Question on how to make this script work

Secure metrics server

Official metrics-server deploys onto Kubernetes is insecure.

This repo provides a way to generate metrics-server server certificate and key by Kubernetes CA. Then, deploys metrics-server in secure.

Prerequisite

kubectl CLI
kustomize CLI

Demo

KIND

Clone upstream metrics-server manifests.

At here, we clone the current latest metrics-server tag v0.4.1, you could switch to your preferred metrics-server release version.

git clone -b v0.4.1 [email protected]:kubernetes-sigs/metrics-server.git
cd metrics-server/manifests
git clone [email protected]:jenting/secure-metrics-server.git
cd secure-metrics-server

Copy the Kubernetes CA certificate from remote machine to local machine.

NODE_NAME=`kind get nodes`
CONTAINER_ID=`docker ps --filter "name=$NODE_NAME" -q`
docker cp $CONTAINER_ID:/etc/kubernetes/pki/ca.crt kubernetes-ca.crt

Run generate secure metrics-server patch manifests.
```
./secure-metrics-server.sh
```

Apply the kustomization.yaml file

cd ../
kustomize build secure-metrics-server | kubectl apply -f -

Check the metrics-server bahavior
```
kubectl top nodes
kubectl top pods
```

jenting / secure-metrics-server Goto Github PK

secure-metrics-server's Introduction

Secure metrics server

Prerequisite

Demo

KIND

secure-metrics-server's People

Stargazers

Watchers

secure-metrics-server's Issues

Question on how to make this script work

--kubelet-insecure-tls is still present

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent