Skip to content

Instantly share code, notes, and snippets.

@kbruner

kbruner/gen.sh Secret

Last active Dec 8, 2020
Embed
What would you like to do?
KUBERNETES_PUBLIC_ADDRESS=10.240.0.2
KUBERNETES_HOSTNAMES=kubernetes,kubernetes.default,kubernetes.default.svc,kubernetes.default.svc.cluster,kubernetes.svc.cluster.local,kubernetes.hardk8s.local
cat > kubernetes-csr.json <<EOF
{
"CN": "kubernetes",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "US",
"L": "At Home",
"O": "Kubernetes",
"OU": "Kubernetes The Harder Way",
"ST": "California"
}
]
}
EOF
cfssl gencert \
-ca=ca.pem \
-ca-key=ca-key.pem \
-config=ca-config.json \
-hostname=10.32.0.1,10.240.0.10,10.240.0.11,10.240.0.12,${KUBERNETES_PUBLIC_ADDRESS},127.0.0.1,${KUBERNETES_HOSTNAMES} \
-profile=kubernetes \
kubernetes-csr.json | cfssljson -bare kubernetes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment