Reference

Edit This Page

kubeadm join phase

In v1.14.0, kubeadm introduces the kubeadm join phase command with the aim of making kubeadm more modular. This modularity enables you to invoke atomic sub-steps of the join process. Hence, you can let kubeadm do some parts and fill in yourself where you need customizations.

kubeadm join phase is consistent with the kubeadm join workflow, and behind the scene both use the same code.

kubeadm join phase

use this command to invoke single phase of the join workflow

Synopsis

use this command to invoke single phase of the join workflow

Options

  -h, --help   help for phase

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

kubeadm join phase preflight

Using this phase you can execute preflight checks on a joining node.

Run join pre-flight checks

Synopsis

Run pre-flight checks for kubeadm join.

kubeadm join phase preflight [api-server-endpoint] [flags]

Examples

  # Run join pre-flight checks using a config file.
  kubeadm join phase preflight --config kubeadm-config.yml

Options

      --apiserver-advertise-address string            If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --apiserver-bind-port int32                     If the node should host a new control plane instance, the port for the API Server to bind to. (default 6443)
      --certificate-key string                        Use this key to decrypt the certificate secrets uploaded by init.
      --config string                                 Path to kubeadm config file.
      --cri-socket string                             Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
      --experimental-control-plane                    Create a new control plane instance on this node
  -h, --help                                          help for preflight
      --ignore-preflight-errors strings               A list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks.
      --node-name string                              Specify the node name.
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

kubeadm join phase control-plane-prepare

Using this phase you can prepare a node for serving a control-plane.

Prepares the machine for serving a control plane.

Synopsis

Prepares the machine for serving a control plane.

kubeadm join phase control-plane-prepare [flags]

Examples

  # Prepares the machine for serving a control plane
  kubeadm join phase control-plane-prepare all

Options

  -h, --help   help for control-plane-prepare

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Prepares the machine for serving a control plane.

Synopsis

Prepares the machine for serving a control plane.

kubeadm join phase control-plane-prepare all [api-server-endpoint] [flags]

Options

      --apiserver-advertise-address string            If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --apiserver-bind-port int32                     If the node should host a new control plane instance, the port for the API Server to bind to. (default 6443)
      --certificate-key string                        Use this key to decrypt the certificate secrets uploaded by init.
      --config string                                 Path to kubeadm config file.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
      --experimental-control-plane                    Create a new control plane instance on this node
  -h, --help                                          help for all
      --node-name string                              Specify the node name.
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

[EXPERIMENTAL] Downloads certificates shared among control-plane nodes from the kubeadm-certs Secret

Synopsis

[EXPERIMENTAL] Downloads certificates shared among control-plane nodes from the kubeadm-certs Secret

kubeadm join phase control-plane-prepare download-certs [api-server-endpoint] [flags]

Options

      --certificate-key string                        Use this key to decrypt the certificate secrets uploaded by init.
      --config string                                 Path to kubeadm config file.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
      --experimental-control-plane                    Create a new control plane instance on this node
  -h, --help                                          help for download-certs
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Generates the certificates for the new control plane components

Synopsis

Generates the certificates for the new control plane components

kubeadm join phase control-plane-prepare certs [api-server-endpoint] [flags]

Options

      --apiserver-advertise-address string            If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --config string                                 Path to kubeadm config file.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
      --experimental-control-plane                    Create a new control plane instance on this node
  -h, --help                                          help for certs
      --node-name string                              Specify the node name.
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Generates the kubeconfig for the new control plane components

Synopsis

Generates the kubeconfig for the new control plane components

kubeadm join phase control-plane-prepare kubeconfig [api-server-endpoint] [flags]

Options

      --certificate-key string                        Use this key to decrypt the certificate secrets uploaded by init.
      --config string                                 Path to kubeadm config file.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
      --experimental-control-plane                    Create a new control plane instance on this node
  -h, --help                                          help for kubeconfig
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Generates the manifests for the new control plane components

Synopsis

Generates the manifests for the new control plane components

kubeadm join phase control-plane-prepare control-plane [flags]

Options

      --apiserver-advertise-address string   If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --apiserver-bind-port int32            If the node should host a new control plane instance, the port for the API Server to bind to. (default 6443)
      --config string                        Path to kubeadm config file.
      --experimental-control-plane           Create a new control plane instance on this node
  -h, --help                                 help for control-plane

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

kubeadm join phase kubelet-start

Using this phase you can write the kubelet settings, certificates and (re)start the kubelet.

