0
Heey所有,如何使用etcdctl不提供證書
也許一個非常愚蠢的問題,但我已經得到了與羣集節點之間的SSL一個CoreOS集羣。我在我的雲配置中設置了艦隊和etcd。
fleetctl的作品相當不錯。我沒有提供任何證書,但是當我使用etcdctl我不得不這樣供應證書路徑:
etcdctl --ca-file /home/core/etcd/certificates/ca.pem --cert-file /home/core/etcd/certificates/coreos.pem --key-file /home/core/etcd/certificates/coreos-key.pem --endpoint "https://10.129.1.226:2379" get /test/key
有沒有一種方式,可以etcd2以這樣的方式etcdctl不需要進行配置證書路徑就像每一次:我的雲配置的
etcdctl get /test/key
部分:
write_files:
# tell etcd2 and fleet where our certificates are going to live:
- path: /run/systemd/system/etcd2.service.d/30-certificates.conf
permissions: 0644
content: |
[Service]
# client environment variables
Environment=ETCD_CA_FILE=/home/core/etcd/certificates/ca.pem
Environment=ETCD_CERT_FILE=/home/core/etcd/certificates/coreos.pem
Environment=ETCD_KEY_FILE=/home/core/etcd/certificates/coreos-key.pem
# peer environment variables
Environment=ETCD_PEER_CA_FILE=/home/core/etcd/certificates/ca.pem
Environment=ETCD_PEER_CERT_FILE=/home/core/etcd/certificates/coreos.pem
Environment=ETCD_PEER_KEY_FILE=/home/core/etcd/certificates/coreos-key.pem
提前非常感謝。