How does bare metal machine use token #7892
Labels
kind/support
Categorizes issue or PR as a support question.
Comments
mbforbes
added
kind/support
|
+cc @roberthbailey |
|
/cc @cjcullen Today this requires basically manually replicating what salt is doing on GCE (generate a bearer token and add it to a csv file that is loaded by the apiserver). If you give it the same name as we do on GCE, the line in your csv file should look like:
Then you should be able to use the dns pod as is. We are hoping that the service account PR (#7101) will allow us to use service accounts in the system namespace to replace this token generation. |
|
thanks for the reply.I will wait for #7101 to land |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@erictune
As #5470 and #5921 said. I agreed with your idea to use secret to enhance the security of the internal cluster.But the secret are created for gke using saltstack . I don't know how to generate it for a bare metal ubuntu cluster.Now when I want to deploy skydns with 0.16.0 k8s, it complains it can't find a token. I want to integrate this feature to the ubuntu k8s deployment .Please tell me how. Thanks a lot
The text was updated successfully, but these errors were encountered: