h后宫动漫,警察尸体河中现,博瑞传播最新消息
1 [root@k8smaster01 ~]# mkdir -p /opt/k8s/cert 2 3 [root@k8smaster01 ~]# curl -l https://pkg.cfssl.org/r1.2/cfssl_linux-amd64 -o /opt/k8s/bin/cfssl #下载cfssl软件 4 [root@k8smaster01 ~]# curl -l https://pkg.cfssl.org/r1.2/cfssljson_linux-amd64 -o /opt/k8s/bin/cfssljson #下载json模板 5 [root@k8smaster01 ~]# curl -l https://pkg.cfssl.org/r1.2/cfssl-certinfo_linux-amd64 -o /opt/k8s/bin/cfssl-certinfo 6 [root@k8smaster01 ~]# chmod u+x /opt/k8s/bin/* 7 [root@k8smaster01 ~]# export path=/opt/k8s/bin:$path
1 [root@k8smaster01 ~]# mkdir -p /opt/k8s/work 2 [root@k8smaster01 ~]# cd /opt/k8s/work 3 [root@k8smaster01 work]# cfssl print-defaults config > config.json 4 [root@k8smaster01 work]# cfssl print-defaults csr > csr.json #创建模版配置json文件 5 [root@k8smaster01 work]# cp config.json ca-config.json #复制一份作为ca的配置文件 6 [root@k8smaster01 work]# cat > ca-config.json <<eof 7 { 8 "signing": { 9 "default": { 10 "expiry": "168h" 11 }, 12 "profiles": { 13 "kubernetes": { 14 "expiry": "87600h", 15 "usages": [ 16 "signing", 17 "key encipherment", 18 "server auth", 19 "client auth" 20 ] 21 } 22 } 23 } 24 } 25 eof
1 [root@k8smaster01 work]# cp csr.json ca-csr.json #复制一份作为ca的证书签名请求文件 2 [root@k8smaster01 work]# cat > ca-csr.json <<eof 3 { 4 "cn": "kubernetes", 5 "key": { 6 "algo": "rsa", 7 "size": 2048 8 }, 9 "names": [ 10 { 11 "c": "cn", 12 "st": "shanghai", 13 "l": "shanghai", 14 "o": "k8s", 15 "ou": "system" 16 } 17 ] 18 } 19 eof
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# cfssl gencert -initca ca-csr.json | cfssljson -bare ca #生成ca密钥(ca-key.pem)和证书(ca.pem)
1 [root@k8smaster01 ~]# cd /opt/k8s/work 2 [root@k8smaster01 work]# source /opt/k8s/bin/environment.sh 3 [root@k8smaster01 work]# for all_ip in ${all_ips[@]} 4 do 5 echo ">>> ${all_ip}" 6 ssh root@${all_ip} "mkdir -p /etc/kubernetes/cert" 7 scp ca*.pem ca-config.json root@${all_ip}:/etc/kubernetes/cert 8 done
如对本文有疑问,请在下面进行留言讨论,广大热心网友会与你互动!! 点击进行留言回复
linux下文本编辑器vim的使用方法(复制、粘贴、替换、行号、撤销、多文件操作)
网友评论