From 25a1f2bec880156ec91ca119303cf386ba3f9fb1 Mon Sep 17 00:00:00 2001 From: bochi Date: Thu, 16 May 2024 22:02:35 +0200 Subject: [PATCH] Improve TLS bootstrapping documentation (#341) This commit enhances the clarity of the TLS bootstrapping documentation. It enables users to verify the correct configuration in their kube-apiserver.service file, whether they're double-checking their setup or ensuring no steps were missed before proceeding. --- docs/11-tls-bootstrapping-kubernetes-workers.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/docs/11-tls-bootstrapping-kubernetes-workers.md b/docs/11-tls-bootstrapping-kubernetes-workers.md index 2722855..ee3c640 100644 --- a/docs/11-tls-bootstrapping-kubernetes-workers.md +++ b/docs/11-tls-bootstrapping-kubernetes-workers.md @@ -30,7 +30,14 @@ So let's get started! **kube-apiserver** - Ensure bootstrap token based authentication is enabled on the kube-apiserver. -`--enable-bootstrap-token-auth=true` +run this command on `controlplane01` : +``` +grep 'enable-bootstrap-token-auth=true' /etc/systemd/system/kube-apiserver.service +``` + +expected output : + +` --enable-bootstrap-token-auth=true \` **kube-controller-manager** - The certificate requests are signed by the kube-controller-manager ultimately. The kube-controller-manager requires the CA Certificate and Key to perform these operations.