Emerge kubelet
, kubeadm
, kubectl
, all the same version. For some reason, Gentoo stablized kubelet
and kubectl
but not kubeadm
.
I'm using Calico, so also emerge net-misc/calico-cni-plugin
.
Gentoo's kubelet
package includes a systemd unit file that is 100% not going to work. We need to override it; place the following at /etc/systemd/system/kubelet.service
:
# Note: This dropin only works with kubeadm and kubelet v1.11+
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap-kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
# This is a file that "kubeadm init" and "kubeadm join" generate at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
Basically, the systemd unit Gentoo uses.
- does not supply the correct flags to
kubelet
- does not pick up the correct flags that
kubeadm
will write out for it.
I'm doing Calico, as that's all I know how to do.
For Calico, you need to choose a network (CIDR) to operate your k8s cluster in. I'm choosing 10.128.0.0/10; the default 192.168.0.0/16 overlaps with my home LAN, so it will not work.
Download the Calico YAML file somewhere:
wget https://docs.projectcalico.org/v3.10/manifests/calico.yaml
Edit it; find 192.168.0.0/16
and replace it with whatever CIDR you desire to use.
The next steps are very quick, and we need to fulfill a race-condition to succeed; timing is important.
You need two terminals, one to run kubeadm
, one to correct for its shortcomings.
Terminal one: kubeadm init --pod-network-cidr=10.128.0.0/10
(again, change the CIDR here to whatever you want to use)
Terminal two:
kubeadm
will start kubelet
, but will do so prior to writing the CA cert to disk. If you journalctl -u kubelet
, you should see it fail:
Dec 07 13:55:53 host kubelet[3012]: F1207 13:55:53.439570 3012 server.go:249] unable to load client CA file /etc/kubernetes/pki/ca.crt: open /etc/kubernetes/pki/ca.crt: no such file or directory
Dec 07 13:55:53 host systemd[1]: kubelet.service: Main process exited, code=exited, status=255/EXCEPTION
Dec 07 13:55:53 host systemd[1]: kubelet.service: Failed with result 'exit-code'.
Just restart it; by the time you get the command in, that file will be there: systemctl start kubelet
Copy the config: cp /etc/kubernetes/admin.conf ~/.kube/config
Apply Calico: kubectl apply -f calico.yaml
Read the logs to verify that kubelet
looks happy-ish, and follow the rest of the Calico tutorial as normal.
Do you have etcd daemon running?