使用集群 CA 签署度量服务器证书和密钥是否安全?
Is it safe to sign the metrics-server certificate and key with the Cluster CA?
我正在尝试安装 metrics-server,但我不确定如何处理 --tls-cert-file 和 --tls-private-key-file。
https://github.com/kubernetes-incubator/metrics-server
我可以使用由集群 CA 签名的证书和密钥吗?还是这对生产不安全?
它在参考文档中说,
--tls-cert-file, --tls-private-key-file: the serving certificate and key files. If not specified, self-signed certificates will be generated, but it's recommended that you use non-self-signed certificates in production.
一般来说,提供您自己的 CA 证书是最安全的选择。
我正在尝试安装 metrics-server,但我不确定如何处理 --tls-cert-file 和 --tls-private-key-file。
https://github.com/kubernetes-incubator/metrics-server
我可以使用由集群 CA 签名的证书和密钥吗?还是这对生产不安全?
它在参考文档中说,
--tls-cert-file, --tls-private-key-file: the serving certificate and key files. If not specified, self-signed certificates will be generated, but it's recommended that you use non-self-signed certificates in production.
一般来说,提供您自己的 CA 证书是最安全的选择。