-
Notifications
You must be signed in to change notification settings - Fork 14.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updates HA kubeadm docs #9066
Updates HA kubeadm docs #9066
Conversation
Deploy preview for kubernetes-io-vnext-staging processing. Built with commit 1ae82ef https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5b219e2bb312745f3e797104 |
Deploy preview for kubernetes-io-vnext-staging processing. Built with commit 715f9b1 https://app.netlify.com/sites/kubernetes-io-vnext-staging/deploys/5b2abaa0dd6a547a2a5b5e87 |
1. Figure out your pod CIDR. Please read the [CNI network | ||
section](/docs/setup/independent/create-cluster-kubeadm/#pod-network) of the | ||
docs for more information. Some CNI providers do not require a value to be | ||
set. This guide uses calico for no particular reason. Because of this choice |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would phrase this in a more positive way:
"Some CNI providers do not require a value to be set. This guide uses calico for no particular reason."
To something like:
In this in example we have chose to use Calico (please note that some cni providers do not require special pod CIDR).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Feedback on the feedback, I would not state that you're using Calico for "no particular reason."
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@MistyHacks exactly. Which is I why I'm suggesting he rephrased it to something more affirmative.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I know we don't want to "pick winners" or "take sides", but there are very valid reason why Calico is a great choice for most use cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The whole paragraph/step doesn't hold together very well, and any explanations are extraneous to a task-based doc. Try something like:
1. Find your pod CIDR. For details, see [the CNI network documentation](/docs/setup/independent/create-cluster-kubeadm/#pod-network). This example uses Calico, so the pod CIDR is `192.168.0.0/16`.
(without the code fences -- added them so you could see the whole thing)
|
||
#### Prerequisites | ||
|
||
1. This node must have [kubeadm, kubelet and kubectl][installation] installed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/assign (kubeadm-related) |
For each master that has been provisioned, follow the [installation guide](/docs/setup/independent/install-kubeadm/) on how to install kubeadm and its dependencies. At the end of this step, you should have all the dependencies installed on each master. | ||
|
||
## Setting up an HA etcd cluster | ||
# Stacked Masters (one etcd member and one control-plane co-located per host) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Having an overview section describing the different deployments would probably be helpful.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1. This could help the multiple prerequisites issue, too. But you can't put H1s inside a docs page (Hugo has cannibalized them for the page titles). This has to be an H2, and its children H3s or further nested as required. (Take a look at the preview again to see what happens -- H1 doesn't show up in the TOC, and the content isn't displayed in the order you intend.
Also, parenthetical remarks are a bad idea anywhere, but especially in headings. This remark plus the one for external etcd could go nicely in the overview section, though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's chat about wordsmithing content together.
/cc @detiber
```bash | ||
systemctl status etcd | ||
``` | ||
Now we can take that value and put it in `~/.ssh/authorized_keys` of any other host we want to connect to. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd add a snippet folks can use to copy keys around.
for host in m1.example.com \
m2.example.com \
m3.example.com; \
do ssh-copy-id -i ~/.ssh/id_rsa.pub $host; \
done
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. This should be another numbered step, too:
- Add the returned value to
~/.ssh/authorized_keys
on the other hosts to connect to:
<Tim's snippet>
|
||
This guide assumes calico will be used as the pod network and will therefore use |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this here?
EOF | ||
``` | ||
``` | ||
scp /etc/kubernetes/pki/etcd/ca.crt ubuntu@ETCD_HOST_1:/home/ubuntu |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nix the ubuntu name imo , and keep is generic user
|
||
**Note:** If you are using Kubernetes 1.9+, you can replace the `apiserver-count: 3` extra argument with `endpoint-reconciler-type: lease`. For more information, see [the documentation](/docs/admin/high-availability/#endpoint-reconciler). | ||
### Swizzling certs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's just call it copying, that term is non-standard.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
YES THANK YOU TIM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some rewording changes, a lot of reformatting (template compliance, procedure steps). You know where else to ask questions :-)
For each master that has been provisioned, follow the [installation guide](/docs/setup/independent/install-kubeadm/) on how to install kubeadm and its dependencies. At the end of this step, you should have all the dependencies installed on each master. | ||
|
||
## Setting up an HA etcd cluster | ||
# Stacked Masters (one etcd member and one control-plane co-located per host) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1. This could help the multiple prerequisites issue, too. But you can't put H1s inside a docs page (Hugo has cannibalized them for the page titles). This has to be an H2, and its children H3s or further nested as required. (Take a look at the preview again to see what happens -- H1 doesn't show up in the TOC, and the content isn't displayed in the order you intend.
