51b0ebc934
Merge pull request #45073 from neolit123/1.30-add-external-ca-notes
...
kubeadm-certs: add notes about different external CA approaches
2024-02-16 09:53:39 -08:00
217f88267f
Merge pull request #44832 from adityasamant25/kubeadm-upgrade
...
Use sudo for elevated permissions while upgrading clusters using kubeadm
2024-02-15 12:24:12 -08:00
fd764e39ae
Merge pull request #44951 from sftim/20240130_revise_encryption_at_rest
...
Reword advice about encryption-at-rest opt outs
2024-02-13 22:48:21 -08:00
69706582d4
Fix mermaid syntax error
2024-02-13 14:14:10 +05:45
0290715170
Fix path for example yaml in 'Coarse Parallel Processing Using a Work Queue' task page ( #45022 )
...
* Fix link for example yaml
* Fix link for example yaml
Co-authored-by: Dipesh Rawat <rawat.dipesh@gmail.com>
---------
Co-authored-by: Dipesh Rawat <rawat.dipesh@gmail.com>
2024-02-12 11:12:06 -08:00
9593771ee9
kubeadm-certs: add notes about different external CA approaches
...
There are multiple ways to prepare the credentials for use
with "external CA" mode:
- manual
- using kubeadm CSRs
- using kubeadm phases
2024-02-09 12:23:03 +02:00
6d6b17abd1
Reword advice about encryption-at-rest opt outs
...
Co-authored-by: Shannon Kularathna <ax3shannonkularathna@gmail.com>
2024-01-31 15:59:25 +00:00
5a859a79d8
Fix highlighting for added lines
2024-01-30 17:48:46 +00:00
07b14de027
Fix highlighting
2024-01-30 17:02:25 +00:00
c4937ba3a4
Document NFD for GPU Labeling
...
Signed-off-by: Carlos Eduardo Arango Gutierrez <eduardoa@nvidia.com>
2024-01-30 17:23:54 +01:00
54ab2e8149
Merge pull request #44897 from mengjiao-liu/fix-dns-autoscaler-name
...
Fix Deployment and ConfigMap name in the dns-horizontal-autoscaling page
2024-01-26 17:46:31 +01:00
6089916922
Merge pull request #44801 from sftim/20240118_revise_encryption_at_rest
...
Revise introduction to encryption at rest page
2024-01-26 17:27:42 +01:00
54145dd9cb
Merge pull request #43824 from ptrovatelli/patch-1
...
Update configure-upgrade-etcd.md
2024-01-26 02:47:03 +01:00
7e2f696572
Fix Deployment and ConfigMap name in the dns-horizontal-autoscaling page
2024-01-25 15:51:03 +08:00
c6e210f8f1
Added sudo permissions as necessary.
2024-01-24 15:32:46 +05:30
1ab49249ab
Merge pull request #44823 from my-git9/patch-13962
...
Correct incorrect expressions for debug-pods
2024-01-23 14:20:48 +01:00
ca81744686
Merge pull request #44831 from 1000Delta/fix_access-cluster-services
...
Fix access-cluster-services.md list indent
2024-01-23 14:17:48 +01:00
cfc9eb01da
Additional links to "What's next" in determine-reason-pod-failure.md ( #44288 )
...
Issue #44207
2024-01-22 04:31:23 +01:00
586fd88b02
Fix access-cluster-services.md list indent
2024-01-21 15:58:46 +08:00
5fcc71ad51
[en] Correct incorrect expressions
...
Signed-off-by: xin.li <xin.li@daocloud.io>
2024-01-20 23:44:36 +08:00
fbf9b4fd7c
Merge pull request #44776 from BRONSOLO/patch-1
...
Update encrypt-data.md
2024-01-19 23:22:41 +01:00
dd7e3966ef
Revise introduction to encryption at rest page
...
Help readers check if they need to follow the task.
2024-01-19 00:23:25 +00:00
26e760da6e
Update references to CNCF landscape (v2)
...
This PR updates all the references to the CNCF landscape (v2). This includes migrating to the new embeddable views that the new landscape provides, changing how iframe-resizer is used and updating a few links.
Related to #44022
Signed-off-by: Cintia Sanchez Garcia <cynthiasg@icloud.com>
2024-01-18 12:36:45 +01:00
09e79db506
Add example command to create /etc/apt/keyrings directory ( #43626 )
...
* create folder for key
The following command will fail without the folder created manually beforhand.
```
curl -fsSL https://dl.k8s.io/apt/doc/apt-key.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-archive-keyring.gpg
```
* updated instruction
updated according to the comment in the PR
* updated mkdir part
* Updated mkdir
2024-01-17 17:01:14 +01:00
ef9194bdf3
Merge pull request #44721 from sftim/20240112_revise_encryption_at_rest
...
