From e1590777044925d780e4be25366679fdf32ad85e Mon Sep 17 00:00:00 2001 From: Tommy Carpenter Date: Thu, 26 Oct 2023 17:20:28 -0400 Subject: [PATCH] edited sentence for clarity --- docs/08-bootstrapping-kubernetes-controllers.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/08-bootstrapping-kubernetes-controllers.md b/docs/08-bootstrapping-kubernetes-controllers.md index ede6ce0..ef7132d 100644 --- a/docs/08-bootstrapping-kubernetes-controllers.md +++ b/docs/08-bootstrapping-kubernetes-controllers.md @@ -213,7 +213,7 @@ EOF ### Enable HTTP Health Checks -A [Google Network Load Balancer](https://cloud.google.com/compute/docs/load-balancing/network) will be used to distribute traffic across the three API servers and allow each API server to terminate TLS connections and validate client certificates. The network load balancer only supports HTTP health checks which means the HTTPS endpoint exposed by the API server cannot be used. As a workaround the nginx webserver can be used to proxy HTTP health checks. In this section nginx will be installed and configured to accept HTTP health checks on port `80` and proxy the connections to the API server on `https://127.0.0.1:6443/healthz`. +A [Google Network Load Balancer](https://cloud.google.com/compute/docs/load-balancing/network) will be used to distribute traffic across the three API servers and allow each API server to terminate TLS connections and validate client certificates. The network load balancer only supports HTTP health checks, which means the HTTPS endpoints exposed by the API servers cannot be used. As a workaround, the nginx webserver can be used to proxy HTTP health checks. In this section nginx will be installed and configured to accept HTTP health checks on port `80` and proxy the connections to the API server on `https://127.0.0.1:6443/healthz`. > The `/healthz` API server endpoint does not require authentication by default. @@ -294,7 +294,7 @@ In this section you will configure RBAC permissions to allow the Kubernetes API > This tutorial sets the Kubelet `--authorization-mode` flag to `Webhook`. Webhook mode uses the [SubjectAccessReview](https://kubernetes.io/docs/admin/authorization/#checking-api-access) API to determine authorization. -The commands in this section will effect the entire cluster and only need to be run once from one of the controller nodes. +The commands in this section will affect the entire cluster and only need to be run once from one of the controller nodes. ``` gcloud compute ssh controller-0