Run this command in order to set up the Kubernetes control plane.
The init
command executes the following phases:
preflight Run master pre-flight checks
kubelet-start Writes kubelet settings and (re)starts the kubelet
certs Certificate generation
/ca Generates the self-signed Kubernetes CA to provision identities for other Kubernetes components
/apiserver Generates the certificate for serving the Kubernetes API
/apiserver-kubelet-client Generates the Client certificate for the API server to connect to kubelet
/front-proxy-ca Generates the self-signed CA to provision identities for front proxy
/front-proxy-client Generates the client for the front proxy
/etcd-ca Generates the self-signed CA to provision identities for etcd
/etcd-server Generates the certificate for serving etcd
/etcd-peer Generates the credentials for etcd nodes to communicate with each other
/etcd-healthcheck-client Generates the client certificate for liveness probes to healtcheck etcd
/apiserver-etcd-client Generates the client apiserver uses to access etcd
/sa Generates a private key for signing service account tokens along with its public key
kubeconfig Generates all kubeconfig files necessary to establish the control plane and the admin kubeconfig file
/admin Generates a kubeconfig file for the admin to use and for kubeadm itself
/kubelet Generates a kubeconfig file for the kubelet to use *only* for cluster bootstrapping purposes
/controller-manager Generates a kubeconfig file for the controller manager to use
/scheduler Generates a kubeconfig file for the scheduler to use
control-plane Generates all static Pod manifest files necessary to establish the control plane
/apiserver Generates the kube-apiserver static Pod manifest
/controller-manager Generates the kube-controller-manager static Pod manifest
/scheduler Generates the kube-scheduler static Pod manifest
etcd Generates static Pod manifest file for local etcd.
/local Generates the static Pod manifest file for a local, single-node local etcd instance.
upload-config Uploads the kubeadm and kubelet configuration to a ConfigMap
/kubeadm Uploads the kubeadm ClusterConfiguration to a ConfigMap
/kubelet Uploads the kubelet component config to a ConfigMap
mark-control-plane Mark a node as a control-plane
bootstrap-token Generates bootstrap tokens used to join a node to a cluster
addon Installs required addons for passing Conformance tests
/coredns Installs the CoreDNS addon to a Kubernetes cluster
/kube-proxy Installs the kube-proxy addon to a Kubernetes cluster
kubeadm init [flags]
--apiserver-advertise-address string | |
The IP address the API Server will advertise it's listening on. Specify '0.0.0.0' to use the address of the default network interface. | |
--apiserver-bind-port int32 Default: 6443 | |
Port for the API Server to bind to. | |
--apiserver-cert-extra-sans stringSlice | |
Optional extra Subject Alternative Names (SANs) to use for the API Server serving certificate. Can be both IP addresses and DNS names. | |
--cert-dir string Default: "/etc/kubernetes/pki" | |
The path where to save and store the certificates. | |
--config string | |
Path to kubeadm config file. WARNING: Usage of a configuration file is experimental. | |
--cri-socket string Default: "/var/run/dockershim.sock" | |
Specify the CRI socket to connect to. | |
--dry-run | |
Don't apply any changes; just output what would be done. | |
--feature-gates string | |
A set of key=value pairs that describe feature gates for various features. Options are: |
|
-h, --help | |
help for init | |
--ignore-preflight-errors stringSlice | |
A list of checks whose errors will be shown as warnings. Example: 'IsPrivilegedUser,Swap'. Value 'all' ignores errors from all checks. | |
--image-repository string Default: "k8s.gcr.io" | |
Choose a container registry to pull control plane images from | |
--kubernetes-version string Default: "stable-1" | |
Choose a specific Kubernetes version for the control plane. | |
--node-name string | |
Specify the node name. | |
--pod-network-cidr string | |
Specify range of IP addresses for the pod network. If set, the control plane will automatically allocate CIDRs for every node. | |
--service-cidr string Default: "10.96.0.0/12" | |
Use alternative range of IP address for service VIPs. | |
--service-dns-domain string Default: "cluster.local" | |
Use alternative domain for services, e.g. "myorg.internal". | |
--skip-phases stringSlice | |
List of phases to be skipped | |
--skip-token-print | |
Skip printing of the default bootstrap token generated by 'kubeadm init'. | |
--token string | |
The token to use for establishing bidirectional trust between nodes and masters. The format is [a-z0-9]{6}\.[a-z0-9]{16} - e.g. abcdef.0123456789abcdef | |
--token-ttl duration Default: 24h0m0s | |
The duration before the token is automatically deleted (e.g. 1s, 2m, 3h). If set to '0', the token will never expire |
--rootfs string | |
[EXPERIMENTAL] The path to the 'real' host root filesystem. |
Was this page helpful?
Thanks for the feedback. If you have a specific, answerable question about how to use Kubernetes, ask it on Stack Overflow. Open an issue in the GitHub repo if you want to report a problem or suggest an improvement.