Skip to content

Instantly share code, notes, and snippets.

@kbruner

kbruner/gen.sh Secret

Last active Dec 8, 2020
Embed
What would you like to do?
for instance in worker-0 worker-1 worker-2; do
cat > ${instance}-csr.json <<EOF
{
"CN": "system:node:${instance}",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "US",
"L": "At Home",
"O": "system:nodes",
"OU": "Kubernetes The Harder Way",
"ST": "California"
}
]
}
EOF
INTERNAL_IP=$(host ${instance} | awk '{print $4}')
cfssl gencert \
-ca=ca.pem \
-ca-key=ca-key.pem \
-config=ca-config.json \
-hostname=${instance},${INTERNAL_IP} \
-profile=kubernetes \
${instance}-csr.json | cfssljson -bare ${instance}
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment