Improve Kubeadm reference doc

_data/reference.yml

@@ -70,7 +70,17 @@ toc:
 
 - title: Setup Tools
   section:
-  - docs/reference/generated/kubeadm.md
+  - title: Kubeadm
+    section:
+    - docs/reference/setup-tools/kubeadm/kubeadm.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-init.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-join.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-upgrade.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-config.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-reset.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-token.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-version.md
+    - docs/reference/setup-tools/kubeadm/kubeadm-alpha.md
   - title: Kubefed
     section:
     - docs/reference/generated/kubefed.md

docs/reference/setup-tools/kubeadm/generated/README.md

@@ -0,0 +1 @@
+All files in this directory are auto-generated from other repos. **Do not edit them manually. You must edit them in their upstream repo.**

docs/reference/setup-tools/kubeadm/generated/kubeadm.md

@@ -0,0 +1,39 @@
+
+kubeadm: easily bootstrap a secure Kubernetes cluster
+
+### Synopsis
+
+
+
+kubeadm: easily bootstrap a secure Kubernetes cluster.
+
+    ┌──────────────────────────────────────────────────────────┐
+    │ KUBEADM IS CURRENTLY IN BETA                             │
+    │                                                          │
+    │ But please, try it out and give us feedback at:          │
+    │ https://github.com/kubernetes/kubeadm/issues             │
+    │ and at-mention @kubernetes/sig-cluster-lifecycle-bugs    │
+    │ or @kubernetes/sig-cluster-lifecycle-feature-requests    │
+    └──────────────────────────────────────────────────────────┘
+
+Example usage:
+
+    Create a two-machine cluster with one master (which controls the cluster),
+    and one node (where your workloads, like Pods and Deployments run).
+
+    ┌──────────────────────────────────────────────────────────┐
+    │ On the first machine:                                    │
+    ├──────────────────────────────────────────────────────────┤
+    │ master# kubeadm init                                     │
+    └──────────────────────────────────────────────────────────┘
+
+    ┌──────────────────────────────────────────────────────────┐
+    │ On the second machine:                                   │
+    ├──────────────────────────────────────────────────────────┤
+    │ node# kubeadm join <arguments-returned-from-init>        │
+    └──────────────────────────────────────────────────────────┘
+
+    You can then repeat the second step on as many other machines as you like.
+
+
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha.md

@@ -0,0 +1,8 @@
+
+Experimental sub-commands not yet fully functional.
+
+### Synopsis
+
+
+Experimental sub-commands not yet fully functional.
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase.md

@@ -0,0 +1,8 @@
+
+Invoke subsets of kubeadm functions separately for a manual install.
+
+### Synopsis
+
+
+This command is not meant to be run on its own. See list of available subcommands.
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_addon.md

@@ -0,0 +1,8 @@
+
+Installs required addons for passing Conformance tests
+
+### Synopsis
+
+
+This command is not meant to be run on its own. See list of available subcommands.
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_addon_all.md

@@ -0,0 +1,45 @@
+
+Installs all addons to a Kubernetes cluster
+
+### Synopsis
+
+
+Installs the kube-dns and the kube-proxys addons components via the API server.
+Please note that although the DNS server is deployed, it will not be scheduled until CNI is installed. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase addon all
+```
+
+### Examples
+
+```
+  # Installs the kube-dns and the kube-proxys addons components via the API server,
+  # functionally equivalent to what installed by kubeadm init.
+
+  kubeadm alpha phase selfhosting from-staticpods
+```
+
+### Options
+
+```
+      --apiserver-advertise-address string   The IP address or DNS name the API server is accessible on
+      --apiserver-bind-port int32            The port the API server is accessible on (default 6443)
+      --config string                        Path to a kubeadm config file. WARNING: Usage of a configuration file is experimental!
+      --feature-gates string                 A set of key=value pairs that describe feature gates for various features.Options are:
+CoreDNS=true|false (ALPHA - default=false)
+DynamicKubeletConfig=true|false (ALPHA - default=false)
+HighAvailability=true|false (ALPHA - default=false)
+SelfHosting=true|false (BETA - default=false)
+StoreCertsInSecrets=true|false (ALPHA - default=false)
+SupportIPVSProxyMode=true|false (ALPHA - default=false)
+      --image-repository string              Choose a container registry to pull control plane images from (default "gcr.io/google_containers")
+      --kubeconfig string                    The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+      --kubernetes-version string            Choose a specific Kubernetes version for the control plane (default "stable-1.8")
+      --pod-network-cidr string              The range of IP addresses used for the Pod network
+      --service-cidr string                  The range of IP address used for service VIPs (default "10.96.0.0/12")
+      --service-dns-domain string            Alternative domain for services (default "cluster.local")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_addon_kube-dns.md

@@ -0,0 +1,33 @@
+
+Installs the kube-dns addon to a Kubernetes cluster
+
+### Synopsis
+
+
+Installs the kube-dns addon components via the API server.
+Please note that although the DNS server is deployed, it will not be scheduled until CNI is installed. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase addon kube-dns
+```
+
+### Options
+
+```
+      --config string               Path to a kubeadm config file. WARNING: Usage of a configuration file is experimental!
+      --feature-gates string        A set of key=value pairs that describe feature gates for various features.Options are:
+CoreDNS=true|false (ALPHA - default=false)
+DynamicKubeletConfig=true|false (ALPHA - default=false)
+HighAvailability=true|false (ALPHA - default=false)
+SelfHosting=true|false (BETA - default=false)
+StoreCertsInSecrets=true|false (ALPHA - default=false)
+SupportIPVSProxyMode=true|false (ALPHA - default=false)
+      --image-repository string     Choose a container registry to pull control plane images from (default "gcr.io/google_containers")
+      --kubeconfig string           The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+      --kubernetes-version string   Choose a specific Kubernetes version for the control plane (default "stable-1.8")
+      --service-cidr string         The range of IP address used for service VIPs (default "10.96.0.0/12")
+      --service-dns-domain string   Alternative domain for services (default "cluster.local")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_addon_kube-proxy.md

@@ -0,0 +1,26 @@
+
+Installs the kube-proxy addon to a Kubernetes cluster
+
+### Synopsis
+
+
+Installs the kube-proxy addon components via the API server. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase addon kube-proxy
+```
+
+### Options
+
+```
+      --apiserver-advertise-address string   The IP address or DNS name the API server is accessible on
+      --apiserver-bind-port int32            The port the API server is accessible on (default 6443)
+      --config string                        Path to a kubeadm config file. WARNING: Usage of a configuration file is experimental!
+      --image-repository string              Choose a container registry to pull control plane images from (default "gcr.io/google_containers")
+      --kubeconfig string                    The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+      --kubernetes-version string            Choose a specific Kubernetes version for the control plane (default "stable-1.8")
+      --pod-network-cidr string              The range of IP addresses used for the Pod network
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token.md

@@ -0,0 +1,14 @@
+
+Manage kubeadm-specific bootstrap token functions
+
+### Synopsis
+
+
+This command is not meant to be run on its own. See list of available subcommands.
+
+### Options
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_all.md

@@ -0,0 +1,43 @@
+
+Makes all the bootstrap token configurations and creates an initial token
+
+### Synopsis
+
+
+Bootstrap tokens are used for establishing bidirectional trust between a node joining the cluster and a the master node. 
+
+This command makes all the configurations required to make bootstrap tokens works and then creates an initial token. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase bootstrap-token all
+```
+
+### Examples
+
+```
+  # Makes all the bootstrap token configurations and creates an initial token, functionally
+  # equivalent to what generated by kubeadm init.
+  kubeadm alpha phase bootstrap-token all
+```
+
+### Options
+
+```
+      --cert-dir string      The path where certificates are stored (default "/etc/kubernetes/pki")
+      --config string        Path to kubeadm config file (WARNING: Usage of a configuration file is experimental)
+      --description string   A human friendly description of how this token is used. (default "The default bootstrap token generated by 'kubeadm init'.")
+      --groups stringSlice   Extra groups that this token will authenticate as when used for authentication. Must match "system:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]" (default [system:bootstrappers:kubeadm:default-node-token])
+      --skip-token-print     Skip printing of the bootstrap token
+      --token string         The token to use for establishing bidirectional trust between nodes and masters
+      --ttl duration         The duration before the token is automatically deleted (e.g. 1s, 2m, 3h). If set to '0', the token will never expire (default 24h0m0s)
+      --usages stringSlice   Describes the ways in which this token can be used. You can pass --usages multiple times or provide a comma separated list of options. Valid options: [signing,authentication] (default [signing,authentication])
+```
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_cluster-info.md