Also, parenthetical remarks are a bad idea anywhere, but especially in headings. This remark plus the one for external etcd could go nicely in the overview section, though.
|
||
While the first option provides more performance and better hardware isolation, it is also more expensive and requires an additional support burden. | ||
# External Etcd (etcd members and control-planes are on separate hosts) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fix H1 and prerequisites, lower-case etcd throughout
|
||
1. Install `cfssl` and `cfssljson`: | ||
# Common Steps |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
H2. Also sentence case for headings everywhere ("Common steps"). Also not sure this is quite the right wording, but it'll do for now.
|
||
### Generate etcd client certs | ||
### Create an ssh key pair |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/ssh/SSH
This looks like a step, not a heading. See next comment.
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client client.json | cfssljson -bare client | ||
# The -N flag sets an empty passphrase | ||
ssh-keygen -N '' -f ~/.ssh/id_rsa | ||
cat ~/.ssh/id_rsa.pub | ||
``` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks as though you deleted the start of this code fence?
|
||
This guide assumes calico will be used as the pod network and will therefore use | ||
some default values, but they will be called out explicitly so replacing calico | ||
with another pod network is possible. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about calling this out in a note in the prerequisites? Then we could get rid of the comment about Calico in the Pod CIDR step, too. The note would look something like:
{{< note >}}
**Note**: The following examples run Calico as the Pod networking provider. If you run another networking provider, make sure to replace any default values as needed.
{{< /note >}}
|
||
Only follow this step if your etcd is hosted on dedicated nodes (**Option 1**). If you are hosting etcd on the masters (**Option 2**), you can skip this step since you've already generated the etcd certificates on the masters. | ||
Please see [setting up an HA etcd cluster using kubeadm](/docs/tasks/administer-cluster/setup-etcd-with-kubeadm). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lines 88-90 should be a numbered listitem instead:
1. [Set up an HA etcd cluster using kubeadm](/docs/tasks/administer-cluster/setup-etcd-with-kubeadm).
``` | ||
1. `/etc/kubernetes/pki/etcd/ca.crt` | ||
1. `/etc/kubernetes/pki/apiserver-etcd-client.crt` | ||
1. `/etc/kubernetes/pki/apiserver-etcd-client.key` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ll 95-97 (each):
s/1./- (or your preferred character for a bulleted list)
|
||
## Run `kubeadm init` on `master0` {#kubeadm-init-master0} | ||
Here is one way to do it, but there are many reasons why this might not work for | ||
you. For instance, you may be running any other linux distro. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(continue as block within the numbered list -- lmk if you need help figuring out the markup cuz it's different in Hugo/Blackfriday, although I think there might be OK models in some of the content you deleted). Also edit:
For example, you can run the following:
(note note that I suggest to follow)
scp /etc/kubernetes/pki/etcd/ca.crt ubuntu@ETCD_HOST_1:/home/ubuntu | ||
scp /etc/kubernetes/pki/apiserver-etcd-client.crt ubuntu@ETCD_HOST_1:/home/ubuntu | ||
scp /etc/kubernetes/pki/apiserver-etcd-client.key ubuntu@ETCD_HOST_2:/home/ubuntu | ||
``` | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add note here:
"This is an example only. Your environment or Linux distribution might require different commands."
Note markup:
{{< note >}}
**Note**: <note_text>
{{< /note >}}
51bfd4a
to
2de0d89
Compare
ptal @Bradamant3 @timothysc |
d0d1437
to
cace4bf
Compare
/hold I need to make a few tweaks to the stacked control plane config, will wrap up after family time :) |
/hold cancel |
title: Creating HA clusters with kubeadm | ||
content_template: templates/task | ||
--- | ||
|
||
{{% capture steps %}}' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I need help here. I don't want this but if I don't include a non-empty steps section then I end up with a big error page
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
edit nvm! taken care of
@Bradamant3 I integrated your changes as best I could but it has changed dramatically since you looked at it. please take a look when you've got time |
- With an external etcd cluster. This approach requires more infrastructure. The | ||
control plane nodes and etcd members are separated. | ||
|
||
Your clusters must run Kubernetes version 1.11 or later. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chuckha @Bradamant3 I think we need to reword this, but I'm failing on thinking of a better way to say that this doc will only work for v1.11 and later.
Also, should this be highlighted as a note to draw more attention to this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I haven't come up with anything better either, but I'll keep working on it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe a "before you begin" section like this one? https://kubernetes.io/docs/tasks/administer-cluster/dns-custom-nameservers/
You should add the control plane nodes to the load balancer but be aware they | ||
will fail the health check until the kube-apiserver is running. | ||
|
||
## Stacked control plane nodes |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@chuckha @Bradamant3 would it make sense (and is it even possible) to hide the two approaches here behind tabs, I think it would make the flow a bit better since there are common before/after steps for both.
Signed-off-by: Chuck Ha <[email protected]>
Signed-off-by: Chuck Ha <[email protected]>
Signed-off-by: Chuck Ha <[email protected]>
I had to rebase 1.11 on master before the release so I rebased this PR to get it into good shape again. |
- errordeveloper | ||
- jbeda | ||
title: Creating HA clusters with kubeadm | ||
- timothysc |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should be sig-cluster-lifecycle
instead of names
on the apiserver port. It must also allow incoming traffic on its | ||
listening port. | ||
|
||
1. Add the control plane nodes to the load balancer, but be aware they |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should add a section to ensure our connections through the LB don't time out.
Something like
- Confirm the connection is working. A timeout confirms some settings need to be adjusted. A connection refused is ok because the API server is not running yet.
nc -v <load balancer ip> <port>
# example: nc -v 10.0.0.0 6443
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
💯 👍
Signed-off-by: Chuck Ha <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm outside of the stray sudo I accidentally left in there 😂
* `CP0_HOSTNAME` | ||
* `CP0_IP` | ||
|
||
1. Run `sudo kubeadm init --config kubeadm-config.yaml` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
stray sudo left over, should be removed since we are telling users that commands should be run as root
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll remove in the commit I'm finishing now
- `/etc/kubernetes/admin.conf` | ||
|
||
In the following example, replace | ||
`CONTROL_PLANE_IP` with the IP addresses of the other control plane nodes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this should be CONTROL_PLANE_IPS rather than CONTROL_PLANE_IP
|
||
In the section `vrrp_instance VI_1`, change few lines depending on your setup: | ||
{{< note >}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The preview shows this note sitting in a nested code block 😢
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yup. Blackfriday/CSS FTW. I decided to live with it. If it drives you crazy, lmk and that'll make two of us :D
- `/etc/kubernetes/pki/front-proxy-ca.key` | ||
|
||
In the following example, replace the list of | ||
`CONTROL_PLANE_IP` values with the IP addresses of the other control plane nodes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should be CONTROL_PLANE_IPS as well.
|
||
In the section `vrrp_instance VI_1`, change few lines depending on your setup: | ||
- This command causes the etcd cluster to become unavailable for a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hate to say it, but I think the previous version was a bit better, this version doesn't really bring attention to the statement
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
layout so ugly as to be distracting, though. Also there are so many notes in the doc that their effectiveness is getting lost.
