0abcd5d51b
Automatic merge from submit-queue (batch tested with PRs 42053, 41282, 42056, 41663, 40927) Update kubeadm token to work as expected **What this PR does / why we need it**: Follows up: https://github.com/kubernetes/kubernetes/pull/41509 Updates `kubeadm token` to work as discussed in https://docs.google.com/document/d/1deJYPIF4LmhGjDVaqrswErIrV7mtwJgovtLnPCDxP7U/edit# Promotes the command from the `ex` subcommand which now is named `alpha` for clarity. (This will later become `kubeadm alpha phase`) **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes # **Special notes for your reviewer**: Example UX: ```console sudo ./kubeadm token --help This command will manage Bootstrap Token for you. Please note this usage of this command is optional, and mostly for advanced users. In short, Bootstrap Tokens are used for establishing bidirectional trust between a client and a server. A Bootstrap Token can be used when a client (for example a node that's about to join the cluster) needs to trust the server it is talking to. Then a Bootstrap Token with the "signing" usage can be used. Bootstrap Tokens can also function as a way to allow short-lived authentication to the API Server (the token serves as a way for the API Server to trust the client), for example for doing the TLS Bootstrap. What is a Bootstrap Token more exactly? - It is a Secret in the kube-system namespace of type "bootstrap.kubernetes.io/token". - A Bootstrap Token must be of the form "[a-z0-9]{6}.[a-z0-9]{16}"; the former part is the public Token ID, and the latter is the Token Secret, which must be kept private at all circumstances. - The name of the Secret must be named "bootstrap-token-(token-id)". You can read more about Bootstrap Tokens in this proposal: https://github.com/kubernetes/community/blob/master/contributors/design-proposals/bootstrap-discovery.md Usage: kubeadm token [flags] kubeadm token [command] Available Commands: create Create bootstrap tokens on the server. delete Delete bootstrap tokens on the server. generate Generate and print a bootstrap token, but do not create it on the server. list List bootstrap tokens on the server. Flags: --kubeconfig string The KubeConfig file to use for talking to the cluster (default "/etc/kubernetes/admin.conf") Use "kubeadm token [command] --help" for more information about a command. lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token list TOKEN TTL EXPIRES USAGES DESCRIPTION 70c388.41a07b703aa4bedf <forever> <never> authentication,signing The default bootstrap token generated by 'kubeadm init'. lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token create c57e6a.abb75fa1debe555f lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token list TOKEN TTL EXPIRES USAGES DESCRIPTION 70c388.41a07b703aa4bedf <forever> <never> authentication,signing The default bootstrap token generated by 'kubeadm init'. c57e6a.abb75fa1debe555f <forever> <never> authentication,signing <none> lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token create s token ["s"] was not of form ["^([a-z0-9]{6})\\.([a-z0-9]{16})$"] lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token create c57e6a.abb75fa1debe555f a token with id "c57e6a" already exists lucas@THENINJA:~/luxas/kubernetes$ sudo ./kubeadm token delete c57e6a.abb75fa1debe555f bootstrap token with id "c57e6a" deleted ``` **Release note**: ```release-note NONE ``` @dmmcquay @jbeda @mikedanese @errordeveloper @pires |
||
|---|---|---|
| .github | ||
| api | ||
| build | ||
| cluster | ||
| cmd | ||
| docs | ||
| examples | ||
| federation | ||
| Godeps | ||
| hack | ||
| hooks | ||
| logo | ||
| pkg | ||
| plugin | ||
| staging | ||
| test | ||
| third_party | ||
| translations | ||
| vendor | ||
| .bazelrc | ||
| .gazelcfg.json | ||
| .generated_files | ||
| .gitattributes | ||
| .gitignore | ||
| BUILD.bazel | ||
| CHANGELOG.md | ||
| code-of-conduct.md | ||
| CONTRIBUTING.md | ||
| labels.yaml | ||
| LICENSE | ||
| Makefile | ||
| Makefile.generated_files | ||
| OWNERS | ||
| OWNERS_ALIASES | ||
| README.md | ||
| Vagrantfile | ||
| WORKSPACE | ||
Kubernetes
Introduction
Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications. Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF).
Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.
Are you ...
- Interested in learning more about using Kubernetes?
- See our documentation on kubernetes.io.
- Try our interactive tutorial.
- Take a free course on Scalable Microservices with Kubernetes.
- Interested in developing the core Kubernetes code base, developing tools using the Kubernetes API or helping in anyway possible? Keep reading!
Code of Conduct
The Kubernetes community abides by the CNCF code of conduct. Here is an excerpt:
As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.
Community
Do you want to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented?. If you are a company, you should consider joining the CNCF. For details about who's involved in CNCF and how Kubernetes plays a role, read the announcement. For general information about our community, see the website community page.
- Join us on social media (Twitter, Google+) and read our blog.
- Ask questions and help answer them on Slack or Stack Overflow.
- Attend our key events (kubecon, cloudnativecon, weekly community meeting).
- Join a Special Interest Group (SIG).
Contribute
If you're interested in being a contributor and want to get involved in developing Kubernetes, get started with this reading:
- The community expectations
- The contributor guidelines
- The Kubernetes Developer Guide
You will then most certainly gain a lot from joining a SIG, attending the regular hangouts as well as the community meeting.
If you have an idea for a new feature, see the Kubernetes Features repository for a list of features that are coming in new releases as well as details on how to propose one.
Building Kubernetes for the impatient
If you want to build Kubernetes right away there are two options:
- You have a working Go environment.
$ go get -d k8s.io/kubernetes
$ cd $GOPATH/src/k8s.io/kubernetes
$ make
- You have a working Docker environment.
$ git clone https://github.com/kubernetes/kubernetes
$ cd kubernetes
$ make quick-release
If you are less impatient, head over to the developer's documentation.
Support
While there are many different channels that you can use to get hold of us (Slack, Stack Overflow, Issues, Forums/Mailing lists), you can help make sure that we are efficient in getting you the help that you need.
If you need support, start with the troubleshooting guide and work your way through the process that we've outlined.
That said, if you have questions, reach out to us one way or another. We don't bite!