openstack
/
magnum
Code Issues Proposed changes

Kubectl configuration for certificates 

Missing slash was added to Docker example and instruction how to
create kubectl configuration for certificates (to avoid type them for
each command)

Change-Id: I06fa04cea4df63fa03ea17598a33ce14685870e7
This commit is contained in:
Egor Guz 2015-10-22 16:59:59 -07:00
parent d35affa2b6
commit a2c7dec40d
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/source/dev/dev-tls.rst
View File

@ -225,6 +225,21 @@ Now let's run some kubectl commands to check secure communication::
NAME READY STATUS RESTARTS AGE NAME READY STATUS RESTARTS AGE
redis-master 2/2 Running 0 1m redis-master 2/2 Running 0 1m
You can create kubectl configuration for these flags::
kubectl config set-cluster secure-k8sbay --server=${KUBERNETES_URL} \
--certificate-authority=${PWD}/ca.crt
kubectl config set-credentials client --certificate-authority=${PWD}/ca.crt \
--client-key=${PWD}/client.key --client-certificate=${PWD}/client.crt
kubectl config set-context secure-k8sbay --cluster=secure-k8sbay --user=client
kubectl config use-context secure-k8sbay
Now you can use kubectl commands without extra flags::
kubectl get pods
NAME READY STATUS RESTARTS AGE
redis-master 2/2 Running 0 1m
Once you have all of these pieces, you can configure your native client. Below Once you have all of these pieces, you can configure your native client. Below
is an example for Docker. is an example for Docker.
@ -233,5 +248,6 @@ is an example for Docker.
docker -H tcp://192.168.19.86:2376 --tlsverify \ docker -H tcp://192.168.19.86:2376 --tlsverify \
--tlscacert ca.crt \ --tlscacert ca.crt \
--tlskey client.key \ --tlskey client.key \
--tlscert client.crt --tlscert client.crt \
info info