TLS connections between etcd peers should not use self-signed certificates that are automatically generated
Set up the kubernetes integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Automatically generated self-signed certificates for TLS connections between peers should not be used. Etcd is a highly-available key value store used by Kubernetes deployments for persistent storage of REST API objects. These objects are sensitive in nature and should be accessible only by authenticated etcd peers in the etcd cluster. Hence, do not use self-signed certificates for authentication.
Edit the etcd pod specification file /etc/kubernetes/manifests/etcd.yaml
on the master node and either remove the --peer-auto-tls
parameter or set it to false.