Fixed indentation
parent
de92ceaeea
commit
6e234d3dca
|
@ -106,74 +106,74 @@ Generate a certificate and private key for each Kubernetes worker node:
|
||||||
```gcloud```
|
```gcloud```
|
||||||
```
|
```
|
||||||
for instance in worker-0 worker-1 worker-2; do
|
for instance in worker-0 worker-1 worker-2; do
|
||||||
cat > ${instance}-csr.json <<EOF
|
cat > ${instance}-csr.json <<EOF
|
||||||
{
|
{
|
||||||
"CN": "system:node:${instance}",
|
"CN": "system:node:${instance}",
|
||||||
"key": {
|
"key": {
|
||||||
"algo": "rsa",
|
"algo": "rsa",
|
||||||
"size": 2048
|
"size": 2048
|
||||||
},
|
},
|
||||||
"names": [
|
"names": [
|
||||||
{
|
{
|
||||||
"C": "US",
|
"C": "US",
|
||||||
"L": "Portland",
|
"L": "Portland",
|
||||||
"O": "system:nodes",
|
"O": "system:nodes",
|
||||||
"OU": "Kubernetes The Hard Way",
|
"OU": "Kubernetes The Hard Way",
|
||||||
"ST": "Oregon"
|
"ST": "Oregon"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
EXTERNAL_IP=$(gcloud compute instances describe ${instance} \
|
EXTERNAL_IP=$(gcloud compute instances describe ${instance} \
|
||||||
--format 'value(networkInterfaces[0].accessConfigs[0].natIP)')
|
--format 'value(networkInterfaces[0].accessConfigs[0].natIP)')
|
||||||
|
|
||||||
INTERNAL_IP=$(gcloud compute instances describe ${instance} \
|
INTERNAL_IP=$(gcloud compute instances describe ${instance} \
|
||||||
--format 'value(networkInterfaces[0].networkIP)')
|
--format 'value(networkInterfaces[0].networkIP)')
|
||||||
|
|
||||||
cfssl gencert \
|
cfssl gencert \
|
||||||
-ca=ca.pem \
|
-ca=ca.pem \
|
||||||
-ca-key=ca-key.pem \
|
-ca-key=ca-key.pem \
|
||||||
-config=ca-config.json \
|
-config=ca-config.json \
|
||||||
-hostname=${instance},${EXTERNAL_IP},${INTERNAL_IP} \
|
-hostname=${instance},${EXTERNAL_IP},${INTERNAL_IP} \
|
||||||
-profile=kubernetes \
|
-profile=kubernetes \
|
||||||
${instance}-csr.json | cfssljson -bare ${instance}
|
${instance}-csr.json | cfssljson -bare ${instance}
|
||||||
done
|
done
|
||||||
```
|
```
|
||||||
|
|
||||||
```az```
|
```az```
|
||||||
```
|
```
|
||||||
for instance in worker-0 worker-1 worker-2; do
|
for instance in worker-0 worker-1 worker-2; do
|
||||||
cat > ${instance}-csr.json <<EOF
|
cat > ${instance}-csr.json << EOF
|
||||||
{
|
{
|
||||||
"CN": "system:node:${instance}",
|
"CN": "system:node:${instance}",
|
||||||
"key": {
|
"key": {
|
||||||
"algo": "rsa",
|
"algo": "rsa",
|
||||||
"size": 2048
|
"size": 2048
|
||||||
},
|
},
|
||||||
"names": [
|
"names": [
|
||||||
{
|
{
|
||||||
"C": "US",
|
"C": "US",
|
||||||
"L": "Portland",
|
"L": "Portland",
|
||||||
"O": "system:nodes",
|
"O": "system:nodes",
|
||||||
"OU": "Kubernetes The Hard Way",
|
"OU": "Kubernetes The Hard Way",
|
||||||
"ST": "Oregon"
|
"ST": "Oregon"
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
EXTERNAL_IP=$(az vm show --name ${instance} -d --query publicIps -o tsv)
|
EXTERNAL_IP=$(az vm show --name ${instance} -d --query publicIps -o tsv)
|
||||||
|
|
||||||
INTERNAL_IP=$(az vm show --name ${instance} -d --query privateIps -o tsv)
|
INTERNAL_IP=$(az vm show --name ${instance} -d --query privateIps -o tsv)
|
||||||
|
|
||||||
cfssl gencert \
|
cfssl gencert \
|
||||||
-ca=ca.pem \
|
-ca=ca.pem \
|
||||||
-ca-key=ca-key.pem \
|
-ca-key=ca-key.pem \
|
||||||
-config=ca-config.json \
|
-config=ca-config.json \
|
||||||
-hostname=${instance},${EXTERNAL_IP},${INTERNAL_IP} \
|
-hostname=${instance},${EXTERNAL_IP},${INTERNAL_IP} \
|
||||||
-profile=kubernetes \
|
-profile=kubernetes \
|
||||||
${instance}-csr.json | cfssljson -bare ${instance}
|
${instance}-csr.json | cfssljson -bare ${instance}
|
||||||
done
|
done
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue