openstack
/
magnum
Code Issues Proposed changes

Merge "Kubectl configuration for certificates"

This commit is contained in:
Jenkins 2015-10-25 14:40:23 +00:00 committed by Gerrit Code Review
parent 49fa18aef6 a2c7dec40d
commit 23a5d63a22
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/source/dev/dev-tls.rst
View File

@ -225,6 +225,21 @@ Now let's run some kubectl commands to check secure communication::
NAME READY STATUS RESTARTS AGE NAME READY STATUS RESTARTS AGE
redis-master 2/2 Running 0 1m redis-master 2/2 Running 0 1m
You can create kubectl configuration for these flags::
kubectl config set-cluster secure-k8sbay --server=${KUBERNETES_URL} \
--certificate-authority=${PWD}/ca.crt
kubectl config set-credentials client --certificate-authority=${PWD}/ca.crt \
--client-key=${PWD}/client.key --client-certificate=${PWD}/client.crt
kubectl config set-context secure-k8sbay --cluster=secure-k8sbay --user=client
kubectl config use-context secure-k8sbay
Now you can use kubectl commands without extra flags::
kubectl get pods
NAME READY STATUS RESTARTS AGE
redis-master 2/2 Running 0 1m
Once you have all of these pieces, you can configure your native client. Below Once you have all of these pieces, you can configure your native client. Below
is an example for Docker. is an example for Docker.
@ -233,5 +248,6 @@ is an example for Docker.
docker -H tcp://192.168.19.86:2376 --tlsverify \ docker -H tcp://192.168.19.86:2376 --tlsverify \
--tlscacert ca.crt \ --tlscacert ca.crt \
--tlskey client.key \ --tlskey client.key \
--tlscert client.crt --tlscert client.crt \
info info