@@ -0,0 +1,22 @@
+
+Uploads the cluster-info ConfigMap from the given kubeconfig file
+
+### Synopsis
+
+
+Uploads the "cluster-info" ConfigMap in the "kube-public" namespace, populating it with cluster information extracted from the given kubeconfig file. The ConfigMap is used for the node bootstrap process in its initial phases, before the client trusts the API server. 
+
+See online documentation about Authenticating with Bootstrap Tokens for more details. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase bootstrap-token cluster-info
+```
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_create.md

@@ -0,0 +1,35 @@
+
+Creates a bootstrap token to be used for node joining
+
+### Synopsis
+
+
+Creates a bootstrap token. If no token value is given, kubeadm will generate a random token instead. 
+
+Alternatively, you can use kubeadm token. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase bootstrap-token create
+```
+
+### Options
+
+```
+      --cert-dir string      The path where certificates are stored (default "/etc/kubernetes/pki")
+      --config string        Path to kubeadm config file (WARNING: Usage of a configuration file is experimental)
+      --description string   A human friendly description of how this token is used. (default "The default bootstrap token generated by 'kubeadm init'.")
+      --groups stringSlice   Extra groups that this token will authenticate as when used for authentication. Must match "system:bootstrappers:[a-z0-9:-]{0,255}[a-z0-9]" (default [system:bootstrappers:kubeadm:default-node-token])
+      --skip-token-print     Skip printing of the bootstrap token
+      --token string         The token to use for establishing bidirectional trust between nodes and masters
+      --ttl duration         The duration before the token is automatically deleted (e.g. 1s, 2m, 3h). If set to '0', the token will never expire (default 24h0m0s)
+      --usages stringSlice   Describes the ways in which this token can be used. You can pass --usages multiple times or provide a comma separated list of options. Valid options: [signing,authentication] (default [signing,authentication])
+```
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_node.md

@@ -0,0 +1,14 @@
+
+Configures the node bootstrap process
+
+### Synopsis
+
+
+This command is not meant to be run on its own. See list of available subcommands.
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_node_allow-auto-approve.md

@@ -0,0 +1,22 @@
+
+Configures RBAC rules to allow the csrapprover controller automatically approve CSRs from a node bootstrap token
+
+### Synopsis
+
+
+Configures RBAC rules to allow the csrapprover controller to automatically approve certificate signing requests generated by nodes joining the cluster. It configures also RBAC rules for certificates rotation (with auto approval of new certificates). 
+
+See online documentation about TLS bootstrapping for more details. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase bootstrap-token node allow-auto-approve
+```
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_bootstrap-token_node_allow-post-csrs.md

@@ -0,0 +1,22 @@
+
+Configures RBAC to allow node bootstrap tokens to post CSRs in order for nodes to get long term certificate credentials
+
+### Synopsis
+
+
+Configures RBAC rules to allow node bootstrap tokens to post a certificate signing request, thus enabling nodes joining the cluster to request long term certificate credentials. 
+
+See online documentation about TLS bootstrapping for more details. 
+
+Alpha Disclaimer: this command is currently alpha.
+
+```
+kubeadm alpha phase bootstrap-token node allow-post-csrs
+```
+
+### Options inherited from parent commands
+
+```
+      --kubeconfig string   The KubeConfig file to use when talking to the cluster (default "/etc/kubernetes/admin.conf")
+```
+

docs/reference/setup-tools/kubeadm/generated/kubeadm_alpha_phase_certs.md

@@ -0,0 +1,8 @@
+
+Generates certificates for a Kubernetes cluster
+
+### Synopsis
+
+
+This command is not meant to be run on its own. See list of available subcommands.
+