dynamic kubelet configuration

requirements

# install jq
> sudo apt install -y jq

# set node name env and create kubelet config z
> NODE_NAME="worker-1"; \
  curl -sSL "https://localhost:6443/api/v1/nodes/${NODE_NAME}/proxy/configz" \
  -k --cert admin.crt --key admin.key | \
  jq '.kubeletconfig|.kind="KubeletConfiguration"|.apiVersion="kubelet.config.k8s.io/v1beta1"' \
  > kubelet_configz_${NODE_NAME}

# create config map from 
> kubectl -n kube-system create configmap nodes-config \
  --from-file=kubelet=kubelet_configz_${NODE_NAME} \
  --append-hash -o yaml

edit worker-1 node to use the dynamically created configuration

# edit node
> kubectl edit node worker-1

adding the following content

configSource:
    configMap:
        name: CONFIG_MAP_NAME # replace CONFIG_MAP_NAME with the name of the ConfigMap
        namespace: kube-system
        kubeletConfigKey: kubelet

configure kubelet service - create systemd unit file

cat <<EOF | sudo tee /etc/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/kubernetes/kubernetes
After=docker.service
Requires=docker.service

[Service]
ExecStart=/usr/local/bin/kubelet \\
  --bootstrap-kubeconfig="/var/lib/kubelet/bootstrap-kubeconfig" \\
  --image-pull-progress-deadline=2m \\
  --kubeconfig=/var/lib/kubelet/kubeconfig \\
  --dynamic-config-dir=/var/lib/kubelet/dynamic-config \\
  --cert-dir= /var/lib/kubelet/ \\
  --rotate-certificates=true \ # extra
  --rotate-server-certificates=true \ # extra
  --network-plugin=cni \\
  --register-node=true \\
  --v=2
Restart=on-failure
RestartSec=5

[Install]
WantedBy=multi-user.target
EOF

— copyleft —

all commands shown on this page are from mmumshad’s fork of “kubernetes-the-hard-way” by kelseyhightower on github