changes, so lost this again: /lgtm |
Thanks everyone for the hard work! 🎉 /approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mistyhacks, timothysc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
* Updates HA kubeadm docs Signed-off-by: Chuck Ha <[email protected]> * kubeadm HA - Add stacked control plane steps * ssh instructions and some typos in the bash scripts Signed-off-by: Chuck Ha <[email protected]> * Fix typos and copypasta errors * Fix rebase issues * Integrate more changes Signed-off-by: Chuck Ha <[email protected]> * copyedits, layout and formatting fixes * final copyedits * Adds a sanity check for load balancer connection Signed-off-by: Chuck Ha <[email protected]> * formatting fixes, copyedits * fix typos, formatting
* Updates HA kubeadm docs Signed-off-by: Chuck Ha <[email protected]> * kubeadm HA - Add stacked control plane steps * ssh instructions and some typos in the bash scripts Signed-off-by: Chuck Ha <[email protected]> * Fix typos and copypasta errors * Fix rebase issues * Integrate more changes Signed-off-by: Chuck Ha <[email protected]> * copyedits, layout and formatting fixes * final copyedits * Adds a sanity check for load balancer connection Signed-off-by: Chuck Ha <[email protected]> * formatting fixes, copyedits * fix typos, formatting
* Seperate priority and preemption (#8144) * Doc about PID pressure condition. (#8211) * Doc about PID pressure condition. Signed-off-by: Da K. Ma <[email protected]> * "so" -> "too" * Update version selector for 1.11 * StorageObjectInUseProtection is GA (#8291) * Feature gate: StorageObjectInUseProtection is GA Update feature gate reference for 1.11 * Trivial commit to re-trigger Netlify * CRIContainerLogRotation is Beta in 1.11 (#8665) * Seperate priority and preemption (#8144) * CRIContainerLogRotation is Beta in 1.11 xref: kubernetes/kubernetes#64046 * Bring StorageObjectInUseProtection feature to GA (#8159) * StorageObjectInUseProtection is GA (#8291) * Feature gate: StorageObjectInUseProtection is GA Update feature gate reference for 1.11 * Trivial commit to re-trigger Netlify * Bring StorageObjectInUseProtection feature to GA StorageObjectInUseProtection is Beta in K8s 1.10. It's brought to GA in K8s 1.11. * Fixed typo and added feature state tags. * Remove KUBE_API_VERSIONS doc (#8292) The support to the KUBER_API_VERSIONS environment variable is completely dropped (no deprecation). This PR removes the related doc in release-1.11. xref: kubernetes/kubernetes#63165 * Remove InitialResources from admission controllers (#8293) The feature (was experimental) is dropped in 1.11. xref: kubernetes/kubernetes#58784 * Remove docs related to in-tree support to GPU (#8294) * Remove docs related to in-tree support to GPU The in-tree support to GPU is completely removed in release 1.11. This PR removes the related docs in release-1.11 branch. xref: kubernetes/kubernetes#61498 * Update content updated by PR to Hugo syntax Signed-off-by: Misty Stanley-Jones <[email protected]> * Update the doc about extra volume in kubeadm config (#8453) Signed-off-by: Xianglin Gao <[email protected]> * Update CRD Subresources for 1.11 (#8519) * coredns: update notes in administer-cluster/coredns.md (#8697) CoreDNS is installed by default in 1.11. Add notes on how to install kube-dns instead. Update notes about CoreDNS->CoreDNS upgrades as in 1.11 the Corefile is retained. Add example on upgrading from kube-dns to CoreDNS. * kubeadm-alpha: CoreDNS related changes (#8727) Update note about CoreDNS feature gate. This change also updates a tab as a kubeadm sub-command will change. It looks for a new generated file: generated/kubeadm_alpha_phase_addon_coredns.md instead of: generated/kubeadm_alpha_phase_addon_kube-dns.md * Update cloud controller manager docs to beta 1.11 (#8756) * Update cloud controller manager docs to beta 1.11 * Use Hugo shortcode for feature state * kubeadm-upgrade: include new command `kubeadm upgrade diff` (#8617) Also: - Include note that this was added in 1.11. - Modify the note about upgrade guidance. * independent: update CoreDNS mentions for kubeadm (#8753) Give CoreDNS instead of kube-dns examples in: - docs/setup/independent/create-cluster-kubeadm.md - docs/setup/independent/troubleshooting-kubeadm.md * update 1.11 --server-print info (#8870) * update 1.11 --server-print info * Copyedit * Mark ExpandPersistentVolumes feature to beta (#8778) * Update version selector for 1.11 * Mark ExpandPersistentVolumes Beta xref: kubernetes/kubernetes#64288 * fix shortcode, add