Black lives matter.
We stand in solidarity with the Black community.
Racism is unacceptable.
It conflicts with the core values of the Kubernetes project and our community does not tolerate it.
We stand in solidarity with the Black community.
Racism is unacceptable.
It conflicts with the core values of the Kubernetes project and our community does not tolerate it.
kubeadm allows you to experimentally create a self-hosted Kubernetes control plane. This means that key components such as the API server, controller manager, and scheduler run as DaemonSet pods configured via the Kubernetes API instead of static pods configured in the kubelet via static files.
To create a self-hosted cluster see the kubeadm alpha selfhosting pivot command.
Caution: This feature pivots your cluster into an unsupported state, rendering kubeadm unable to manage you cluster any longer. This includeskubeadm upgrade
.
Self-hosting in 1.8 and later has some important limitations. In particular, a self-hosted cluster cannot recover from a reboot of the control-plane node without manual intervention.
By default, self-hosted control plane Pods rely on credentials loaded from
hostPath
volumes. Except for initial creation, these credentials are not managed by
kubeadm.
The self-hosted portion of the control plane does not include etcd, which still runs as a static Pod.
The self-hosting bootstrap process is documented in the kubeadm design document.
In summary, kubeadm alpha selfhosting
works as follows:
Waits for this bootstrap static control plane to be running and
healthy. This is identical to the kubeadm init
process without self-hosting.
Uses the static control plane Pod manifests to construct a set of DaemonSet manifests that will run the self-hosted control plane. It also modifies these manifests where necessary, for example adding new volumes for secrets.
Creates DaemonSets in the kube-system
namespace and waits for the
resulting Pods to be running.
Once self-hosted Pods are operational, their associated static Pods are deleted and kubeadm moves on to install the next component. This triggers kubelet to stop those static Pods.
When the original static control plane stops, the new self-hosted control plane is able to bind to listening ports and become active.