kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #35162 from hs0210/control-plane-nc 

[zh-cn] resync docs/concepts/architecture/control-plane-node-communication.md
This commit is contained in:
Kubernetes Prow Robot 2022-07-19 18:42:37 -07:00 committed by GitHub
parent a2fc253917 7b9dd1db16
commit 42d7f93da8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/zh-cn/docs/concepts/architecture/control-plane-node-communication.md
View File

@ -54,7 +54,7 @@ API 服务器被配置为在一个安全的 HTTPS 端口(通常为 443
Nodes should be provisioned with the public root certificate for the cluster such that they can
connect securely to the API server along with valid client credentials. A good approach is that the
client credentials provided to the kubelet are in the form of a client certificate. See
[kubelet TLS bootstrapping](/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/)
[kubelet TLS bootstrapping](/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/)
for automated provisioning of kubelet client certificates.
-->
应该使用集群的公共根证书开通节点,这样它们就能够基于有效的客户端凭据安全地连接 API 服务器。