1KUBERNETES(1)(kubernetes)                            KUBERNETES(1)(kubernetes)
2
3
4
5Eric Paris Jan 2015
6
7

NAME

9       kubeadm  init - Run this command in order to set up the Kubernetes con‐
10       trol plane
11
12
13

SYNOPSIS

15       kubeadm init [OPTIONS]
16
17
18

DESCRIPTION

20       Run this command in order to set up the Kubernetes control plane
21
22
23       The "init" command executes the following phases:
24
25
26              preflight                    Run pre-flight checks
27              certs                        Certificate generation
28                /ca                          Generate the self-signed Kubernetes CA to provision identities for other Kubernetes components
29                /apiserver                   Generate the certificate for serving the Kubernetes API
30                /apiserver-kubelet-client    Generate the certificate for the API server to connect to kubelet
31                /front-proxy-ca              Generate the self-signed CA to provision identities for front proxy
32                /front-proxy-client          Generate the certificate for the front proxy client
33                /etcd-ca                     Generate the self-signed CA to provision identities for etcd
34                /etcd-server                 Generate the certificate for serving etcd
35                /etcd-peer                   Generate the certificate for etcd nodes to communicate with each other
36                /etcd-healthcheck-client     Generate the certificate for liveness probes to healthcheck etcd
37                /apiserver-etcd-client       Generate the certificate the apiserver uses to access etcd
38                /sa                          Generate a private key for signing service account tokens along with its public key
39              kubeconfig                   Generate all kubeconfig files necessary to establish the control plane and the admin kubeconfig file
40                /admin                       Generate a kubeconfig file for the admin to use and for kubeadm itself
41                /kubelet                     Generate a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes
42                /controller-manager          Generate a kubeconfig file for the controller manager to use
43                /scheduler                   Generate a kubeconfig file for the scheduler to use
44              kubelet-start                Write kubelet settings and (re)start the kubelet
45              control-plane                Generate all static Pod manifest files necessary to establish the control plane
46                /apiserver                   Generates the kube-apiserver static Pod manifest
47                /controller-manager          Generates the kube-controller-manager static Pod manifest
48                /scheduler                   Generates the kube-scheduler static Pod manifest
49              etcd                         Generate static Pod manifest file for local etcd
50                /local                       Generate the static Pod manifest file for a local, single-node local etcd instance
51              upload-config                Upload the kubeadm and kubelet configuration to a ConfigMap
52                /kubeadm                     Upload the kubeadm ClusterConfiguration to a ConfigMap
53                /kubelet                     Upload the kubelet component config to a ConfigMap
54              upload-certs                 Upload certificates to kubeadm-certs
55              mark-control-plane           Mark a node as a control-plane
56              bootstrap-token              Generates bootstrap tokens used to join a node to a cluster
57              kubelet-finalize             Updates settings relevant to the kubelet after TLS bootstrap
58                /experimental-cert-rotation  Enable kubelet client certificate rotation
59              addon                        Install required addons for passing conformance tests
60                /coredns                     Install the CoreDNS addon to a Kubernetes cluster
61                /kube-proxy                  Install the kube-proxy addon to a Kubernetes cluster
62
63
64
65

OPTIONS

67       --apiserver-advertise-address=""      The IP  address  the  API  Server
68       will advertise it's listening on. If not set the default network inter‐
69       face will be used.
70
71
72       --apiserver-bind-port=6443      Port for the API Server to bind to.
73
74
75       --apiserver-cert-extra-sans=[]      Optional extra Subject  Alternative
76       Names (SANs) to use for the API Server serving certificate. Can be both
77       IP addresses and DNS names.
78
79
80       --cert-dir="/etc/kubernetes/pki"      The path where to save and  store
81       the certificates.
82
83
84       --certificate-key=""       Key  used  to encrypt the control-plane cer‐
85       tificates in the kubeadm-certs Secret.
86
87
88       --config=""      Path to a kubeadm configuration file.
89
90
91       --control-plane-endpoint=""      Specify a stable  IP  address  or  DNS
92       name for the control plane.
93
94
95       --cri-socket=""       Path  to  the  CRI  socket  to  connect. If empty
96       kubeadm will try to auto-detect this value; use this option only if you
97       have  more  than  one  CRI  installed  or  if you have non-standard CRI
98       socket.
99
100
101       --dry-run=false      Don't apply any changes; just output what would be
102       done.
103
104
105       --feature-gates=""       A set of key=value pairs that describe feature
106       gates for various  features.  Options  are:  PublicKeysECDSA=true|false
107       (ALPHA  -  default=false)  RootlessControlPlane=true|false (ALPHA - de‐
108       fault=false) UnversionedKubeletConfigMap=true|false (default=true)
109
110
111       --ignore-preflight-errors=[]      A list of checks whose errors will be
112       shown  as  warnings.  Example: 'IsPrivilegedUser,Swap'. Value 'all' ig‐
113       nores errors from all checks.
114
115
116       --image-repository="registry.k8s.io"      Choose a  container  registry
117       to pull control plane images from
118
119
120       --kubernetes-version="stable-1"       Choose a specific Kubernetes ver‐
121       sion for the control plane.
122
123
124       --node-name=""      Specify the node name.
125
126
127       --patches=""      Path to a directory that contains files  named  "tar‐
128       get[suffix][+patchtype].extension".     For     example,    "kube-apis‐
129       erver0+merge.yaml" or just "etcd.json". "target" can be one  of  "kube-
130       apiserver",    "kube-controller-manager",   "kube-scheduler",   "etcd",
131       "kubeletconfiguration". "patchtype" can be one of "strategic",  "merge"
132       or  "json"  and  they match the patch formats supported by kubectl. The
133       default "patchtype" is "strategic". "extension" must be  either  "json"
134       or "yaml". "suffix" is an optional string that can be used to determine
135       which patches are applied first alpha-numerically.
136
137
138       --pod-network-cidr=""      Specify range of IP addresses  for  the  pod
139       network.  If  set,  the control plane will automatically allocate CIDRs
140       for every node.
141
142
143       --service-cidr="10.96.0.0/12"      Use alternative range of IP  address
144       for service VIPs.
145
146
147       --service-dns-domain="cluster.local"       Use  alternative  domain for
148       services, e.g. "myorg.internal".
149
150
151       --skip-certificate-key-print=false      Don't print the key used to en‐
152       crypt the control-plane certificates.
153
154
155       --skip-phases=[]      List of phases to be skipped
156
157
158       --skip-token-print=false       Skip  printing  of the default bootstrap
159       token generated by 'kubeadm init'.
160
161
162       --token=""      The token to use for establishing  bidirectional  trust
163       between  nodes  and  control-plane nodes. The format is [a-z0-9]{6}.[a-
164       z0-9]{16} - e.g. abcdef.0123456789abcdef
165
166
167       --token-ttl=24h0m0s      The duration before the token is automatically
168       deleted (e.g. 1s, 2m, 3h). If set to '0', the token will never expire
169
170
171       --upload-certs=false       Upload  control-plane  certificates  to  the
172       kubeadm-certs Secret.
173
174
175

OPTIONS INHERITED FROM PARENT COMMANDS

177       --azure-container-registry-config=""      Path to the  file  containing
178       Azure container registry configuration information.
179
180
181       --rootfs=""       [EXPERIMENTAL]  The  path  to  the  'real'  host root
182       filesystem.
183
184
185       --version=false      Print version information and quit
186
187
188

SEE ALSO

190       kubeadm(1), kubeadm-init-phase(1),
191
192
193

HISTORY

195       January 2015, Originally compiled by Eric Paris (eparis at  redhat  dot
196       com)  based  on the kubernetes source material, but hopefully they have
197       been automatically generated since!
198
199
200
201Manuals                              User            KUBERNETES(1)(kubernetes)
Impressum