Issue with k8s.io/docs/setup/independent/high-availability/

[ocofaigh]

This is a...

• [ ] Feature Request
• [x] Bug Report

Problem: The kubeadm documentation for setting up a HA cluster (https://kubernetes.io/docs/setup/independent/high-availability/) has the following step under the heading "Acquire etcd certs":

Option 1: Copy with scp Follow the steps in the create ssh access section, but instead of adding to etcd0’s authorized_keys file, add them to master0. Once you’ve done this, run: bash scp root@<master0-ip-address>:/etc/kubernetes/pki/* /etc/kubernetes/pki rm apiserver.*

Firstly, bash scp is incorrect syntax:

[root@ziptester-ha1 ~]# bash scp bla bla bla
/usr/bin/scp: /usr/bin/scp: cannot execute binary file

Secondly, This step is wrong. It needs to be more specific. If you copy all of the content from /etc/kubernetes/pki, you will overwrite some files that are needed to start the other masters.

Proposed Solution: Update documentation to this:

Option 1: Copy with scp Follow the steps in the create ssh access section, but instead of adding to etcd0’s authorized_keys file, add them to master0. Once you’ve done this, run: scp root@<master0-ip-address>:/etc/kubernetes/pki/ca.crt /etc/kubernetes/pki scp root@<master0-ip-address>:/etc/kubernetes/pki/ca.key /etc/kubernetes/pki scp root@<master0-ip-address>:/etc/kubernetes/pki/sa.key /etc/kubernetes/pki scp root@<master0-ip-address>:/etc/kubernetes/pki/sa.pub /etc/kubernetes/pki

Page to Update: https://kubernetes.io/docs/setup/independent/high-availability/

[neolit123]

the HA and HA-ETC documentation received an overhaul in 1.11: https://kubernetes.io/docs/setup/independent/high-availability/ https://kubernetes.io/docs/tasks/administer-cluster/setup-ha-etcd-with-kubeadm/

all the new edits were the result of combined SIG efforts and based on existing proposals for improvements.

closing until further notice. /close