kubeadm: add task pages for adding Linux and Windows worker nodes

[neolit123]

Description

Adjust the "create a kubeadm cluster" page to link to two separate task pages for adding Linux / Windows worker nodes.

Base the Windows page on the existing document:
https://github.com/kubernetes-sigs/sig-windows-tools/blob/master/guides/guide-for-adding-windows-node.md

note: this is a PR for the main branch (not dev-1.32)

Issue

Closes #44248
xref

• add separate task pages for adding Linux/Windows nodes with kubeadm #47884
• Cannot find page about adding Windows nodes #34476
• Overhaul Windows documentation #31428

[neolit123]

/assign @sftim @divya-mohan0209
/cc @pacoxu
for kubeadm
/cc @marosset @jsturtevant @knabben
for windows

/sig cluster-lifecycle windows docs

NOTE: i won't be able to work on this next week, but any feedback will be adjusted after that in case the PR doesn't merge this week...

[neolit123]

/hold

[netlify]

✅ Pull request preview available for checking

Built without sensitive environment variables

Name	Link
🔨 Latest commit	65107c7
🔍 Latest deploy log	https://app.netlify.com/sites/kubernetes-io-main-staging/deploys/66e28a692c09f20008e12b0e
😎 Deploy Preview	https://deploy-preview-47888--kubernetes-io-main-staging.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[sftim]

Here's a partial review. I don't have a Windows licence to check out the Windows part.

[sftim]

Suggested change

	openssl x509 -pubkey -in /etc/kubernetes/pki/ca.crt | openssl rsa -pubin -outform der 2>/dev/null | \
	# Run this on a control plane node
	sudo cat /etc/kubernetes/pki/ca.crt | openssl x509 -pubkey | openssl rsa -pubin -outform der 2>/dev/null | \

(least privilege)

[neolit123]

updated, minus the # Run this on a control plane node part. that is already in the prev sentence.

[sftim]

It doesn't block a merge, but experience confidently shows us that people don't read documentation and many people paste the commands in without reading the text in between.

[neolit123]

well, it will fail on a joining worker since the ca.crt doens't exist yet.
so then they will go back and read the prev sentence.

[sftim]

Suggested change

	kubeadm token create
	# Run this on a control plane node
	sudo kubeadm token create

[neolit123]

updated, minus # Run this on a control plane node. the prev sentence already mentions ...running the following command on the control plane node

[sftim]

Some thoughts on the Windows part

[sftim]

(at some point) make this a hyperlink.

[neolit123]

deleted this as it was a duplicate.
already present in a new ### Install kubectl for Windows (optional) near the bottom.

[sftim]

Suggested change

	kubeadm token create
	# Run this on a control plane node
	sudo kubeadm token create

[neolit123]

updated, minus # Run this on a control plane node. the prev sentence already mentions it.

[marosset]

Should we move the steps about creating kubeadm join tokens to install-kubeadm.md and reference that from both the windows and linux docs?
It looks like some of the docs are duplicated here

[sftim]

You'll also need a server running Windows, and administrative access to the server (just having the license is not enough to proceed).

[neolit123]

attempted to reword the steps.

[sftim]

@neolit123 once you've got the feedback you'd like, you might want to mark this as draft to indicate that you think it needs more work before it can merge.

[sftim]

If you're an approver for English and you LGTM this and you need a second person to approve because this is a change to the live site: you can treat this message as grounds to approve it. The change as described above is well worth making.

[jsturtevant]

Suggested change

	.\Install-Containerd.ps1 -ContainerDVersion 1.7.1
	.\Install-Containerd.ps1 -ContainerDVersion 1.7.22

[jsturtevant]

should we point to the containerd runtime docs here instead? https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd

[neolit123]

i did not notice that there are windows install steps in https://kubernetes.io/docs/setup/production-environment/container-runtimes/#containerd (inside the getting started link) that's great because we can just add a prereq for a container runtime and remove this step from here.

ideally we should break the follwing into linux/windows eventually too:
https://kubernetes.io/docs/setup/production-environment/tools/kubeadm/install-kubeadm/#installing-kubeadm-kubelet-and-kubectl

and maybe have PrepareNode.ps be the install step for windows in that guide.

[marosset]

the biggest differences between those docs and what we have are

• Checking and enabling the Hyper-V feature - which I don't think we care about for the purposes of this document
• Setting the CNI bin and CNI config dir's in the containerd config - I think we do want this

I think if we can get the containerd docs updated to create and set the cni bin/config dirs in the containerd setup script we can move away from the containerd setup doc in sig-windows-tools.
@jsturtevant - WDYT?

[jsturtevant]

agree, That info should live in the containerd install doc

[neolit123]

i though about unrolling the install-containerd script but think i'm going to leave this task to SIG Windows. my main problem here is that i have no way to test the containerd install and CNI setup, ATM.

also, it seems out of scope of the PR.

[sftim]

I get the sense that this is ready for a pair (Linux, Windows) of tech LGTMs.

[pacoxu]

I get the sense that this is ready for a pair (Linux, Windows) of tech LGTMs.

Most of the Linux part is the same as before. Only some structure changes for Linux.

Overall LGTM, but I don't have enough testing or knowledge about windows node. So leave to SIG-Windows to give the LGTM.

[sftim]

@neolit123 you held this PR. When [ie, what conditions must be met] is it OK to unhold?

[neolit123]

@neolit123 you held this PR. When [ie, what conditions must be met] is it OK to unhold?

just a precaution.
/hold cancel

[neolit123]

@marosset @jsturtevant please review again. looking for LGTM on the Windows side.
i think this is still an open topic but best to send it in a follow up, IMO:
#47888 (comment)

[marosset]

LGTM for Windows steps

thanks @neolit123!

[tengqm]

/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tengqm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• content/en/docs/OWNERS [tengqm]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[sftim]

/lgtm
for docs

Tech reviews look done

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: c79b9486f57d0b75e48d2161f5b033f0ab09754e