K8s-pki: различия между версиями

Версия 15:09, 26 октября 2021

https://kubernetes.io/docs/setup/best-practices/certificates/

How certificates are used by your cluster

Kubernetes requires PKI for the following operations:

Client certificates for the kubelet to authenticate to the API server
Server certificate for the API server endpoint
Client certificates for administrators of the cluster to authenticate to the API server
Client certificates for the API server to talk to the kubelets
Client certificate for the API server to talk to etcd
Client certificate/kubeconfig for the controller manager to talk to the API server
Client certificate/kubeconfig for the scheduler to talk to the API server.
Client and server certificates for the front-proxy

Note: front-proxy certificates are required only if you run kube-proxy to support an extension API server. etcd also implements mutual TLS to authenticate clients and peers.

@@ Строка 1: / Строка 1: @@
 * https://kubernetes.io/docs/setup/best-practices/certificates/
+How certificates are used by your cluster
+Kubernetes requires PKI for the following operations:
+* Client certificates for the kubelet to authenticate to the API server
+* Server certificate for the API server endpoint
+* Client certificates for administrators of the cluster to authenticate to the API server
+* Client certificates for the API server to talk to the kubelets
+* Client certificate for the API server to talk to etcd
+* Client certificate/kubeconfig for the controller manager to talk to the API server
+* Client certificate/kubeconfig for the scheduler to talk to the API server.
+* Client and server certificates for the front-proxy
+Note: front-proxy certificates are required only if you run kube-proxy to support an extension API server.
+etcd also implements mutual TLS to authenticate clients and peers.

K8s-pki: различия между версиями

Версия 15:09, 26 октября 2021

Навигация

Действия на странице

Действия на странице

Персональные инструменты

Навигация

Поиск

Инструменты