7347a9d008
Remove code reference
...
Remove reference in favor of https://github.com/kubernetes/website/issues/23889
2021-01-11 11:57:32 -06:00
1b70e98626
Add the code blocks in authorization.md
...
* Add the code blocks in the Markdown spec to make it easy to read.
* Add description that distinguish between **command** and **output** make it easy to read.
* Adjust description in Kubernetes components for smoother reading.
Signed-off-by: ydFu <ader.ydfu@gmail.com>
2021-01-09 11:57:24 +08:00
e72ec8fbd0
Update misleading documentation
...
Update misleading information that HTTPS is required and link to self-documented code to find more edge-case configuration options
2021-01-08 13:40:07 -06:00
284d725ee0
Update rbac.md
...
I added a <br> after the end of the third bullet and backed out all of the other changes I suggested in the original pull request. I think this better matches the author's original intent. The only difference now between what's currently published and this edit is the line break coded after the third bullet.
2021-01-08 14:10:01 -05:00
0245ad3aad
Remove too old content
2021-01-05 20:57:13 +02:00
95577c1fa5
Update rbac.md
...
The page renders the third bullet as a run-on sentence. I'm suggesting the example be placed in parentheses.
2020-12-29 16:20:54 -05:00
7a175d551a
Update rbac.md
...
The language "For all service accounts in the "qa" namespace" in the example is confusing namespaces and groups. Language fixed to disambiguate between group and namespace. An additional example provided which uses both the group ("dev") AND the namespace ("development") to further illustrate this point
2020-12-26 13:41:02 -08:00
ad85bdb054
Include missing cert export step
...
Updating the instructions to include missing step of getting issued cert exported from kubernetes, decoded, and ready for kubeconfig setup.
2020-12-20 11:36:20 -08:00
86d9492ccb
Merge remote-tracking branch 'upstream/master' into merged-master-dev-1.20
2020-12-03 11:58:44 -08:00
2bc7fbad27
Fix the text in the authorization diagram
2020-11-26 19:09:42 +09:00
cb802d23b1
Merge pull request #25147 from timhughes/patch-1
...
Updates links to Dex
2020-11-25 21:46:19 -08:00
d8ae37587e
Merge remote-tracking branch 'upstream/master' into dev-1.20 to keep in sync - 11-25-2020
2020-11-25 07:03:22 -08:00
f5132af21e
Updates links to Dex
2020-11-25 13:48:56 +00:00
b5c0e5ea14
Replace the diagram on authentication page with the one by mermaid.
2020-11-23 14:12:21 +09:00
c2a33c3403
fix dex/kubernetes link
2020-11-19 18:09:22 +00:00
20546141c0
Merge pull request #24698 from SergeyKanzhelev/runtimeGA
...
RuntimeClass GA
2020-11-12 03:10:50 -08:00
bb33373bb3
Merge branch 'master' into dev-1.20
2020-11-11 14:55:30 +01:00
6d90079245
Merge pull request #23842 from tengqm/improve-sa-admin
...
Improve ServiceAccount administration doc
2020-11-10 18:25:48 -08:00
0b4952dd88
separate RootCAConfigMap from BoundServiceAccountToken and Beta
2020-11-10 15:18:29 -08:00
358bc69dde
Merge pull request #24878 from ebriand/patch-5
...
Update default admission plugins for 1.19
2020-11-08 12:07:37 -08:00
cee9e620ca
Use different wording to not quote current version
2020-11-05 17:21:08 +01:00
b436a816e9
Merge pull request #24889 from reylejano-rxm/merged-master-dev-1.20
...
Merge master into dev-1.20 to keep in sync - 11-4-20
2020-11-04 12:46:53 -08:00
44fd64ef5c
Merge pull request #24639 from ankeesler/exec-cred-prov-cluster-info
...
exec credential provider: cluster info details
2020-11-04 11:20:52 -08:00
48266bd653
Merge remote-tracking branch 'upstream/master' into dev-1.20
2020-11-04 10:32:10 -08:00
c869ef67a8
Update default admission plugins for 1.19
2020-11-04 09:56:20 +01:00
300c2e8545
Better docs for standard topology labels
...
As per KEP 1659, topology labels are now more formalized. Move away
from the older `failure-domain.beta` names ands use `topology` names
instead.
2020-11-03 11:27:58 -08:00
c855d5d68c
exec credential provider: make arbitrary JSON more explicit
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-03 12:19:16 -05:00
63283f5c31
Update content/en/docs/reference/access-authn-authz/admission-controllers.md
2020-10-29 17:22:26 -07:00
6d51948652
Update content/en/docs/reference/access-authn-authz/admission-controllers.md
...
Co-authored-by: Tim Bannister <tim@scalefactory.com>
2020-10-29 17:19:11 -07:00
72a66b6969
RuntimeClass GA
2020-10-23 20:57:54 +00:00
45ec60bed5
Merge master into dev-1.20 to keep in sync
2020-10-22 17:44:02 +02:00
00fd1a68f2
Fix links in reference section
2020-10-22 15:19:30 +08:00
2ff3d1f7d3
Improve ServiceAccount administration doc
...
This PR fixes some nits in the doc and slightly revised the content to
conform to content guidelines.
2020-10-21 10:47:08 +08:00
78351ecaf5
Transfer “Controlling Access to the Kubernetes API” to the Concepts section
...
Readers from several different backgrounds will find it useful to know
about how Kubernetes controls access to its API. Promote this overview
to the Security subsection of Concepts.
2020-10-20 23:41:56 +01:00
3edb970570
Move API overview to be a Docsy section overview
2020-10-20 23:41:54 +01:00
ac8ce96c08
Merge pull request #24653 from jpetazzo/clarify-csr-cluster-signing-duration
...
Clarify expiration of certificates signed by kube-controller-manager
2020-10-20 14:28:19 -07:00
7cfdee6b87
Merge pull request #22715 from logicalhan/monitoring
...
add documentation for system:monitoring rbac policy
2020-10-20 14:22:21 -07:00
1932647552
Clarify expiration/lifetime of certificates signed by kube-controller-manager
...
The current wording of the documentation suggests that the duration/expiration
of the certificates can be changed by asking a specific time in the CSR. While
it's technically possible to specify a duration (e.g. as a custom annotation),
there is no agreed-upon method to do so, and the built-in signer uses a fixed
expiration time anyway.
This clarifies the situation.
See kubernetes/kubernetes#92678 for discussion.
Signed-off-by: Jerome Petazzoni <jerome.petazzoni@gmail.com>
2020-10-20 22:37:25 +02:00
df5f80f69b
Merge pull request #24604 from mdgrotheer/patch-1
...
Update authentication.md
2020-10-20 11:48:19 -07:00
92a09b23fa
Style tweaking for CSR reference page
2020-10-20 09:08:54 +08:00
6fc4e102b8
exec credential provider: cluster info details
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-10-19 10:44:37 -04:00
519f8ec5bc
Update authentication.md
...
Small grammatical corrections
2020-10-16 09:20:23 -07:00
5dab375fd3
Translate reference/certificate-signing-requests.md into Chinese and fix a bug in origin file, 24065
...
make change according to Tengqm's comment
2020-10-16 22:27:15 +08:00
4688a3679c
Update API group url
...
The "core API group" url points to a wrong page that does not explain anything about "core API group". Update the url to point to the correct page.
2020-10-09 15:21:58 +08:00
f37f473210
add documentation for system:monitoring rbac policy
2020-10-08 15:50:49 -07:00
0703805305
Merge pull request #24349 from liggitt/tokenreview
...
Clarify tokenreview API
2020-10-07 16:00:15 -07:00
5ff7c64134
Clarify tokenreview API
2020-10-07 10:21:30 -04:00
23a13ec9d8
fix indent
2020-10-07 16:54:11 +09:00
2551034ebd
fix api version in certificate signing request doc
2020-10-06 22:42:32 +11:00
9e01fb5560
Merge pull request #24037 from RULCSoft/fix-typos
...
Fix typos
2020-10-02 07:25:20 -07:00
2a25de3a78
Update certificate-signing-requests.md
...
Reworded the sentence for easy comprehension.
2020-09-30 15:47:08 -07:00
65e706e346
add signerName to CertificateSigningRequest
...
signerName is now mandatory. The provided example fails in 1.19.2 with: `kubernetes missing required field "signerName"`
2020-09-25 18:01:21 -04:00
1213635880
Fix typos
2020-09-21 15:36:01 -06:00
51d910e1eb
Merge pull request #24004 from negz/patch-1
...
Clarify that bind verb does not require resourceNames
2020-09-20 08:22:30 -07:00
2f9b5e122e
Move bind verb resourceNames hint inline of example
2020-09-19 16:34:06 -07:00
f6496b0de5
Clarify that bind verb does not require resourceNames
...
This may be intuitive for most, but the existing phrasing read to me as
if `bind` were a special-case verb that _required_ me to explicitly state
which Roles or ClusterRoles it should apply to.
> You can only create/update a role binding if you […] or if you have
> been authorized to perform the bind verb on the referenced role.
> Grant them permissions needed to bind a particular role […]
> explicitly, by giving them permission to perform the bind verb on the
> particular Role (or ClusterRole).
2020-09-19 03:30:30 -07:00
147668a7d2
Add reference to default-not-ready-toleration-seconds and default-unreachable-toleration-seconds k8s-apiserver input parameters in the subsection describing the DefaultTolerationSeconds admission controller
2020-09-18 11:38:18 -04:00
ba9bb9d916
Fix non-existing taint example
2020-09-17 17:41:20 +08:00
5f5840f825
Merge pull request #23908 from cbrgm/patch-1
...
Fix spelling in authentication.md
2020-09-16 04:33:19 -07:00
c77d436eaf
Fix spelling in authentication.md
...
Rename `name-of-api-sever` to `name-of-api-server`.
2020-09-15 17:21:59 +02:00
1425384888
fix description of signerName
...
Removed a line related to signerName because the feature is GA.
2020-09-15 09:14:52 -05:00
9a06c1bc95
Updating apiVersion for Certificate Signing Request object #1
...
Issue detected: There are two references to old apiVersion for CertificateSigningRequest object
Ref: CertificateSigningRequest API is promoted to certificates.k8s.io/v1 (https://kubernetes.io/docs/setup/release/notes/#api-change )
Fix: Replaced "certificates.k8s.io/v1beta1" by "certificates.k8s.io/v1"
2020-09-15 00:19:50 -05:00
87d36ecfe1
Fix incorrect guidance on enabling EventRateLimit
2020-09-09 09:48:47 +01:00
24b350662c
Remove links to cloud providers page
2020-08-28 12:53:42 +01:00
70b75e16f0
Merge pull request #22981 from shuuji3/en/replace-special-quote-with-normal-ones
...
Replace special quote characters with normal ones
2020-08-26 14:55:02 -07:00
95c94c03d5
resolving conflicts
2020-08-23 12:13:37 -04:00
0519271bb4
fix a minor typo "scopes," -> "scopes",
2020-08-16 18:17:35 -07:00
09d0f598fa
Merge master into dev-1.19 to keep in sync
2020-08-11 08:34:02 -05:00
c6a96128c4
Replace special quote characters with normal ones.
2020-08-11 21:05:22 +09:00
1e0c500571
add content_type param, kubeadm pages
...
add no_list, clean up toc-hide params
2020-08-10 08:41:49 -04:00
d592baed54
Replace redirections in the reference section
...
This PR removes the redirections used in the reference section and fixes
some bad links.
2020-08-08 12:35:52 +08:00
664464806c
Merge pull request #22470 from tengqm/fix-19985
...
Tweak paragraph to kill orphaned fragment
2020-08-06 08:51:42 -07:00
ee4aa53115
Fix the command in authorization.md
2020-08-04 09:08:36 +08:00
53c71ad3f9
Merge remote-tracking branch 'upstream/master' into dev-1.19
2020-08-03 16:09:39 -04:00
031747e460
Tweak paragraph to kill orphaned fragment
2020-08-03 21:18:55 +08:00
d31b79cc15
Merge pull request #22743 from tabbysable/patch-1
...
