kubernetes
/
website
mirror of https://github.com/kubernetes/website.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Update setup-konnectivity.md 

Add missing volume config.
pull/25472/head
Xiang Dai 2020-12-08 10:01:47 +08:00
parent cfe47ddf9e
commit b445946ce2
1 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
content/en/docs/tasks/extend-kubernetes/setup-konnectivity.md
View File

@ -37,8 +37,22 @@ by providing the following flags to the kube-apiserver:
1. Create an egress configuration file such as `admin/konnectivity/egress-selector-configuration.yaml`. 1. Create an egress configuration file such as `admin/konnectivity/egress-selector-configuration.yaml`.
1. Set the `--egress-selector-config-file` flag of the API Server to the path of 1. Set the `--egress-selector-config-file` flag of the API Server to the path of
your API Server egress configuration file. your API Server egress configuration file.
1. If you use UDS connection, add volumes config to the kube-apiserver:
```yaml
spec:
containers:
volumeMounts:
- name: konnectivity-uds
mountPath: /etc/kubernetes/konnectivity-server
readOnly: false
volumes:
- name: konnectivity-uds
hostPath:
path: /etc/kubernetes/konnectivity-server
type: DirectoryOrCreate
```
Generate or obtain a certificate and kubeconfig for konnectivity-server. Generate or obtain a certificate and kubeconfig for konnectivity-server.
For example, you can use the OpenSSL command line tool to issue a X.509 certificate, For example, you can use the OpenSSL command line tool to issue a X.509 certificate,
using the cluster CA certificate `/etc/kubernetes/pki/ca.crt` from a control-plane host. using the cluster CA certificate `/etc/kubernetes/pki/ca.crt` from a control-plane host.