placeholder files to fix deploy failures (#8874) * declare ipvs ga (#8850) * kubeadm: update info about CoreDNS in kubeadm-init.md (#8728) Add info to install kube-dns instead of CoreDNS, as CoreDNS is the default DNS server in 1.11. Add notes that kubeadm config images can be used to list and pull the required images in 1.11. * kubeadm: update implementation-details.md about CoreDNS (#8829) - Replace examples from kube-dns to CoreDNS - Add notes about the CoreDNS feature gate status in 1.11 - Add note that the service name for CoreDNS is also called `kube-dns` * Update block device support for 1.11 (#8895) * Update block device support for 1.11 * Copyedits * Fix typo 'fiber channel' (#8957) Signed-off-by: Misty Stanley-Jones <[email protected]> * kubeadm-upgrade: add the 'node [config]' sub-command (#8960) - Add includes for the generated pages - Include placeholder generated pages * kubeadm-init: update the example for the MasterConfiguration (#8958) - include godocs link for MasterConfiguration - include example MasterConfiguration - add note that `kubeadm config print-default` can be used * kubeadm-config: include new commands (#8862) Add notes and includes for these new commands in 1.11: - kubeadm config print-default - kubeadm config migrate - kubeadm config images list - kubeadm config images pull Include placeholder generated files for the above. * administer-cluster/coredns: include more changes (#8985) It was requested that for this page a couple of methods should be outlined: - manual installation for CoreDNS explained at the Kubernetes section of the GitHub project for CoreDNS - installation and upgrade via kubeadm Make the above changes and also add a section "About CoreDNS". This commit also lowercases a section title. * Update CRD subresources doc for 1.11 (#8918) * Add docs for volume expansion and online resizing (#8896) * Add docs for volume expansion going beta * Copyedit * Address feedback * Update exec plugin docs with TLS credentials (#8826) * Update exec plugin docs with TLS credentials kubernetes/kubernetes#61803 implements TLS client credential support for 1.11. * Copyedit * More copyedits for clarification * Additional copyedit * Change token->credential * NodeRestriction admission prevents kubelet taint removal (#8911) * dns-custom-namerserver: break down the page into mutliple sections (#8900) * dns-custom-namerserver: break down the page into mutliple sections This page is currently about kube-dns and is a bit outdated. Introduce the heading `# Customizing kube-dns`. Introduce a separate section about CoreDNS. * Copyedits, fix headings for customizing DNS Hey Lubomir, I coypedited pretty heavily because this workflow is so much easier for docs and because I'm trying to help improve everything touching kubeadm as much as possible. But there's one outstanding issue wrt headings and intro content: you can't add a heading 1 to a topic to do what you wanted to do. The page title in the front matter is rendered as a heading 1 and everything else has to start at heading 2. (We still need to doc this better in the docs contributing content, I know.) Instead, I think we need to rewrite the top-of-page intro content to explain better the relationship between kube-dns and CoreDNS. I'm happy to write something, but I thought I'd push this commit first so you can see what I'm doing. Hope it's all clear -- ping here or on Slack with any questions ~ Jennifer * Interim fix for talking about CoreDNS * Fix CoreDNS details * PSP readOnly hostPath (#8898) * Add documentation for crictl (#8880) * Add documentation for crictl * Copyedit Signed-off-by: Misty Stanley-Jones <[email protected]> * Final copyedit * VolumeSubpathEnvExpansion alpha feature (#8835) * Note that Heapster is deprecated (#8827) * Note that Heapster is deprecated This notes that Heapster is deprecated, and migrates the relevant docs to talk about metrics-server or other solutions by default. * Copyedits and improvements Signed-off-by: Misty Stanley-Jones <[email protected]> * Address feedback * fix shortcode to troubleshoot deploy (#9057) * update dynamic kubelet config docs for v1.11 (#8766) * update dynamic kubelet config docs for v1.11 * Substantial copyedit * Address feedback * Reference doc for kubeadm (release-1.11) (#9044) * Reference doc for kubeadm (release-1.11) * fix shortcode to troubleshoot deploy (#9057) * Reference doc for kube-components (release-1.11) (#9045) * Reference doc for kube-components (release-1.11) * Update cloud-controller-manager.md * fix shortcode to troubleshoot deploy (#9057) * Documentation on lowercasing kubeadm init apiserver SANs (#9059) * Documentation on lowercasing kubeadm init apiserver SANs * fix shortcode to troubleshoot deploy (#9057) * Clarification in dynamic Kubelet config doc (#9061) * Promote sysctls to Beta (#8804) * Promote sysctls to Beta * Copyedits Signed-off-by: Misty Stanley-Jones <[email protected]> * Review comments * Address feedback * More feedback * kubectl reference docs for 1.11 (#9080) * Update Kubernetes API 1.11 ref docs (#8977) * Update v1alpha1 to v1beta1. * Adjust left nav for 1.11 ref docs. * Trim list of old ref docs. * Update Federation API ref docs for 1.11. (#9064) * Update Federation API ref docs for 1.11. * Add titles. * Update definitions.html * CRD versioning Public Documentation (#8834) * CRD versioning Public Documentation * Copyedit Signed-off-by: Misty Stanley-Jones <[email protected]> * Address feedback * More rewrites * Address feedback * Update main CRD page in light of versioning * Reorg CRD docs * Further reorg * Tweak title * CSI documentation update for raw block volume support (#8927) * CSI documetation update for raw block volume support * minor edits for "CSI raw block volume support" Some small grammar and style nits. * minor CSIBlockVolume edits * Update kubectl component ref page for 1.11. (#9094) * Update kubectl component ref page for 1.11. * Add title. Replace stevepe with username. * crd versioning doc: fix nits (#9142) * Update `DynamicKubeletConfig` feature to beta (#9110) xref: kubernetes/kubernetes#64275 * Documentation for dynamic volume limits based on node type (#8871) * add cos for storage limits * Update docs specific for aws and gce * fix some minor things * Update storage-limits.md * Add k8s version to feature-state shortcode * The Doc update for ScheduleDaemonSetPods (#8842) Signed-off-by: Da K. Ma <[email protected]> * Update docs related to PersistentVolumeLabel admission control (#9109) The said admission controller is disabled by default in 1.11 (kubernetes/kubernetes#64326) and scheduled to be removed in future release. * client exec auth: updates for 1.11 (#9154) * Updates HA kubeadm docs (#9066) * Updates HA kubeadm docs Signed-off-by: Chuck Ha <[email protected]> * kubeadm HA - Add stacked control plane steps * ssh instructions and some typos in the bash scripts Signed-off-by: Chuck Ha <[email protected]> * Fix typos and copypasta errors * Fix rebase issues * Integrate more changes Signed-off-by: Chuck Ha <[email protected]> * copyedits, layout and formatting fixes * final copyedits * Adds a sanity check for load balancer connection Signed-off-by: Chuck Ha <[email protected]> * formatting fixes, copyedits * fix typos, formatting * Document the Pod Ready++ feature (#9180) Closes: #9107 Xref: kubernetes/kubernetes#64057 * Mention 'KubeletPluginsWatcher' feature (#9177) * Mention 'KubeletPluginsWatcher' feature This feature is more developers oriented than users oriented, so simply mention it in the feature gate should be fine. In future, when the design doc is migrated from Google doc to the kubernetes/community repo, we can add links to it for users who want to dig deeper. Closes: #9108 Xref: kubernetes/kubernetes#63328, kubernetes/kubernetes#64605 * Copyedit * Amend dynamic volume list docs (#9181) The dynamic volume list feature has been documented but the feature gate related was not there yet. Closes: #9105 * Document for service account projection (#9182) This adds docs for the service account projection feature. Xref: kubernetes/kubernetes#63819, kubernetes/community#1973 Closes: #9102 * Update pod priority and preemption user docs (#9172) * Update pod priority and preemption user docs * Copyedit * Documentation on setting node name with Kubeadm (#8925) * Documentation on setting node name with Kubeadm * copyedit * Add kubeadm upgrade docs for 1.11 (#9089) * Add kubeadm upgrade docs for 1.11 * Initial docs review feedback * Add 1-11 to outline * Fix formatting on tab blocks * Move file to correct location * Add `kubeadm upgrade node config` step * Overzealous ediffing * copyedit, fix lists and headings * clarify --force flag for fixing bad state * Get TOML ready for 1.11 release * Blog post for 1.11 release (#9254) * Blog post for 1.11 release * Update 2018-06-26-kubernetes-1.11-release-announcement.md * Update 2018-06-26-kubernetes-1.11-release-announcement.md * Update 2018-06-26-kubernetes-1.11-release-announcement.md
Signed-off-by: Chuck Ha [email protected]