mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-08-20 22:21:13 +02:00
Code Issues Packages Projects Releases Wiki Activity
talos/docs/configuration/index.xml
Andrew Rynhard 9e947c3fa5
feat: add automated PKI for joining nodes (#406) 
Signed-off-by: Andrew Rynhard <andrew@andrewrynhard.com>
2019-02-23 23:17:56 -08:00

48 lines
2.8 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
<title>Configuration on Talos</title>
<link>https://talos.autonomy.io/configuration/</link>
<description>Recent content in Configuration on Talos</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
<lastBuildDate>Mon, 29 Oct 2018 19:40:55 -0700</lastBuildDate>
<atom:link href="https://talos.autonomy.io/configuration/index.xml" rel="self" type="application/rss+xml" />
<item>
<title>osd</title>
<link>https://talos.autonomy.io/configuration/osd/</link>
<pubDate>Sat, 03 Nov 2018 17:14:49 -0700</pubDate>
<guid>https://talos.autonomy.io/configuration/osd/</guid>
<description>The osd service enforces a high level of security by utilizing mutual TLS for authentication and authorization. In this section we will configure mutual TLS by generating the certificates for the servers (osd) and clients (osctl).
Cluster Owners We recommend that the configuration of osd be performed by a cluster owner. A cluster owner should be a person of authority within an organization. Perhaps a director, manager, or senior member of a team.</description>
</item>
<item>
<title>Masters</title>
<link>https://talos.autonomy.io/configuration/masters/</link>
<pubDate>Mon, 29 Oct 2018 19:40:55 -0700</pubDate>
<guid>https://talos.autonomy.io/configuration/masters/</guid>
<description>Configuring master nodes in a Talos Kubernetes cluster is a two part process:
configuring the Talos specific options and configuring the Kubernetes specific options To get started, create a YAML file we will use in the following steps:
touch &amp;lt;node-name&amp;gt;.yaml Configuring Talos Injecting the Talos PKI Using osctl, and our output from the osd configuration documentation, inject the generated PKI into the configuration file:
osctl inject os --crt &amp;lt;organization&amp;gt;.</description>
</item>
<item>
<title>Workers</title>
<link>https://talos.autonomy.io/configuration/workers/</link>
<pubDate>Mon, 29 Oct 2018 19:40:55 -0700</pubDate>
<guid>https://talos.autonomy.io/configuration/workers/</guid>
<description>Configuring the worker nodes is much more simple in comparison to configuring the master nodes. Using the trustd API, worker nodes submit a CSR, and, if authenticated, receive a valid osd certificate. Similarly, using a kubeadm token, the node joins an existing cluster.
We need to specify:
the osd public certificate trustd credentials and endpoints and a kubeadm JoinConfiguration version: &amp;quot;&amp;quot; ... services: kubeadm: configuration: | apiVersion: kubeadm.k8s.io/v1alpha3 kind: JoinConfiguration .</description>
</item>
</channel>
</rss>
Reference in New Issue View Git Blame Copy Permalink