mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

updated 04-certificate-authority

pull/709/head
Xander Grzywinski 2019-05-23 14:31:28 -07:00
parent c7847fd1e0
commit c40325fe76
2 changed files with 9 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/03-compute-resources.md
View File

@ -17,9 +17,9 @@ The Kubernetes [networking model](https://kubernetes.io/docs/concepts/cluster-ad
> Setting up network policies is out of scope for this tutorial. > Setting up network policies is out of scope for this tutorial.
### Virtual Private Cloud Network ### Virtual Network
In this section a dedicated [Virtual Network](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) (VNET) network will be setup to host the Kubernetes cluster. A subnet must be provisioned with an IP address range large enough to assign a private IP address to each node in the Kubernetes cluster. In this section a dedicated [Virtual Network](https://docs.microsoft.com/en-us/azure/virtual-network/virtual-networks-overview) (VNET) will be setup to host the Kubernetes cluster. A subnet must be provisioned with an IP address range large enough to assign a private IP address to each node in the Kubernetes cluster.
Create the `kubernetes-the-hard-way` custom VNET network and subnet: Create the `kubernetes-the-hard-way` custom VNET network and subnet:

17
docs/04-certificate-authority.md
View File

@ -132,11 +132,9 @@ cat > ${instance}-csr.json <<EOF
} }
EOF EOF
EXTERNAL_IP=$(gcloud compute instances describe ${instance} \ EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
--format 'value(networkInterfaces[0].accessConfigs[0].natIP)')
INTERNAL_IP=$(gcloud compute instances describe ${instance} \ INTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f16)
--format 'value(networkInterfaces[0].networkIP)')
cfssl gencert \ cfssl gencert \
-ca=ca.pem \ -ca=ca.pem \
@ -299,9 +297,7 @@ Generate the Kubernetes API Server certificate and private key:
``` ```
{ {
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \ KUBERNETES_PUBLIC_ADDRESS=$(az network public-ip show -g kubernetes-the-hard-way -n kubernetes-the-hard-way-ip --output tsv | cut -f6)
--region $(gcloud config get-value compute/region) \
--format 'value(address)')
cat > kubernetes-csr.json <<EOF cat > kubernetes-csr.json <<EOF
{ {
@ -392,7 +388,8 @@ Copy the appropriate certificates and private keys to each worker instance:
``` ```
for instance in worker-0 worker-1 worker-2; do for instance in worker-0 worker-1 worker-2; do
gcloud compute scp ca.pem ${instance}-key.pem ${instance}.pem ${instance}:~/ EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
scp ca.pem ${instance}-key.pem ${instance}.pem azureuser@${EXTERNAL_IP}:~/
done done
``` ```
@ -400,8 +397,8 @@ Copy the appropriate certificates and private keys to each controller instance:
``` ```
for instance in controller-0 controller-1 controller-2; do for instance in controller-0 controller-1 controller-2; do
gcloud compute scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem \ EXTERNAL_IP=$(az vm show --show-details -g kubernetes-the-hard-way -n ${instance} --output tsv | cut -f19)
service-account-key.pem service-account.pem ${instance}:~/ scp ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem service-account-key.pem service-account.pem azureuser@${EXTERNAL_IP}:~/
done done
``` ```