Kubectl configuration for certificates

Missing slash was added to Docker example and instruction how to create kubectl configuration for certificates (to avoid type them for each command) Change-Id: I06fa04cea4df63fa03ea17598a33ce14685870e7
2015-10-22 16:59:59 -07:00 · 2015-10-22 16:59:59 -07:00 · a2c7dec40d
parent d35affa2b6
commit a2c7dec40d
1 changed files with 17 additions and 1 deletions
--- a/doc/source/dev/dev-tls.rst
+++ b/doc/source/dev/dev-tls.rst
@ -225,6 +225,21 @@ Now let's run some kubectl commands to check secure communication::
    NAME           READY     STATUS    RESTARTS   AGE
    redis-master   2/2       Running   0          1m

+You can create kubectl configuration for these flags::
+
+    kubectl config set-cluster secure-k8sbay --server=${KUBERNETES_URL} \
+        --certificate-authority=${PWD}/ca.crt
+    kubectl config set-credentials client --certificate-authority=${PWD}/ca.crt \
+        --client-key=${PWD}/client.key --client-certificate=${PWD}/client.crt
+    kubectl config set-context secure-k8sbay --cluster=secure-k8sbay --user=client
+    kubectl config use-context secure-k8sbay
+
+Now you can use kubectl commands without extra flags::
+
+    kubectl get pods
+    NAME           READY     STATUS    RESTARTS   AGE
+    redis-master   2/2       Running   0          1m
+
 Once you have all of these pieces, you can configure your native client. Below
 is an example for Docker.

@ -233,5 +248,6 @@ is an example for Docker.
    docker -H tcp://192.168.19.86:2376 --tlsverify \
        --tlscacert ca.crt \
        --tlskey client.key \
-        --tlscert client.crt
+        --tlscert client.crt \
        info
+