Getting ready

Please run two Kubernetes clusters and give them the specified host name. You may just update the hostfile (/etc/hosts) on the master nodes. One is under localhost with the API server endpoint http://localhost:8080 and the other is on the remote side with the endpoint http://$REMOTE_MASTER_NODE:8080. We will use these two clusters for our demonstration. The endpoints of the API server here are insecure channels. It is a simple configuration of an API server for the dummy accessing permissions.

Enableing the API server's insecure endpoint on kubeadm

We have to pass additional arguments to the API server while running kubeadm init. In this case, a custom configuration file indicated by flag --config should be applied:

// you can also get this file through code bundle
$ cat additional-kubeadm-config
apiVersion: kubeadm.k8s.io/v1alpha1
kind: MasterConfiguration
apiServerExtraArgs:
  insecure-bind-address: "0.0.0.0"
  insecure-port: "8080"
// start cluster with additional system settings
$ sudo kubeadm init --config ./additional-kubeadm-config

After you boot up two clusters that have an insecure-accessing API server endpoint, make sure you can approach them on the localhost cluster:

// on localhost cluster, the following commands should be successful
$ curl http://localhost:8080
$ curl http://$REMOTE_MASTER_NODE:8080

Please note that the insecure address configuration is just for our upcoming tutorial. Users should be careful to set it properly on a practical system.

Before we start, we should check the default kubeconfig in order to observe the changes after any updates. Fire the command kubectl config view to see your initial kubeconfig:

// the settings created by kubeadm
$ kubectl config view
apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: REDACTED
    server: https://192.168.122.101:6443
  name: kubernetes
contexts:
- context:
    cluster: kubernetes
    user: kubernetes-admin
  name: kubernetes-admin@kubernetes
current-context: kubernetes-admin@kubernetes 
kind: Config
preferences: {}
users:
- name: kubernetes-admin
  user:
    client-certificate-data: REDACTED
    client-key-data: REDACTED

There will be some different settings based on your installation method. But we may also find a basic context has been initialized by the tool, which is kubernetes-admin@kubernetes in kubeadm. Go ahead and copy the physical kubeconfig file as the base for later updating, and also for resuming our original environment after our practice.

// in default, the kubeconfig used by client is the one under $HOME
$ cp ~/.kube/config ~/original-kubeconfig
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.16.135.225