API server should verify the kubelet's certificate before establishing connection
Set up the kubernetes integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
A kubelet’s certificate should be verified before establishing a connection. The connections from the API server to the kubelet are used for fetching logs from pods, attaching the kubelet (through kubectl) to running pods, and using the kubelet’s port-forwarding functionality.
- Follow the Kubernetes documentation and set up the TLS connection between the apiserver and kubelets.
- Edit the API server pod specification file
/etc/kubernetes/manifests/kube-apiserver.yaml on the master node and set the --kubelet-certificate-authority parameter to the path of the cert file for the certificate authority.
--kubelet-certificate-authority=<ca-string>
