Lucas Käldström
|
579a743482
|
kubeadm: Add --cert-dir, --apiserver-cert-extra-sans, remove --api-external-dns-names and add the phase command for certs. Also use the CertificatesDir var everywhere instead of the HostPKIPath variable and fix some bugs in certs.go
|
2017-03-02 20:51:02 +02:00 |
|
Lucas Käldström
|
5cbefbcbca
|
kubeadm: Rename --api-advertise-addresses to --apiserver-advertise-address and --api-port to --apiserver-bind-port
|
2017-03-01 14:33:19 +02:00 |
|
Lucas Käldström
|
42cb8c8cb0
|
kubeadm: Generate kubeconfig files for controller-manager and scheduler and use them; secures the control plane communication
|
2017-02-23 21:28:03 +02:00 |
|
deads2k
|
affdf829a3
|
add front proxy to kubeadm created kube-apiservers
|
2017-02-15 11:02:03 -05:00 |
|
Andrew Rynhard
|
3ea7b29e8e
|
Use a dedicated key for service account token signing
|
2017-02-13 08:39:46 -08:00 |
|
deads2k
|
5a8f075197
|
move authoritative client-go utils out of pkg
|
2017-01-24 08:59:18 -05:00 |
|
Lucas Käldström
|
695fb7440e
|
Fix up the misunderstanding about the apiserver kubelet client cert
|
2017-01-23 21:45:48 +02:00 |
|
Lucas Käldström
|
6a37f450ae
|
Add --kubelet-client-{certificate,key} to the apiserver args and make it allowed to access the kubelets
|
2017-01-23 13:16:04 +02:00 |
|
Lucas Käldström
|
13499f443a
|
Generate two certs and two private keys; only the necessary ones; make the certs and kubeconfig phases work with valid files already on-disk and some cleanup
|
2017-01-21 00:33:06 +02:00 |
|
deads2k
|
ee6752ef20
|
find and replace
|
2017-01-20 08:04:53 -05:00 |
|
Lucas Käldström
|
720f3b45aa
|
Refactor the pki, cert, kubeconfig code in the kubeadm binary into two separate and logically independent phases
|
2017-01-03 23:40:07 +02:00 |
|