mirrors/kubernetes-the-hard-way
1
0
Fork 0
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way.git synced 2025-12-15 17:28:58 +03:00
Code Issues Projects Releases Wiki Activity

Improve TLS bootstrapping documentation (#341)

Browse Source 
This commit enhances the clarity of the TLS bootstrapping documentation. 
It enables users to verify the correct configuration in their kube-apiserver.service file, whether they're double-checking their setup or ensuring no steps were missed before proceeding.
This commit is contained in:
bochi
2024-05-16 22:02:35 +02:00
committed by GitHub
parent 0d885c99a9
commit 25a1f2bec8
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/11-tls-bootstrapping-kubernetes-workers.md
View File

@@ -30,7 +30,14 @@ So let's get started!
**kube-apiserver** - Ensure bootstrap token based authentication is enabled on the kube-apiserver. **kube-apiserver** - Ensure bootstrap token based authentication is enabled on the kube-apiserver.
`--enable-bootstrap-token-auth=true` run this command on `controlplane01` :
```
grep 'enable-bootstrap-token-auth=true' /etc/systemd/system/kube-apiserver.service
```
expected output :
` --enable-bootstrap-token-auth=true \`
**kube-controller-manager** - The certificate requests are signed by the kube-controller-manager ultimately. The kube-controller-manager requires the CA Certificate and Key to perform these operations. **kube-controller-manager** - The certificate requests are signed by the kube-controller-manager ultimately. The kube-controller-manager requires the CA Certificate and Key to perform these operations.