Recommend replicating encryption key for API data encryption at rest
2024-01-17 16:56:30 +01:00
b1929ab8a8
Update encrypt-data.md
...
Fix as ---> at typo
2024-01-17 10:40:02 -05:00
5799e6e4c6
Fix the links in the ConfigMap documentation related to projection of keys and file permissions.
2024-01-15 14:17:34 +05:30
0f9ab60a3c
Update CoreDNS installation docs
...
Co-authored-by: Tim Bannister <tim@scalefactory.com>
2024-01-14 20:29:41 +05:30
5ee30f167a
fixed installation guide in using CoreDNS for Service Discovery page
2024-01-14 19:41:35 +05:30
cb27724d3e
Merge pull request #43247 from srm09/patch-1
...
Fixes comment for webhook conversion strategy
2024-01-13 07:06:22 +01:00
0e05396f1b
Recommend replicating encryption key
...
When using API encryption at rest without KMS, the same encryption key
must be securely replicated to all the hosts that run a kube-apiserver.
Document that.
2024-01-12 14:38:25 +00:00
8106c6e092
Add notes on kubeadm clusters version ( #44683 )
...
* Add notes on kubeadm clusters version
Update content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade.md
Co-authored-by: Dipesh Rawat <rawat.dipesh@gmail.com>
move into additional information
* Update content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-upgrade.md
Co-authored-by: Tim Bannister <tim@scalefactory.com>
---------
Co-authored-by: Tim Bannister <tim@scalefactory.com>
2024-01-09 18:07:50 +01:00
bfbe2db97b
Highlight initial comment
...
Make the initial comment extra obvious to readers.
2024-01-08 17:55:46 +00:00
ec8a3cb52d
Merge pull request #44532 from sftim/20231226_encryption_at_rest
...
Improve docs around API data encryption at rest
2024-01-08 18:32:23 +01:00
cca14eff62
Merge pull request #44571 from hunshcn/fix/link
...
fix outdated link/anchor
2024-01-07 23:15:35 +01:00
a416215bbf
Merge pull request #42446 from pacoxu/pacoxu-patch-1
...
Make image registry hostname more obvious in example
2024-01-07 23:06:53 +01:00
f646fb0627
Merge pull request #43808 from morhook/patch-1
...
Add a clarification for autoscaling on minikube
2024-01-05 10:26:43 +01:00
bcc55ae7c9
fix outdated link/anchor
...
Signed-off-by: hunshcn <hunsh.cn@gmail.com>
2024-01-03 15:00:11 +08:00
e2509cb624
Merge pull request #44506 from Takashiidobe/fix-typos
...
fix typos
2024-01-02 19:29:55 +01:00
e17cd06c3d
Revise guidance for rotating a decryption key
2024-01-02 11:14:30 +00:00
b749f91f12
Document avoiding plain text retrieval
...
When you have set up your cluster for encryption at rest, you can take
this defence in depth measure to make sure that anything held without
encryption causes a retrieval error (which is then more likely to flag
that there is a problem).
2024-01-02 11:14:30 +00:00
8b46ec4047
Fix several link errors
2024-01-01 21:15:50 +08:00
6a7240f55b
fix serviceaccount-token-volume-projection link
2023-12-28 21:39:19 +08:00
c807f97145
Merge pull request #44355 from hunshcn/sysctl
...
update safe sysctls (v1.29)
2023-12-27 12:44:29 +01:00
0f285fd32d
Merge pull request #44085 from sftim/20231125_explain_protection_encryption_keys
...
Explain more about protection for encryption keys (API data encryption at rest)
2023-12-26 07:18:49 +01:00
fc8e79b96c
update safe sysctl
...
Signed-off-by: hunshcn <hunsh.cn@gmail.com>
2023-12-25 10:47:54 +08:00
d536e46dbd
fix typos
2023-12-24 21:00:53 -05:00
ada845e5e1
Link to KMS setup doc
2023-12-22 11:33:36 +00:00
9f8b35d93f
Redo API encryption at rest explanation
...
- Explain importance of protecting keys and other material that can be
used to decrypt data in etcd
- Revise the explanation for a non-KMS setup example
2023-12-22 11:33:36 +00:00
bd4d92763f
Merge pull request #44043 from steve-hardman/fix-kubectl-mac-step
...
Fix cleanup instruction in macOS kubectl installation page
2023-12-22 07:45:54 +01:00
Kubernetes Prow Robot
Puru
steve-hardman
Lubomir I. Ivanov
Tim Bannister
Carlos Eduardo Arango Gutierrez
Kubernetes Prow Robot
Mengjiao Liu
Aditya Samant
Abel Lu
DeltaX
xin.li
Cintia Sanchez Garcia
Christine K
Chuck Bronson
PrashantDesale2004
PrashantDesale2004
John Huang
hunshcn
Qiming Teng
Takashiidobe