Weaveworks contractor Lucas Käldström recently published an article on the Kubernetes blog about the latest release of kubeadm v1.8. The SIG-cluster-lifecycle group has made continuous progress cementing kubeadm as the easiest Kubernetes installation method since its initial announcement in October 2016.
What’s new in the latest version of kubeadm?
Security and stability was the highest priority for kubeadm v1.6 and v1.7. This time for kubeadm v1.8, it was all about making it more extendable. There were a lot of new features and improvements added to this cycle, but one-command upgrades are the flashiest.
Users can now generate certificates and write control plane arguments to kubeadm. These updates, specifically including
kubeadm alpha phase command, is a part of the initiative to make kubeadm more modular, and usable by higher-level consumers that integrate parts of it into their system. You can now invoke sub-atomic bootstrap steps as well as doing everything with
Now, users can check to see if their system can handle an upgrade before implementing it. This will return information about the health of the cluster and the versions available for you to upgrade to. You can also specify a
--dry-run flag to see how an upgrade will affect your cluster. Once you decide you want to upgrade, you just need to type
kubeadm upgrade apply v1.8.0. It’s that simple. This is a much safer way of upgrading a cluster compared to in earlier kubeadm releases.
While self-hosting won’t be the default until v1.9, users are able to test this feature in experimental clusters. Self-hosting refers to setting up the control plane in a way that allows you to manage the control plane using Kubernetes primitives. High availability will be implemented in successive versions of kubeadm. The management of the control plane components will be much simpler as one can rely on Kubernetes resources like DaemonSets.
While the new features present in kubeadm v1.8 are important, Lucas’ biggest stress was on the scope of kubeadm as a whole.
SIG-cluster-lifecycle’s goal has always been to make kubeadm a building block for deploying Kubernetes clusters. There is a lot of fragmentation currently within the Kubernetes ecosystem because vast amount of end-to-end installers that do similar things slightly differently. Each new version of Kubernetes will make these installers more disparate, creating problems for users who rely on installer-specific hooks that are not standardized. The hope is that making kubeadm the basis of all Kubernetes deployments will make more conformant clusters a reality.
Kubeadm performs the actions necessary to get a minimum viable cluster up and running. It only cares about getting Kubernetes on a machine, not what type of machine or architecture it is. Provisioning machines or installing fancy add-ons is not and has not been in the scope for kubeadm.
The future of kubeadm
Already, v1.9 is coming up quickly. Users can expect certificate rotation to be figured out by March 2018 to align with Kubernetes’ planned upgrades. They have already made some improvements around certificate rotation together with SIG-Auth, but SIG-Cluster-Lifecycle continuously works towards the end goal of making all cluster credentials easily rotatable.
They also plan to address high availability (or multi-master) as an alpha feature in v1.9 as this has been a regular request from their user base.
Anyone can get involved
Like Kubernetes, kubeadm is a community project and anyone can get involved. It doesn’t matter what your skill level or experience is, there is a way for you to participate. As Lucas points out in his original post, kubeadm is a fantastic way to learn more about how Kubernetes works.
Those interested can also join the kubeadm adoption Working Group, an ongoing effort between SIG-Cluster-Lifecycle and other Special Interest Groups and projects around in the community.