mirrors/kubernetes-the-hard-way
1
0
Fork 0
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way.git synced 2025-12-15 01:08:58 +03:00
Code Issues Projects Releases Wiki Activity

etcd require TLS client auth

Browse Source
This commit is contained in:
Kelsey Hightower
2018-05-13 16:58:26 +00:00
parent 08e778612b
commit 758aed29be
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/07-bootstrapping-etcd.md
View File

@@ -75,7 +75,7 @@ ExecStart=/usr/local/bin/etcd \\
--client-cert-auth \\ --client-cert-auth \\
--initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\ --initial-advertise-peer-urls https://${INTERNAL_IP}:2380 \\
--listen-peer-urls https://${INTERNAL_IP}:2380 \\ --listen-peer-urls https://${INTERNAL_IP}:2380 \\
--listen-client-urls https://${INTERNAL_IP}:2379,http://127.0.0.1:2379 \\ --listen-client-urls https://${INTERNAL_IP}:2379,https://127.0.0.1:2379 \\
--advertise-client-urls https://${INTERNAL_IP}:2379 \\ --advertise-client-urls https://${INTERNAL_IP}:2379 \\
--initial-cluster-token etcd-cluster-0 \\ --initial-cluster-token etcd-cluster-0 \\
--initial-cluster controller-0=https://10.240.0.10:2380,controller-1=https://10.240.0.11:2380,controller-2=https://10.240.0.12:2380 \\ --initial-cluster controller-0=https://10.240.0.10:2380,controller-1=https://10.240.0.11:2380,controller-2=https://10.240.0.12:2380 \\
@@ -114,7 +114,11 @@ sudo systemctl start etcd
List the etcd cluster members: List the etcd cluster members:
``` ```
ETCDCTL_API=3 etcdctl member list sudo ETCDCTL_API=3 etcdctl member list \
--endpoints=https://127.0.0.1:2379 \
--cacert=/etc/etcd/ca.pem \
--cert=/etc/etcd/kubernetes.pem \
--key=/etc/etcd/kubernetes-key.pem
``` ```
> output > output