Kops 创建密钥 ciliumpassword

kops 创建密钥 ciliumpassword ¶

创建 Cilium IPsec 配置。

摘要 ¶

创建一个新的 Cilium IPsec 配置并将其存储在状态存储中。Cilium 使用它来加密 Pod/节点之间的通信。

kops create secret ciliumpassword [CLUSTER] -f FILENAME [flags]

示例 ¶

  # Create a new Cilium IPsec configuration.
  kops create secret ciliumpassword -f /path/to/configuration.yaml \
  --name k8s-cluster.example.com --state s3://my-state-store

  # Create a new Cilium IPsec key via stdin.
  cat <<EOF | kops create secret ciliumpassword --name k8s-cluster.example.com --state s3://my-state-store -f -
  keys: $(echo "3 rfc4106(gcm(aes)) $(echo $(dd if=/dev/urandom count=20 bs=1 2> /dev/null| xxd -p -c 64)) 128")
  EOF

  # Replace an existing Cilium IPsec configuration secret
  kops create secret ciliumpassword -f /path/to/configuration.yaml --force \
  --name k8s-cluster.example.com --state s3://my-state-store

选项 ¶

  -f, --filename string   Path to the Cilium IPsec configuration file
      --force             Force replace the secret if it already exists
  -h, --help              help for ciliumpassword

从父命令继承的选项 ¶

      --config string   yaml config file (default is $HOME/.kops.yaml)
      --name string     Name of cluster. Overrides KOPS_CLUSTER_NAME environment variable
      --state string    Location of state storage (kops 'config' file). Overrides KOPS_STATE_STORE environment variable
  -v, --v Level         number for the log level verbosity

参见 ¶

kops 创建密钥 - 创建密钥。