Refactor standby / kubeadm provisioning

[displague]

The process that runs kubeadm init phase on each controller node is a shell script that (requires a local kubeadm binary? and) locally SSHs to the controller and to the standby nodes (and vice-versa) and copies files between the two points over scp.

Several wait statements are added throughout this process slowing down the overall install.

This could be refactored to be more efficient and direct.

• kubeadm could be run on the remotes
• controller secrets can be made available to the local environment and that can be used to configure nodes
• https://github.com/linode/terraform-linode-k8s/blob/master/modules/masters/main.tf#L21-L76
• https://github.com/linode/terraform-linode-k8s/blob/master/modules/masters/scripts/local/kubeadm-token.sh
• https://github.com/linode/terraform-linode-k8s/blob/master/modules/nodes/main.tf#L22-L39

I'm not sure why we are using join phase and copying /etc/kubernetes/pki files between nodes. I would imagine kubeadm join (with no phase) would be sufficient. https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/ https://kubernetes.io/docs/reference/setup-tools/kubeadm/kubeadm-join/

If we are managing the certificates locally, and pushes those to each of the nodes, I wonder if we could convert this process to native terraform certificate resources. https://registry.terraform.io/providers/hashicorp/tls/latest/docs/resources/self_signed_cert