kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #31004 from clementnuss/patch-1 

docs: add link to a new kubelet csr approver
pull/31041/head
Kubernetes Prow Robot 2021-12-20 07:04:56 -08:00 committed by GitHub
parent 787b92dff0 65eaccecf5
commit 5782f65264
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/en/docs/tasks/administer-cluster/kubeadm/kubeadm-certs.md
View File

@ -283,7 +283,7 @@ the node identity with an out of band mechanism.
{{% thirdparty-content %}}
Third party custom controllers can be used:
- [kubelet-rubber-stamp](https://github.com/kontena/kubelet-rubber-stamp)
- [kubelet-csr-approver](https://github.com/postfinance/kubelet-csr-approver)
Such a controller is not a secure mechanism unless it not only verifies the CommonName
in the CSR but also verifies the requested IPs and domain names. This would prevent