone for the hard work! 🎉

/approve

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mistyhacks, timothysc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jun 21, 2018
@k8s-ci-robot k8s-ci-robot merged commit be9e9ef into kubernetes:release-1.11 Jun 21, 2018
mdlinville pushed a commit that referenced this pull request Jun 27, 2018
* Updates HA kubeadm docs

Signed-off-by: Chuck Ha <[email protected]>

* kubeadm HA - Add stacked control plane steps

* ssh instructions and some typos in the bash scripts

Signed-off-by: Chuck Ha <[email protected]>

* Fix typos and copypasta errors

* Fix rebase issues

* Integrate more changes

Signed-off-by: Chuck Ha <[email protected]>

* copyedits, layout and formatting fixes

* final copyedits

* Adds a sanity check for load balancer connection

Signed-off-by: Chuck Ha <[email protected]>

* formatting fixes, copyedits

* fix typos, formatting
mdlinville pushed a commit that referenced this pull request Jun 27, 2018
* Updates HA kubeadm docs

Signed-off-by: Chuck Ha <[email protected]>

* kubeadm HA - Add stacked control plane steps

* ssh instructions and some typos in the bash scripts

Signed-off-by: Chuck Ha <[email protected]>

* Fix typos and copypasta errors

* Fix rebase issues

* Integrate more changes

Signed-off-by: Chuck Ha <[email protected]>

* copyedits, layout and formatting fixes

* final copyedits

* Adds a sanity check for load balancer connection

Signed-off-by: Chuck Ha <[email protected]>

* formatting fixes, copyedits

* fix typos, formatting
k8s-ci-robot pushed a commit that referenced this pull request Jun 27, 2018
* Seperate priority and preemption (#8144)

* Doc about PID pressure condition. (#8211)

* Doc about PID pressure condition.

Signed-off-by: Da K. Ma <[email protected]>

* "so" -> "too"

* Update version selector for 1.11

* StorageObjectInUseProtection is GA (#8291)

* Feature gate: StorageObjectInUseProtection is GA

Update feature gate reference for 1.11

* Trivial commit to re-trigger Netlify

* CRIContainerLogRotation is Beta in 1.11 (#8665)

* Seperate priority and preemption (#8144)

* CRIContainerLogRotation is Beta in 1.11

xref: kubernetes/kubernetes#64046

* Bring StorageObjectInUseProtection feature to GA (#8159)

* StorageObjectInUseProtection is GA (#8291)

* Feature gate: StorageObjectInUseProtection is GA

Update feature gate reference for 1.11

* Trivial commit to re-trigger Netlify

* Bring StorageObjectInUseProtection feature to GA

StorageObjectInUseProtection is Beta in K8s 1.10.

It's brought to GA in K8s 1.11.

* Fixed typo and added feature state tags.

* Remove KUBE_API_VERSIONS doc (#8292)

The support to the KUBER_API_VERSIONS environment variable is completely
dropped (no deprecation). This PR removes the related doc in
release-1.11.

xref: kubernetes/kubernetes#63165

* Remove InitialResources from admission controllers (#8293)

The feature (was experimental) is dropped in 1.11.

xref: kubernetes/kubernetes#58784

* Remove docs related to in-tree support to GPU (#8294)

* Remove docs related to in-tree support to GPU

The in-tree support to GPU is completely removed in release 1.11.
This PR removes the related docs in release-1.11 branch.

xref: kubernetes/kubernetes#61498

* Update content updated by PR to Hugo syntax

Signed-off-by: Misty Stanley-Jones <[email protected]>

* Update the doc about extra volume in kubeadm config (#8453)

Signed-off-by: Xianglin Gao <[email protected]>

* Update CRD Subresources for 1.11 (#8519)

* coredns: update notes in administer-cluster/coredns.md (#8697)

CoreDNS is installed by default in 1.11.
Add notes on how to install kube-dns instead.

Update notes about CoreDNS->CoreDNS upgrades as in 1.11
the Corefile is retained.

Add example on upgrading from kube-dns to CoreDNS.

* kubeadm-alpha: CoreDNS related changes (#8727)

Update note about CoreDNS feature gate.

This change also updates a tab as a kubeadm sub-command
will change.

It looks for a new generated file:
generated/kubeadm_alpha_phase_addon_coredns.md
instead of:
generated/kubeadm_alpha_phase_addon_kube-dns.md

* Update cloud controller manager docs to beta 1.11 (#8756)

* Update cloud controller manager docs to beta 1.11

* Use Hugo shortcode for feature state

* kubeadm-upgrade: include new command `kubeadm upgrade diff` (#8617)

Also:
- Include note that this was added in 1.11.
- Modify the note about upgrade guidance.

* independent: update CoreDNS mentions for kubeadm (#8753)

Give CoreDNS instead of kube-dns examples in:
- docs/setup/independent/create-cluster-kubeadm.md
- docs/setup/independent/troubleshooting-kubeadm.md

* update 1.11 --server-print info (#8870)

* update 1.11 --server-print info

* Copyedit

* Mark ExpandPersistentVolumes feature to beta (#8778)

* Update version selector for 1.11

* Mark ExpandPersistentVolumes Beta

xref: kubernetes/kubernetes#64288

* fix shortcode, add placeholder files to fix deploy failures (#8874)

* declare ipvs ga (#8850)

* kubeadm: update info about CoreDNS in kubeadm-init.md (#8728)

Add info to install kube-dns instead of CoreDNS, as CoreDNS
is the default DNS server in 1.11.

Add notes that kubeadm config images can be used to list and pull
the required images in 1.11.

* kubeadm: update implementation-details.md about CoreDNS (#8829)

- Replace examples from kube-dns to CoreDNS
- Add notes about the CoreDNS feature gate status in 1.11
- Add note that the service name for CoreDNS is also
called `kube-dns`

* Update block device support for 1.11 (#8895)

* Update block device support for 1.11

* Copyedits

* Fix typo 'fiber channel' (#8957)

Signed-off-by: Misty Stanley-Jones <[email protected]>

* kubeadm-upgrade: add the 'node [config]' sub-command (#8960)

- Add includes for the generated pages
- Include placeholder generated pages

* kubeadm-init: update the example for the MasterConfiguration (#8958)

- include godocs link for MasterConfiguration
- include example MasterConfiguration
- add note that `kubeadm config print-default` can be used

* kubeadm-config: include new commands (#8862)

Add notes and includes for these new commands in 1.11:
- kubeadm config print-default
- kubeadm config migrate
- kubeadm config images list
- kubeadm config images pull

Include placeholder generated files for the above.

* administer-cluster/coredns: include more changes (#8985)

It was requested that for this page a couple of methods
should be outlined:
- manual installation for CoreDNS explained at the Kubernetes
section of the GitHub project for CoreDNS
- installation and upgrade via kubeadm

Make the above changes and also add a section "About CoreDNS".

This commit also lowercases a section title.

* Update CRD subresources doc for 1.11 (#8918)

* Add docs for volume expansion and online resizing (#8896)

* Add docs for volume expansion going beta

* Copyedit

* Address feedback

* Update exec plugin docs with TLS credentials (#8826)

* Update exec plugin docs with TLS credentials

kubernetes/kubernetes#61803 implements TLS client credential support for
1.11.

* Copyedit

* More copyedits for clarification

* Additional copyedit

* Change token->credential

* NodeRestriction admission prevents kubelet taint removal (#8911)

* dns-custom-namerserver: break down the page into mutliple sections (#8900)

* dns-custom-namerserver: break down the page into mutliple sections

This page is currently about kube-dns and is a bit outdated.
Introduce the heading `# Customizing kube-dns`.

Introduce a separate section about CoreDNS.

* Copyedits, fix headings for customizing DNS

Hey Lubomir,
I coypedited pretty heavily because this workflow is so much easier for docs and because I'm trying to help improve everything touching kubeadm as much as possible.

But there's one outstanding issue wrt headings and intro content: you can't add a heading 1 to a topic to do what you wanted to do. The page title in the front matter is rendered as a heading 1 and everything else has to start at heading 2. (We still need to doc this better in the docs contributing content, I know.)

Instead, I think we need to rewrite the top-of-page intro content to explain better the relationship between kube-dns and CoreDNS. I'm happy to write something, but I thought I'd push this commit first so you can see what I'm doing.

Hope it's all clear -- ping here or on Slack with any questions ~ Jennifer

* Interim fix for talking about CoreDNS

* Fix CoreDNS details

* PSP readOnly hostPath (#8898)

* Add documentation for crictl (#8880)

* Add documentation for crictl

* Copyedit

Signed-off-by: Misty Stanley-Jones <[email protected]>

* Final copyedit

* VolumeSubpathEnvExpansion alpha feature (#8835)

* Note that Heapster is deprecated (#8827)

* Note that Heapster is deprecated

This notes that Heapster is deprecated, and migrates the relevant
docs to talk about metrics-server or other solutions by default.

