1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubeadm  init - Run this command in order to set up the Kubernetes con‐
10       trol plane
11
12
13

SYNOPSIS

15       kubeadm init [OPTIONS]
16
17
18

DESCRIPTION

20       Run this command in order to set up the Kubernetes control plane
21
22
23       The "init" command executes the following phases:
24
25
26              preflight                    Run pre-flight checks
27              certs                        Certificate generation
28                /ca                          Generate the self-signed Kubernetes CA to provision identities for other Kubernetes components
29                /apiserver                   Generate the certificate for serving the Kubernetes API
30                /apiserver-kubelet-client    Generate the certificate for the API server to connect to kubelet
31                /front-proxy-ca              Generate the self-signed CA to provision identities for front proxy
32                /front-proxy-client          Generate the certificate for the front proxy client
33                /etcd-ca                     Generate the self-signed CA to provision identities for etcd
34                /etcd-server                 Generate the certificate for serving etcd
35                /etcd-peer                   Generate the certificate for etcd nodes to communicate with each other
36                /etcd-healthcheck-client     Generate the certificate for liveness probes to healthcheck etcd
37                /apiserver-etcd-client       Generate the certificate the apiserver uses to access etcd
38                /sa                          Generate a private key for signing service account tokens along with its public key
39              kubeconfig                   Generate all kubeconfig files necessary to establish the control plane and the admin kubeconfig file
40                /admin                       Generate a kubeconfig file for the admin to use and for kubeadm itself
41                /kubelet                     Generate a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes
42                /controller-manager          Generate a kubeconfig file for the controller manager to use
43                /scheduler                   Generate a kubeconfig file for the scheduler to use
44              kubelet-start                Write kubelet settings and (re)start the kubelet
45              control-plane                Generate all static Pod manifest files necessary to establish the control plane
46                /apiserver                   Generates the kube-apiserver static Pod manifest
47                /controller-manager          Generates the kube-controller-manager static Pod manifest
48                /scheduler                   Generates the kube-scheduler static Pod manifest
49              etcd                         Generate static Pod manifest file for local etcd
50                /local                       Generate the static Pod manifest file for a local, single-node local etcd instance
51              upload-config                Upload the kubeadm and kubelet configuration to a ConfigMap
52                /kubeadm                     Upload the kubeadm ClusterConfiguration to a ConfigMap
53                /kubelet                     Upload the kubelet component config to a ConfigMap
54              upload-certs                 Upload certificates to kubeadm-certs
55              mark-control-plane           Mark a node as a control-plane
56              bootstrap-token              Generates bootstrap tokens used to join a node to a cluster
57              kubelet-finalize             Updates settings relevant to the kubelet after TLS bootstrap
58                /experimental-cert-rotation  Enable kubelet client certificate rotation
59              addon                        Install required addons for passing conformance tests
60                /coredns                     Install the CoreDNS addon to a Kubernetes cluster
61                /kube-proxy                  Install the kube-proxy addon to a Kubernetes cluster
62
63
64
65

OPTIONS

67       --apiserver-advertise-address=""      The IP  address  the  API  Server
68       will advertise it's listening on. If not set the default network inter‐
69       face will be used.
70
71
72       --apiserver-bind-port=6443      Port for the API Server to bind to.
73
74
75       --apiserver-cert-extra-sans=[]      Optional extra Subject  Alternative
76       Names (SANs) to use for the API Server serving certificate. Can be both
77       IP addresses and DNS names.
78
79
80       --cert-dir="/etc/kubernetes/pki"      The path where to save and  store
81       the certificates.
82
83
84       --certificate-key=""       Key  used  to encrypt the control-plane cer‐
85       tificates in the kubeadm-certs Secret.
86
87
88       --config=""      Path to a kubeadm configuration file.
89
90
91       --control-plane-endpoint=""      Specify a stable  IP  address  or  DNS
92       name for the control plane.
93
94
95       --cri-socket=""       Path  to  the  CRI  socket  to  connect. If empty
96       kubeadm will try to auto-detect this value; use this option only if you
97       have  more  than  one  CRI  installed  or  if you have non-standard CRI
98       socket.
99
100
101       --dry-run=false      Don't apply any changes; just output what would be
102       done.
103
104
105       --experimental-patches=""       Path to a directory that contains files
106       named "target[suffix][+patchtype].extension". For example,  "kube-apis‐
107       erver0+merge.yaml"  or  just  "etcd.json".  "patchtype"  can  be one of
108       "strategic", "merge" or "json" and they match the  patch  formats  sup‐
109       ported  by kubectl. The default "patchtype" is "strategic". "extension"
110       must be either "json" or "yaml". "suffix" is an  optional  string  that
111       can  be used to determine which patches are applied first alpha-numeri‐
112       cally.
113
114
115       --feature-gates=""      A set of key=value pairs that describe  feature
116       gates for various features. Options are: IPv6DualStack=true|false (BETA
117       - default=true) PublicKeysECDSA=true|false (ALPHA - default=false)
118
119
120       --ignore-preflight-errors=[]      A list of checks whose errors will be
121       shown  as  warnings.  Example: 'IsPrivilegedUser,Swap'. Value 'all' ig‐
122       nores errors from all checks.
123
124
125       --image-repository="k8s.gcr.io"      Choose  a  container  registry  to
126       pull control plane images from
127
128
129       --kubernetes-version="stable-1"       Choose a specific Kubernetes ver‐
130       sion for the control plane.
131
132
133       --node-name=""      Specify the node name.
134
135
136       --pod-network-cidr=""      Specify range of IP addresses  for  the  pod
137       network.  If  set,  the control plane will automatically allocate CIDRs
138       for every node.
139
140
141       --service-cidr="10.96.0.0/12"      Use alternative range of IP  address
142       for service VIPs.
143
144
145       --service-dns-domain="cluster.local"       Use  alternative  domain for
146       services, e.g. "myorg.internal".
147
148
149       --skip-certificate-key-print=false      Don't print the key used to en‐
150       crypt the control-plane certificates.
151
152
153       --skip-phases=[]      List of phases to be skipped
154
155
156       --skip-token-print=false       Skip  printing  of the default bootstrap
157       token generated by 'kubeadm init'.
158
159
160       --token=""      The token to use for establishing  bidirectional  trust
161       between    nodes    and    control-plane    nodes.    The   format   is
162       [a-z0-9]{6}.[a-z0-9]{16} - e.g. abcdef.0123456789abcdef
163
164
165       --token-ttl=24h0m0s      The duration before the token is automatically
166       deleted (e.g. 1s, 2m, 3h). If set to '0', the token will never expire
167
168
169       --upload-certs=false       Upload  control-plane  certificates  to  the
170       kubeadm-certs Secret.
171
172
173

OPTIONS INHERITED FROM PARENT COMMANDS

175       --azure-container-registry-config=""      Path to the  file  containing
176       Azure container registry configuration information.
177
178
179       --log-flush-frequency=5s       Maximum  number  of  seconds between log
180       flushes
181
182
183       --rootfs=""      [EXPERIMENTAL]  The  path  to  the  'real'  host  root
184       filesystem.
185
186
187       --version=false      Print version information and quit
188
189
190

SEE ALSO

192       kubeadm(1), kubeadm-init-phase(1),
193
194
195

HISTORY

197       January  2015,  Originally compiled by Eric Paris (eparis at redhat dot
198       com) based on the kubernetes source material, but hopefully  they  have
199       been automatically generated since!
200
201
202
203Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum