Add --anonymous-auth=false \\
As the default allows anonymous authentication
--anonymous-auth Default: true
Enables anonymous requests to the secure port of the API server. Requests that are not rejected by another authentication method are treated as anonymous requests. Anonymous requests have a username of system:anonymous, and a group name of system:unauthenticated.
cri-containerd project is moving as a sub-project of containerd itself;
the GitHub migration is complete. Also, as of 9 Jan, the beta.1 release
of cri-containerd is available so the download link is updated.
Signed-off-by: Phil Estes <estesp@gmail.com>
Instead of 'value(address)' 'value(name)' should be used to make the following forwarding-rules creation command to work. With 'value(address)' it returns an error: "ERROR: (gcloud.compute.forwarding-rules.create) Could not fetch resource: - The resource 'projects/some-random-project/regions/us-central1/addresses/w.x.y.z' was not found"
there is a bug in Kubernetes 1.6.1 that causes an error when validating the kubernetes environment and etcd. (https://github.com/kubernetes/kubernetes/pull/39716) I found that using the 1.7.0 version I did not get this error. Affects the README, this file and the client configuration (moving to 1.7.0 to match)
Unless the region is explicitly passed, I get the error:
```
ERROR: (gcloud.compute.target-pools.create) Some requests did not succeed:
- Invalid value for field 'region': 'us-central1-b'. Unknown region.
```
It is cleared out at reboot.
It appears that only the file-name part of --tls-cert-file /
--tls-private-key-file is used and that the path is taken from
--cert-dir (which defaults to /var/run/kubernetes) so to make the path
stick we also add a --cert-dir