Server Certificates for Server - pracip96/K8s-Learning GitHub Wiki

KubeAPI server exposes https svc that other componensts as well as other ext components/users to manager cluster. It requires cert to secure comm b/w client.

Generate a cert and key pair (apiserver.crt and apiserver.key)

ETCD SERVER Generate a cert and key pair (etcdserver.crt and etcdserver.key)

KUBELET server Generate a cert and key pair (kubelet.crt and kubelet.key)

CLIENTS

Can be kubectl or REST API

Admin user requires cert and keypair to authenticate to the kubeapi-server admin.crt and admin.key

scheduler talks to api server to look for pods to schedule, kubeapi server considers a scheduler client scheduler.crt and scheduler.key

Kube-Controller Talks with apiserver controller-manager.crt and controler-manager.key

kube-proxy Talks with apiserver kube-proxy.crt and kube-proxy.key

ADMIN USER