Workers

Configuring the worker nodes is simple in comparison to configuring the master nodes. Using the trustd API, worker nodes submit a CSR, and, if authenticated, receive a valid osd certificate. Similarly, using a kubeadm token, the node joins an existing cluster.

We need to specify:

  • the osd public certificate
  • trustd credentials and endpoints
  • and a kubeadm JoinConfiguration
version: ""
...
services:
  kubeadm:
    configuration: |
      apiVersion: kubeadm.k8s.io/v1alpha3
      kind: JoinConfiguration
      ...
  trustd:
    username: <username>
    password: <password>
    endpoints:
    - <master-1>
    ...
    - <master-n>

See the official documentation for the options available in JoinConfiguration.