Writes kubelet settings, certificates and (re)starts the kubelet

Synopsis

Writes a file with KubeletConfiguration and an environment file with node specific kubelet settings, and then (re)starts kubelet.

kubeadm join phase kubelet-start [api-server-endpoint] [flags]

Options

      --config string                                 Path to kubeadm config file.
      --cri-socket string                             Path to the CRI socket to connect. If empty kubeadm will try to auto-detect this value; use this option only if you have more than one CRI installed or if you have non-standard CRI socket.
      --discovery-file string                         For file-based discovery, a file or URL from which to load cluster information.
      --discovery-token string                        For token-based discovery, the token used to validate cluster information fetched from the API server.
      --discovery-token-ca-cert-hash strings          For token-based discovery, validate that the root CA public key matches this hash (format: "<type>:<value>").
      --discovery-token-unsafe-skip-ca-verification   For token-based discovery, allow joining without --discovery-token-ca-cert-hash pinning.
  -h, --help                                          help for kubelet-start
      --node-name string                              Specify the node name.
      --tls-bootstrap-token string                    Specify the token used to temporarily authenticate with the Kubernetes Control Plane while joining the node.
      --token string                                  Use this token for both discovery-token and tls-bootstrap-token when those values are not provided.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

kubeadm join phase control-plane-join

Using this phase you can join a node as a control-plane instance.

Joins a machine as a control plane instance

Synopsis

Joins a machine as a control plane instance

kubeadm join phase control-plane-join [flags]

Examples

  # Joins a machine as a control plane instance
  kubeadm join phase control-plane-join all

Options

  -h, --help   help for control-plane-join

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Joins a machine as a control plane instance

Synopsis

Joins a machine as a control plane instance

kubeadm join phase control-plane-join all [flags]

Options

      --apiserver-advertise-address string   If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --config string                        Path to kubeadm config file.
      --experimental-control-plane           Create a new control plane instance on this node
  -h, --help                                 help for all
      --node-name string                     Specify the node name.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Add a new local etcd member

Synopsis

Add a new local etcd member

kubeadm join phase control-plane-join etcd [flags]

Options

      --apiserver-advertise-address string   If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --config string                        Path to kubeadm config file.
      --experimental-control-plane           Create a new control plane instance on this node
  -h, --help                                 help for etcd
      --node-name string                     Specify the node name.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Register the new control-plane node into the ClusterStatus maintained in the kubeadm-config ConfigMap

Synopsis

Register the new control-plane node into the ClusterStatus maintained in the kubeadm-config ConfigMap

kubeadm join phase control-plane-join update-status [flags]

Options

      --apiserver-advertise-address string   If the node should host a new control plane instance, the IP address the API Server will advertise it's listening on. If not set the default network interface will be used.
      --config string                        Path to kubeadm config file.
      --experimental-control-plane           Create a new control plane instance on this node
  -h, --help                                 help for update-status
      --node-name string                     Specify the node name.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

Mark a node as a control-plane

Synopsis

Mark a node as a control-plane

kubeadm join phase control-plane-join mark-control-plane [flags]

Options

      --config string                Path to kubeadm config file.
      --experimental-control-plane   Create a new control plane instance on this node
  -h, --help                         help for mark-control-plane
      --node-name string             Specify the node name.

Options inherited from parent commands

      --rootfs string   [EXPERIMENTAL] The path to the 'real' host root filesystem.

What’s next

Feedback