github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

kubeadm cleanup: master -> control-plane

pull/564/head
SataQiu 2019-02-12 17:31:35 +08:00
parent 0480214903
commit ab9709ff70
3 changed files with 12 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/kubeadm/app/cmd/init.go
View File

@ -51,7 +51,7 @@ import (
var ( var (
initDoneTempl = template.Must(template.New("init").Parse(dedent.Dedent(` initDoneTempl = template.Must(template.New("init").Parse(dedent.Dedent(`
Your Kubernetes master has initialized successfully! Your Kubernetes control-plane has initialized successfully!
To start using your cluster, you need to run the following as a regular user: To start using your cluster, you need to run the following as a regular user:

18
cmd/kubeadm/app/cmd/join.go
View File

@ -55,7 +55,7 @@ var (
* Certificate signing request was sent to apiserver and a response was received. * Certificate signing request was sent to apiserver and a response was received.
* The Kubelet was informed of the new secure connection details. * The Kubelet was informed of the new secure connection details.
Run 'kubectl get nodes' on the master to see this node join the cluster. Run 'kubectl get nodes' on the control-plane to see this node join the cluster.
`) `)
@ -81,8 +81,8 @@ var (
joinLongDescription = dedent.Dedent(` joinLongDescription = dedent.Dedent(`
When joining a kubeadm initialized cluster, we need to establish When joining a kubeadm initialized cluster, we need to establish
bidirectional trust. This is split into discovery (having the Node bidirectional trust. This is split into discovery (having the Node
trust the Kubernetes Master) and TLS bootstrap (having the Kubernetes trust the Kubernetes Control Plane) and TLS bootstrap (having the
Master trust the Node). Kubernetes Control Plane trust the Node).
There are 2 main schemes for discovery. The first is to use a shared There are 2 main schemes for discovery. The first is to use a shared
token along with the IP address of the API server. The second is to token along with the IP address of the API server. The second is to
@ -97,8 +97,8 @@ var (
If you use a shared token for discovery, you should also pass the If you use a shared token for discovery, you should also pass the
--discovery-token-ca-cert-hash flag to validate the public key of the --discovery-token-ca-cert-hash flag to validate the public key of the
root certificate authority (CA) presented by the Kubernetes Master. The root certificate authority (CA) presented by the Kubernetes Control Plane.
value of this flag is specified as "<hash-type>:<hex-encoded-value>", The value of this flag is specified as "<hash-type>:<hex-encoded-value>",
where the supported hash type is "sha256". The hash is calculated over where the supported hash type is "sha256". The hash is calculated over
the bytes of the Subject Public Key Info (SPKI) object (as in RFC7469). the bytes of the Subject Public Key Info (SPKI) object (as in RFC7469).
This value is available in the output of "kubeadm init" or can be This value is available in the output of "kubeadm init" or can be
@ -108,12 +108,12 @@ var (
If you cannot know the CA public key hash ahead of time, you can pass If you cannot know the CA public key hash ahead of time, you can pass
the --discovery-token-unsafe-skip-ca-verification flag to disable this the --discovery-token-unsafe-skip-ca-verification flag to disable this
verification. This weakens the kubeadm security model since other nodes verification. This weakens the kubeadm security model since other nodes
can potentially impersonate the Kubernetes Master. can potentially impersonate the Kubernetes Control Plane.
The TLS bootstrap mechanism is also driven via a shared token. This is The TLS bootstrap mechanism is also driven via a shared token. This is
used to temporarily authenticate with the Kubernetes Master to submit a used to temporarily authenticate with the Kubernetes Control Plane to submit a
certificate signing request (CSR) for a locally created key pair. By certificate signing request (CSR) for a locally created key pair. By
default, kubeadm will set up the Kubernetes Master to automatically default, kubeadm will set up the Kubernetes Control Plane to automatically
approve these signing requests. This token is passed in with the approve these signing requests. This token is passed in with the
--tls-bootstrap-token abcdef.1234567890abcdef flag. --tls-bootstrap-token abcdef.1234567890abcdef flag.
@ -231,7 +231,7 @@ func addJoinConfigFlags(flagSet *flag.FlagSet, cfg *kubeadmapiv1beta1.JoinConfig
) )
flagSet.StringVar( flagSet.StringVar(
&cfg.Discovery.TLSBootstrapToken, options.TLSBootstrapToken, cfg.Discovery.TLSBootstrapToken, &cfg.Discovery.TLSBootstrapToken, options.TLSBootstrapToken, cfg.Discovery.TLSBootstrapToken,
`Specify the token used to temporarily authenticate with the Kubernetes Master while joining the node.`, `Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.`,
) )
cmdutil.AddCRISocketFlag(flagSet, &cfg.NodeRegistration.CRISocket) cmdutil.AddCRISocketFlag(flagSet, &cfg.NodeRegistration.CRISocket)
} }

4
cmd/kubeadm/app/cmd/upgrade/common.go
View File

@ -85,8 +85,8 @@ func enforceRequirements(flags *applyPlanFlags, dryRun bool, newK8sVersion strin
fmt.Println("[upgrade/config] Without this information, 'kubeadm upgrade' won't know how to configure your upgraded cluster.") fmt.Println("[upgrade/config] Without this information, 'kubeadm upgrade' won't know how to configure your upgraded cluster.")
fmt.Println("") fmt.Println("")
fmt.Println("[upgrade/config] Next steps:") fmt.Println("[upgrade/config] Next steps:")
fmt.Printf("\t- OPTION 1: Run 'kubeadm config upload from-flags' and specify the same CLI arguments you passed to 'kubeadm init' when you created your master.\n") fmt.Printf("\t- OPTION 1: Run 'kubeadm config upload from-flags' and specify the same CLI arguments you passed to 'kubeadm init' when you created your control-plane.\n")
fmt.Printf("\t- OPTION 2: Run 'kubeadm config upload from-file' and specify the same config file you passed to 'kubeadm init' when you created your master.\n") fmt.Printf("\t- OPTION 2: Run 'kubeadm config upload from-file' and specify the same config file you passed to 'kubeadm init' when you created your control-plane.\n")
fmt.Printf("\t- OPTION 3: Pass a config file to 'kubeadm upgrade' using the --config flag.\n") fmt.Printf("\t- OPTION 3: Pass a config file to 'kubeadm upgrade' using the --config flag.\n")
fmt.Println("") fmt.Println("")
err = errors.Errorf("the ConfigMap %q in the %s namespace used for getting configuration information was not found", constants.KubeadmConfigConfigMap, metav1.NamespaceSystem) err = errors.Errorf("the ConfigMap %q in the %s namespace used for getting configuration information was not found", constants.KubeadmConfigConfigMap, metav1.NamespaceSystem)