Production-Grade Container Orchestration

This page shows how to manually rotate the certificate authority (CA) certificates. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

This page shows how to perform a rolling update on a DaemonSet. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

FEATURE STATE: Kubernetes v1.33 [stable](enabled by default) This document shares how to reconfigure the default Service IP range(s) assigned to a cluster. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

Production-Grade Container Orchestration

This page shows how to enable and configure certificate rotation for the kubelet. FEATURE STATE: Kubernetes v1.19 [stable] Before you begin Kubernetes version 1.8.0 or later is required Overview The kubelet uses certificates for authenticating to the Kubernetes API. By default, these certificates are issued with one year expiration so that they do not need to be renewed too frequently. Kubernetes contains kubelet certificate rotation, that will automatically generate a new key and request a new certificate from the Kubernetes API as the current certificate approaches expiration.

FEATURE STATE: Kubernetes v1.33 [stable](enabled by default) This document shares how to extend the existing Service IP range assigned to a cluster. Before you begin You need to have a Kubernetes cluster, and the kubectl command-line tool must be configured to communicate with your cluster. It is recommended to run this tutorial on a cluster with at least two nodes that are not acting as control plane hosts. If you do not already have a cluster, you can create one by using minikube or you can use one of these Kubernetes playgrounds:

This document shares how to validate IPv4/IPv6 dual-stack enabled Kubernetes clusters. Before you begin Provider support for dual-stack networking (Cloud provider or otherwise must be able to provide Kubernetes nodes with routable IPv4/IPv6 network interfaces) A network plugin that supports dual-stack networking. Dual-stack enabled cluster Your Kubernetes server must be at or later than version v1.23. To check the version, enter kubectl version. Note:While you can validate with an earlier version, the feature is only GA and officially supported since v1.

Production-Grade Container Orchestration

Synopsis Create a namespace with the specified name. kubectl create namespace NAME [--dry-run=server|client|none] Examples # Create a new namespace named my-namespace kubectl create namespace my-namespace Options --allow-missing-template-keys     Default: true If true, ignore any errors in templates when a field or map key is missing in the template. Only applies to golang and jsonpath output formats. --dry-run string[="unchanged"]     Default: "none" Must be "none", "server", or "client". If client strategy, only print the object that would be sent, without sending it.