k8s thw 17 - dynamic kubelet config
dynamic kubelet
configuration
requirements
# install jq
> sudo apt install -y jq
# set node name env and create kubelet config z
> NODE_NAME="worker-1"; \
curl -sSL "https://localhost:6443/api/v1/nodes/${NODE_NAME}/proxy/configz" \
-k --cert admin.crt --key admin.key | \
jq '.kubeletconfig|.kind="KubeletConfiguration"|.apiVersion="kubelet.config.k8s.io/v1beta1"' \
> kubelet_configz_${NODE_NAME}
# create config map from
> kubectl -n kube-system create configmap nodes-config \
--from-file=kubelet=kubelet_configz_${NODE_NAME} \
--append-hash -o yaml
edit worker-1
node to use the dynamically created configuration
# edit node
> kubectl edit node worker-1
adding the following content
configSource:
configMap:
name: CONFIG_MAP_NAME # replace CONFIG_MAP_NAME with the name of the ConfigMap
namespace: kube-system
kubeletConfigKey: kubelet
configure kubelet
service - create systemd unit file
cat <<EOF | sudo tee /etc/systemd/system/kubelet.service
[Unit]
Description=Kubernetes Kubelet
Documentation=https://github.com/kubernetes/kubernetes
After=docker.service
Requires=docker.service
[Service]
ExecStart=/usr/local/bin/kubelet \\
--bootstrap-kubeconfig="/var/lib/kubelet/bootstrap-kubeconfig" \\
--image-pull-progress-deadline=2m \\
--kubeconfig=/var/lib/kubelet/kubeconfig \\
--dynamic-config-dir=/var/lib/kubelet/dynamic-config \\
--cert-dir= /var/lib/kubelet/ \\
--rotate-certificates=true \ # extra
--rotate-server-certificates=true \ # extra
--network-plugin=cni \\
--register-node=true \\
--v=2
Restart=on-failure
RestartSec=5
[Install]
WantedBy=multi-user.target
EOF
— copyleft —
all commands shown on this page are from
mmumshad’s fork of “kubernetes-the-hard-way” by kelseyhightower
on github
19-09-2021