k8s操作手册 2.3
apiServer: �meoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta2 cer�ficatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: type: CoreDNS etcd: local: dataDir: /var/lib/etcd ★如果不想配置信任私有镜像仓库,也可将服务器证书添加到操作系统的ca证 书库里 # cat ca.com.crt >> /etc/pki/tls/certs/ca-bundle.crt #将ca证书添加到centos系统证书信任列表中,链接到: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem ②安装k8s二进制组件 #使用aliy apiServer: �meoutForControlPlane: 4m0s apiVersion: kubeadm.k8s.io/v1beta3 cer�ficatesDir: /etc/kubernetes/pki clusterName: kubernetes controllerManager: {} dns: {} etcd: local: dataDir: /var/lib/etcd imageRepository:0 码力 | 126 页 | 4.33 MB | 1 年前3The Vitess 12.0 Documentation
./easyrsa init-pki Note: using Easy-RSA configuration from: /home/user/CA/vars init-pki complete; you may now create a CA or requests. Your newly created PKI dir is: /home/user/CA/pki $ ./easyrsa build-ca now import and sign cert requests. Your new CA certificate file for publishing is at: /home/user/CA/pki/ca.crt Your CA is now configured and you should be able to generate certs easily now. Application Generating a RSA private key ............................+++++ writing new private key to '/home/user/CA/pki/easy-rsa -178308.W6uc3G/tmp.Iqlvgf' ----- You are about to be asked to enter information that will0 码力 | 534 页 | 3.32 MB | 1 年前3OpenShift Container Platform 4.4 构建(build)
您的订阅必须可以访问红帽权利,而且权利必须具有单独的公钥和私钥文件。 流程 流程 1. 创建包含权利的 secret,确保存在含有权利公钥和私钥的单独文件: $ oc create secret generic etc-pki-entitlement --from-file /path/to/entitlement/{ID}.pem \ > --from-file /path/to/entitlement/{ID}-key RHEL 的镜像创建镜像流。这样可在整个集群中使用该镜像流。 source: secrets: - secret: name: etc-pki-entitlement destinationDir: etc-pki-entitlement OpenShift Container Platform 4.4 构 构建( 建(build) ) 76 10.3. 使用 SUBSCRIPTION Manager 安装内容: FROM registry.redhat.io/rhel7:latest USER root # Copy entitlements COPY ./etc-pki-entitlement /etc/pki/entitlement # Copy subscription manager configurations COPY ./rhsm-conf /etc/rhsm COPY0 码力 | 101 页 | 1.12 MB | 1 年前3OpenShift Container Platform 4.13 CI/CD
Linux(RHEL)7 执行 Entitlement Build 时,在运行任何 yum 命令前,必须在 Dockerfile 中包含以下指令: 流程 流程 1. 在构建配置的 Docker 策略中将 etc-pki-entitlement secret 添加为构建卷: 2.10.3. 使用 Subscription Manager 运行构建 2.10.3.1. 使用 使用 Subscription Manager volumes: - name: etc-pki-entitlement mounts: - destinationPath: /etc/pki/entitlement source: type: Secret secret: secretName: etc-pki-entitlement FROM registry /7/7Server/x86_64/os enabled=1 gpgcheck=0 sslverify=0 sslclientkey = /etc/pki/entitlement/...-key.pem sslclientcert = /etc/pki/entitlement/....pem $ oc create configmap yum-repos-d --from-file /path/to/satellite0 码力 | 129 页 | 1.37 MB | 1 年前3Hyperledger Fabric 1.1 Documentation
509 certificates as identities, adopting a traditional Public Key Infrastructure (PKI) hierarchical model (more on PKI later). A Simple Scenario to Explain the Use of an Identity Imagine that you visit work together in the same way — a PKI provides a list of identities, and an MSP says which of these are members of a given organization that participates in the network. PKI certificate authorities and MSPs MSPs provide a similar combination of functionalities. A PKI is like a card provider — it dispenses many different types of verifiable identities. An MSP, on the other hand, is like the list of card providers0 码力 | 422 页 | 4.84 MB | 1 年前3Hyperledger Fabric 1.1 Documentation
509 certificates as identities, adopting a traditional Public Key Infrastructure (PKI) hierarchical model (more on PKI later). 2.4.2 A Simple Scenario to Explain the Use of an Identity Imagine that you work together in the same way — a PKI provides a list of identities, and an MSP says which of these are members of a given organization that participates in the network. PKI certificate authorities and MSPs MSPs provide a similar combination of functionalities. A PKI is like a card provider — it dispenses many different types of verifiable identities. An MSP, on the other hand, is like the list of card providers0 码力 | 277 页 | 3.21 MB | 1 年前3ubuntu server guide
“database” directory. Depending on the application, it can be in the following places by default: • ~/.pki/nssdb/pkcs11.txt This is where the system-provided libnss3 library will look by default. • ~/snap/firefox/common/ the system NSS libraries. For these examples, we will be using the configuration file located in ~/.pki/nssdb/pkcs11.txt. As noted before, depending on the application this file can be in another directory which has the necessary tools we will need: sudo apt install libnss3-tools If you don’t have a ~/.pki/nssdb directory yet, it will have to be created first. For that, we will use the certutil command,0 码力 | 486 页 | 3.33 MB | 1 年前3Hyperledger Fabric 1.2 Documentation
will take you through the critical role identities play in a Fabric network (using an established PKI structure and x.509 certificates). • Membership (conceptual documentation) Talks through the role 509 certificates as identities, adopting a traditional Public Key Infrastructure (PKI) hierarchical model (more on PKI later). 4.5.2 A Simple Scenario to Explain the Use of an Identity Imagine that you work together in the same way — a PKI provides a list of identities, and an MSP says which of these are members of a given organization that participates in the network. PKI certificate authorities and MSPs0 码力 | 335 页 | 4.48 MB | 1 年前3Hyperledger Fabric 1.2 Documentation
will take you through the critical role identities play in a Fabric network (using an established PKI structure and x.509 certificates). Membership (conceptual documentation) Talks through the role of 509 certificates as identities, adopting a traditional Public Key Infrastructure (PKI) hierarchical model (more on PKI later). A Simple Scenario to Explain the Use of an Identity Imagine that you visit work together in the same way — a PKI provides a list of identities, and an MSP says which of these are members of a given organization that participates in the network. PKI certificate authorities and MSPs0 码力 | 497 页 | 6.59 MB | 1 年前3Hyperledger Fabric 1.3 Documentation
will take you through the critical role identities play in a Fabric network (using an established PKI structure and x.509 certificates). Membership (conceptual documentation) Talks through the role of 509 certificates as identities, adopting a traditional Public Key Infrastructure (PKI) hierarchical model (more on PKI later). A Simple Scenario to Explain the Use of an Identity Imagine that you visit work together in the same way — a PKI provides a list of identities, and an MSP says which of these are members of a given organization that participates in the network. PKI certificate authorities and MSPs0 码力 | 528 页 | 6.85 MB | 1 年前3
共 250 条
- 1
- 2
- 3
- 4
- 5
- 6
- 25