Clarify meaning of group
2020-07-27 19:41:08 -07:00
e2a861c2f9
Merge remote-tracking branch 'upstream/master' into dev-1.19
2020-07-27 19:10:42 -04:00
e1485cd5d7
Merge pull request #22773 from tegonal/doc-auth
...
doc(auth): typo
2020-07-27 15:06:10 -07:00
9880cbd671
Merge pull request #22318 from tengqm/fix-19996
...
Fix pages that reference removed API groups
2020-07-26 19:38:18 -07:00
788706f42d
Clarify meaning of group
...
Define the word group without using the word group.
2020-07-25 23:35:34 -05:00
e7c2510a89
Mark RBAC table header as header
...
Use <thead> and <tbody> elements to distinguish between the header and
the body of the table. Slightly improves accessibility and also visual
style.
2020-07-23 23:53:33 +01:00
53f2d23359
resolving conflicts
2020-07-19 19:15:36 -04:00
c26fdebaad
Merge pull request #21108 from liggitt/csr-ga
...
Rotate kubelet client certificates GA, CSR API GA
2020-07-15 14:50:37 -07:00
f12bc65e80
Address doc review comments
2020-07-15 12:24:42 -04:00
78d4a10243
CSR API to GA
2020-07-15 11:56:07 -04:00
2d4357abc6
Add deprecation warning info
2020-07-15 11:30:44 -04:00
f7d2e6da8c
Merge pull request #22441 from ankeesler/ankeesler/exec-cred-prov-install-hint
...
Update external credential providers docs with install hint details
2020-07-15 05:52:37 -07:00
74dbe5de22
fix tolerationsWhitelist annotation example
2020-07-15 09:12:30 +02:00
bf3d54dedd
defaultTolerations example fix
...
defaultTolerations has to be unmarshall-able as an array
2020-07-14 13:01:21 +02:00
371ac1ffb5
Update external credential providers docs with install hint details
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-07-09 11:57:16 -04:00
0ebc16c10c
resolving conflicts
2020-07-08 16:01:48 -04:00
e140c2a6dc
doc(auth): typo
2020-07-06 08:09:26 +02:00
64f62106c1
Fix issue of document link in some documents
2020-07-05 22:46:08 +09:00
e097b93c8e
Fix pages that reference removed API groups
...
Quite some resources have been moved out of the `extensions` API group
since 1.18; the `apps/v1beta1` and `apps/v1beta2` group versions are
also dropped. This PR updates the pages which still reference such API
groups or group versions.
2020-07-04 13:23:26 +08:00
220d754880
Merge remote-tracking branch 'upstream/master' into dev-1.19
2020-06-30 18:02:37 -04:00
d33dc9f178
shell fix
...
Fix missing'EOF' terminator
2020-06-28 15:51:22 +08:00
2c6ba2cb32
address PR comments
2020-06-25 15:06:55 -07:00
97850ed430
cert-signing-requests fix
2020-06-25 14:27:10 -07:00
0c812fad45
Merge pull request #20443 from fernandokarnagi/master
...
Added steps for normal user authentication
2020-06-21 05:48:39 -07:00
38248db194
Fix feature state tags
2020-06-19 08:50:33 -07:00
Charly Rippenkroeger
ydFu
Edward Rosen
Roman Marusyk
Rajesh Jain
Mike Patterson
Kristin Martin
TAKAHASHI Shuuji
Kubernetes Prow Robot
reylejano-rxm
Tim Hughes
mkontani
Irvi Aini
Shihang Zhang
Eric Briand
Tim Hockin
Andrew Keesler
Sergey Kanzhelev
eagleusb
Qiming Teng
Tim Bannister
Jerome Petazzoni
Matthew Grotheer
luzg
Chen, Xu Chun (Simon)
Han Kang
Jordan Liggitt
makocchi-git
Kumar Gaurav
santadasu
Alain De Carolis
Jorge Vallecillo
Nic Cope
Ramkumar Gowrishankar
povsister
Chris Bargmann
Chris Tomas
Paulo Gomes
Savitha Raghunathan
shumiao
Anna Jung
Karen Bradshaw
Yecheng Fu
Tabitha Sable
Daniel Kucera
Robert Stoll
Jerry Park
wawa
Emily Moss
Celeste Horgan