kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #25472 from daixiang0/patch-1 

Update setup-konnectivity.md
pull/25772/head
Kubernetes Prow Robot 2020-12-22 15:18:27 -08:00 committed by GitHub
parent 4b196158c5 b445946ce2
commit 104bc0eab4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
content/en/docs/tasks/extend-kubernetes/setup-konnectivity.md
View File

@ -37,6 +37,20 @@ by providing the following flags to the kube-apiserver:
1. Create an egress configuration file such as `admin/konnectivity/egress-selector-configuration.yaml`. 1. Create an egress configuration file such as `admin/konnectivity/egress-selector-configuration.yaml`.
1. Set the `--egress-selector-config-file` flag of the API Server to the path of 1. Set the `--egress-selector-config-file` flag of the API Server to the path of
your API Server egress configuration file. your API Server egress configuration file.
1. If you use UDS connection, add volumes config to the kube-apiserver:
```yaml
spec:
containers:
volumeMounts:
- name: konnectivity-uds
mountPath: /etc/kubernetes/konnectivity-server
readOnly: false
volumes:
- name: konnectivity-uds
hostPath:
path: /etc/kubernetes/konnectivity-server
type: DirectoryOrCreate
```
Generate or obtain a certificate and kubeconfig for konnectivity-server. Generate or obtain a certificate and kubeconfig for konnectivity-server.
For example, you can use the OpenSSL command line tool to issue a X.509 certificate, For example, you can use the OpenSSL command line tool to issue a X.509 certificate,