mirrors
/
kubernetes-the-hard-way
mirror of https://github.com/kelseyhightower/kubernetes-the-hard-way
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Move certificate and private-key away from /var/run 

It is cleared out at reboot.

It appears that only the file-name part of --tls-cert-file /
--tls-private-key-file is used and that the path is taken from
--cert-dir (which defaults to /var/run/kubernetes) so to make the path
stick we also add a --cert-dir
pull/152/head
Mads H. Danquah 2017-04-11 06:46:38 +02:00 committed by Kelsey Hightower
parent c32977f361
commit d81abdbcf1
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/06-kubernetes-worker.md
View File

@ -183,8 +183,9 @@ ExecStart=/usr/bin/kubelet \\
--kubeconfig=/var/lib/kubelet/kubeconfig \\ --kubeconfig=/var/lib/kubelet/kubeconfig \\
--serialize-image-pulls=false \\ --serialize-image-pulls=false \\
--register-node=true \\ --register-node=true \\
--tls-cert-file=/var/run/kubernetes/kubelet-client.crt \\ --tls-cert-file=/var/lib/kubelet/kubelet-client.crt \\
--tls-private-key-file=/var/run/kubernetes/kubelet-client.key \\ --tls-private-key-file=/var/lib/kubelet/kubelet-client.key \\
--cert-dir=/var/lib/kubelet \\
--v=2 --v=2
Restart=on-failure Restart=on-failure
RestartSec=5 RestartSec=5