diff --git a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md index 6fbe04549d777..22aac3fdea100 100644 --- a/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md +++ b/content/en/docs/setup/production-environment/tools/kubeadm/install-kubeadm.md @@ -147,6 +147,58 @@ For more information on version skews, see: {{< tabs name="k8s_install" >}} {{% tab name="Debian-based distributions" %}} +{{< warning >}} +Kubernetes has two different package repositories starting from August 2023. +The Google-hosted repository is considered deprecated and we will stop +publishing packages to that repository starting with Kubernetes 1.30. +The community-hosted repositories are replacement for the Google-hosted +repository. There are some important considerations for the community-hosted +repositories: + +- We strongly recommend using the community-hosted repositories especially for + all new setups. For existing setups, manual migration outlined in the + document linked below is required. +- The community-hosted repositories contains only packages starting from + Kubernetes 1.24.0. +- We have a different repository for each Kubernetes minor release. + Please take this into consideration when upgrading to a new minor release. + +For more details about community-hosted repositories, we strongly recommend +checking out the following document: TBD +{{< /warning >}} + +### Community-hosted repositories + +1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository: + + ```shell + sudo apt-get update + sudo apt-get install -y apt-transport-https ca-certificates curl + ``` + +2. Download the public signing key for community repositories. The same signing key is used for all repositories so you can disregard the version in URL: + + ```shell + curl -fsSL https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg > /dev/null + ``` + +3. Add the appropriate Kubernetes `apt` repository. If you're using Kubernetes version different than {{< param "version" >}}, + replace {{< param "version" >}} with the desired minor version in commands below: + + ```shell + echo 'deb https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list + ``` + +4. Update `apt` package index, install kubelet, kubeadm and kubectl, and pin their version: + + ```shell + sudo apt-get update + sudo apt-get install -y kubelet kubeadm kubectl + sudo apt-mark hold kubelet kubeadm kubectl + ``` + +### Google-hosted repository (Deprecated) + 1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository: ```shell @@ -180,7 +232,76 @@ You can create this directory if you need to, making it world-readable but write {{% /tab %}} {{% tab name="Red Hat-based distributions" %}} -```bash + +{{< warning >}} +Kubernetes has two different package repositories starting from August 2023. +The Google-hosted repository is considered deprecated and we will stop +publishing packages to that repository starting with Kubernetes 1.30. +The community-hosted repositories are replacement for the Google-hosted +repository. There are some important considerations for the community-hosted +repositories: + +- We strongly recommend using the community-hosted repositories especially for + all new setups. For existing setups, manual migration outlined in the + document linked below is required. +- The community-hosted repositories contains only packages starting from + Kubernetes 1.24.0. +- We have a different repository for each Kubernetes minor release. + Please take this into consideration when upgrading to a new minor release. + +For more details about community-hosted repositories, we strongly recommend +checking out the following document: TBD +{{< /warning >}} + +### Prerequisites + +These prerequisites must be satisfied regardless if you're using +community-hosted or Google-hosted repositories. + +1. Set SELinux in the permissive mode: + +```shell +# Set SELinux in permissive mode (effectively disabling it) +sudo setenforce 0 +sudo sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config +``` + + **Notes:** + + - Setting SELinux in permissive mode by running `setenforce 0` and `sed ...` effectively disables it. + This is required to allow containers to access the host filesystem, which is needed by pod networks for example. + You have to do this until SELinux support is improved in the kubelet. + + - You can leave SELinux enabled if you know how to configure it but it may require settings that are not supported by kubeadm. + +### Community-hosted repositories + +2. Add the Kubernetes `yum` repository. If you're using Kubernetes version different than {{< param "version" >}}, replace {{< param "version" >}} with the desired minor version in command below: + +```shell +cat <}}/rpm/ +enabled=1 +gpgcheck=1 +gpgkey=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/repodata/repomd.xml.key +exclude=kubelet kubeadm kubectl +EOF +``` + +3. Install kubelet, kubeadm and kubectl, and enable kubelet to ensure it's automatically started on startup: + +```shell +sudo yum install -y kubelet kubeadm kubectl --disableexcludes=kubernetes +sudo systemctl enable --now kubelet +``` + +### Google-hosted repository (Deprecated) + +2. Add the Kubernetes `yum` repository: + +```shell cat <}} {{% tab name="Debian-based distributions" %}} +{{< warning >}} +Kubernetes has two different package repositories starting from August 2023. +The Google-hosted repository is considered deprecated and we will stop +publishing packages to that repository starting with Kubernetes 1.30. +The community-hosted repositories are replacement for the Google-hosted +repository. There are some important considerations for the community-hosted +repositories: + +- We strongly recommend using the community-hosted repositories especially for + all new setups. For existing setups, manual migration outlined in the + document linked below is required. +- The community-hosted repositories contains only packages starting from + Kubernetes 1.24.0. +- We have a different repository for each Kubernetes minor release. + Please take this into consideration when upgrading to a new minor release. + +For more details about community-hosted repositories, we strongly recommend +checking out the following document: TBD +{{< /warning >}} + +### Community-hosted repositories + +1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository: + + ```shell + sudo apt-get update + sudo apt-get install -y apt-transport-https ca-certificates curl + ``` + +2. Download the public signing key for community repositories. The same signing key is used for all repositories so you can disregard the version in URL: + + ```shell + curl -fsSL https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/kubernetes-apt-keyring.gpg > /dev/null + ``` + +3. Add the appropriate Kubernetes `apt` repository. If you're using Kubernetes version different than {{< param "version" >}}, + replace {{< param "version" >}} with the desired minor version in commands below: + + ```shell + echo 'deb https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list + ``` + +4. Update `apt` package index with the new repository and install kubectl: + + ```shell + sudo apt-get update + sudo apt-get install -y kubelet kubeadm kubectl + sudo apt-mark hold kubelet kubeadm kubectl + ``` + +### Google-hosted repository (Deprecated) + 1. Update the `apt` package index and install packages needed to use the Kubernetes `apt` repository: ```shell @@ -181,6 +244,54 @@ You can create this directory if you need to, making it world-readable but write {{% /tab %}} {{% tab name="Red Hat-based distributions" %}} + +{{< warning >}} +Kubernetes has two different package repositories starting from August 2023. +The Google-hosted repository is considered deprecated and we will stop +publishing packages to that repository starting with Kubernetes 1.30. +The community-hosted repositories are replacement for the Google-hosted +repository. There are some important considerations for the community-hosted +repositories: + +- We strongly recommend using the community-hosted repositories especially for + all new setups. For existing setups, manual migration outlined in the + document linked below is required. +- The community-hosted repositories contains only packages starting from + Kubernetes 1.24.0. +- We have a different repository for each Kubernetes minor release. + Please take this into consideration when upgrading to a new minor release. + +For more details about community-hosted repositories, we strongly recommend +checking out the following document: TBD +{{< /warning >}} + +### Community-hosted repositories + +1. Add the Kubernetes `yum` repository. If you're using Kubernetes version different than {{< param "version" >}}, + replace {{< param "version" >}} with the desired minor version in command below: + +```bash +cat <}}/rpm/ +enabled=1 +gpgcheck=1 +gpgkey=https://pkgs.k8s.io/core:/stable:/{{< param "version" >}}/rpm/repodata/repomd.xml.key +exclude=kubelet kubeadm kubectl +EOF +``` + +2. Install kubectl using `yum`: + +```bash +sudo yum install -y kubectl +``` + +### Google-hosted repository (Deprecated) + +1. Add the Kubernetes `yum` repository: + ```bash cat <