Difference between revisions of "Kube-root-ca.crt configMap"

From wikieduonline
Jump to navigation Jump to search
(Created page with "{{lc}} Note: Even though the custom CA certificate may be included in the filesystem (in the ConfigMap kube-root-ca.crt), you should not use that certificate authority fo...")
Tags: Mobile web edit, Mobile edit
 
Tags: Mobile web edit, Mobile edit
Line 1: Line 1:
 
{{lc}}
 
{{lc}}
  
 +
 +
* https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
 
  Note:
 
  Note:
 
  Even though the custom CA certificate may be included in the filesystem (in the ConfigMap kube-root-ca.crt), you should not use that  
 
  Even though the custom CA certificate may be included in the filesystem (in the ConfigMap kube-root-ca.crt), you should not use that  

Revision as of 18:15, 27 March 2023


Note:
Even though the custom CA certificate may be included in the filesystem (in the ConfigMap kube-root-ca.crt), you should not use that 
certificate authority for any purpose other than to verify internal Kubernetes endpoints. An example of an internal Kubernetes endpoint is 
the Service named kubernetes in the default namespace.

If you want to use a custom certificate authority for your workloads, you should generate that CA separately, and distribute its CA 
certificate using a ConfigMap that your pods have access to read.


Kubernetes: distributions, tools, CKA, CKS, Kubernetes interfaces: CSI, CNI, installation, workloads, networking, kubeadm, Kubernetes API, Kubernetes API Server, kubectl, kubeadm, kubelet, kube-proxy, Cloud services: EKS, GKE, TKE, DKS, Helm, Kubernetes RBAC, Kubernetes deployments, Minikube, Rancher, OpenShift, Charmed Kubernetes, Ingress, Kubernetes scheduler, Kubernetes Finalizers, logging, Kubernetes operator, Orka, kind:, Kubernetes namespaces, Kubernetes dashboard, Kubernetes Metrics Server, Field Selectors, CoreDNS, CRI, Kubernetes Topology Manager, Kubernetes governance: (SIG, KEP), Kustomize, controllers, ReadinessProbe, LivenessProbe, KOPS, K9s, Kui, k3s, ImagePullBackOff, PDB, EndPoints, Kots, metadata, Karpenter, Replicated.com, Kubernetes Authenticating, Kubernetes timeline, Changelog/Versions, service accounts, Kubernetes Pod Lifecycle, Kubernetes Conformance Certified, Kubernetes backup, Kubernetes Pod Security Admission, tEKS, Kubernetes events, Kubernetes ports, Kubernetes policies, Connect, addons, DoKC, Kubernetes control plane, Kubernetes Federation, Kubernetes info, Kubetest2, Sidecar (Kubernetes)

Advertising: