mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

The chapter 'Provisioning a CA and Generating TLS Certificates' is updated.

pull/443/head
Pick1a1username 2019-02-23 15:38:17 +09:00
parent d091dd4382
commit c67c13138e
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/04-certificate-authority.md
View File

@ -143,7 +143,7 @@ cfssl gencert \
-config=ca-config.json \ -config=ca-config.json \
-hostname=worker-${num},${INTERNAL_IP} \ -hostname=worker-${num},${INTERNAL_IP} \
-profile=kubernetes \ -profile=kubernetes \
${instance}-csr.json | cfssljson -bare worker-${num} worker-${num}-csr.json | cfssljson -bare worker-${num}
done done
``` ```
@ -386,19 +386,17 @@ service-account.pem
Copy the appropriate certificates and private keys to each worker instance: Copy the appropriate certificates and private keys to each worker instance:
``` ```
$ USERNAME=<User Name of Virtual Machines>
$ for num in 1 2 3; do $ for num in 1 2 3; do
scp -i ~/.ssh/id_rsa-k8s.pub ca.pem worker-${num}-key.pem worker-${num}.pem ${USERNAME}@10.240.0.2${num}:~/ scp -i ~/.ssh/id_rsa-k8s ca.pem worker-${num}-key.pem worker-${num}.pem ${USER}@10.240.0.2${num}:~/
done done
``` ```
Copy the appropriate certificates and private keys to each controller instance: Copy the appropriate certificates and private keys to each controller instance:
``` ```
$ USERNAME=<User Name of Virtual Machines>
$ for num in 1 2 3; do $ for num in 1 2 3; do
scp -i ~/.ssh/id_rsa-k8s.pub ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem \ scp -i ~/.ssh/id_rsa-k8s ca.pem ca-key.pem kubernetes-key.pem kubernetes.pem \
service-account-key.pem service-account.pem ${USERNAME}@10.240.0.1${num}:~/ service-account-key.pem service-account.pem ${USER}@10.240.0.1${num}:~/
done done
``` ```