kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
website/content/en/docs/setup/best-practices
History
Lubomir I. Ivanov ddb784aab1 certificates.md: add note about system:masters in apiserver cert 
The kube-apiserver flag --kubelet-client-certificate
accepts a client certificate (kube-apiserver-kubelet-client.crt)
to connect to the kubelet. There is no need for this certificate
to have "system:masters" as "O" in the Subject, instead it
can be a less privileged group like kubeadm's "kubeadm:cluster-admins".
 		2023-11-10 15:17:26 +02:00
..
_index.md
certificates.md certificates.md: add note about system:masters in apiserver cert 2023-11-10 15:17:26 +02:00
cluster-large.md
enforcing-pod-security-standards.md
multiple-zones.md
node-conformance.md