* Copyedits and improvements

Signed-off-by: Misty Stanley-Jones <[email protected]>

* Address feedback

* fix shortcode to troubleshoot deploy (#9057)

* update dynamic kubelet config docs for v1.11 (#8766)

* update dynamic kubelet config docs for v1.11

* Substantial copyedit

* Address feedback

* Reference doc for kubeadm (release-1.11) (#9044)

* Reference doc for kubeadm (release-1.11)

* fix shortcode to troubleshoot deploy (#9057)

* Reference doc for kube-components (release-1.11) (#9045)

* Reference doc for kube-components (release-1.11)

* Update cloud-controller-manager.md

* fix shortcode to troubleshoot deploy (#9057)

* Documentation on lowercasing kubeadm init apiserver SANs (#9059)

* Documentation on lowercasing kubeadm init apiserver SANs

* fix shortcode to troubleshoot deploy (#9057)

* Clarification in dynamic Kubelet config doc (#9061)

* Promote sysctls to Beta (#8804)

* Promote sysctls to Beta

* Copyedits

Signed-off-by: Misty Stanley-Jones <[email protected]>

* Review comments

* Address feedback

* More feedback

* kubectl reference docs for 1.11 (#9080)

* Update Kubernetes API 1.11 ref docs (#8977)

* Update v1alpha1 to v1beta1.

* Adjust left nav for 1.11 ref docs.

* Trim list of old ref docs.

* Update Federation API ref docs for 1.11. (#9064)

* Update Federation API ref docs for 1.11.

* Add titles.

* Update definitions.html

* CRD versioning Public Documentation (#8834)

* CRD versioning Public Documentation

* Copyedit

Signed-off-by: Misty Stanley-Jones <[email protected]>

* Address feedback

* More rewrites

* Address feedback

* Update main CRD page in light of versioning

* Reorg CRD docs

* Further reorg

* Tweak title

* CSI documentation update for raw block volume support (#8927)

* CSI documetation update for raw block volume support

* minor edits for "CSI raw block volume support"

Some small grammar and style nits.

* minor CSIBlockVolume edits

* Update kubectl component ref page for 1.11. (#9094)

* Update kubectl component ref page for 1.11.

* Add title. Replace stevepe with username.

* crd versioning doc: fix nits (#9142)

* Update `DynamicKubeletConfig` feature to beta (#9110)

xref: kubernetes/kubernetes#64275

* Documentation for dynamic volume limits based on node type (#8871)

* add cos for storage limits

* Update docs specific for aws and gce

* fix some minor things

* Update storage-limits.md

* Add k8s version to feature-state shortcode

* The Doc update for ScheduleDaemonSetPods (#8842)

Signed-off-by: Da K. Ma <[email protected]>

* Update docs related to PersistentVolumeLabel admission control (#9109)

The said admission controller is disabled by default in 1.11
(kubernetes/kubernetes#64326) and scheduled to be removed in future
release.

* client exec auth: updates for 1.11 (#9154)

* Updates HA kubeadm docs (#9066)

* Updates HA kubeadm docs

Signed-off-by: Chuck Ha <[email protected]>

* kubeadm HA - Add stacked control plane steps

* ssh instructions and some typos in the bash scripts

Signed-off-by: Chuck Ha <[email protected]>

* Fix typos and copypasta errors

* Fix rebase issues

* Integrate more changes

Signed-off-by: Chuck Ha <[email protected]>

* copyedits, layout and formatting fixes

* final copyedits

* Adds a sanity check for load balancer connection

Signed-off-by: Chuck Ha <[email protected]>

* formatting fixes, copyedits

* fix typos, formatting

* Document the Pod Ready++ feature (#9180)

Closes: #9107
Xref: kubernetes/kubernetes#64057

* Mention 'KubeletPluginsWatcher' feature (#9177)

* Mention 'KubeletPluginsWatcher' feature

This feature is more developers oriented than users oriented, so simply
mention it in the feature gate should be fine.
In future, when the design doc is migrated from Google doc to the
kubernetes/community repo, we can add links to it for users who want to
dig deeper.

Closes: #9108
Xref: kubernetes/kubernetes#63328, kubernetes/kubernetes#64605

* Copyedit

* Amend dynamic volume list docs (#9181)

The dynamic volume list feature has been documented but the feature gate
related was not there yet.

Closes: #9105

* Document for service account projection (#9182)

This adds docs for the service account projection feature.

Xref: kubernetes/kubernetes#63819, kubernetes/community#1973
Closes: #9102

* Update pod priority and preemption user docs (#9172)

* Update pod priority and preemption user docs

* Copyedit

* Documentation on setting node name with Kubeadm (#8925)

* Documentation on setting node name with Kubeadm

* copyedit

* Add kubeadm upgrade docs for 1.11 (#9089)

* Add kubeadm upgrade docs for 1.11

* Initial docs review feedback

* Add 1-11 to outline

* Fix formatting on tab blocks

* Move file to correct location

* Add `kubeadm upgrade node config` step

* Overzealous ediffing

* copyedit, fix lists and headings

* clarify --force flag for fixing bad state

* Get TOML ready for 1.11 release

* Blog post for 1.11 release (#9254)

* Blog post for 1.11 release

* Update 2018-06-26-kubernetes-1.11-release-announcement.md

* Update 2018-06-26-kubernetes-1.11-release-announcement.md

* Update 2018-06-26-kubernetes-1.11-release-announcement.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. size/XL Denotes a PR that changes 500-999 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

9 participants