public/rancher-docs
1
0
Fork 0
mirror of https://github.com/rancher/rancher-docs.git synced 2026-05-18 02:45:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update _index.md

Browse Source
This commit is contained in:
Alena Prokharchyk
2019-04-23 13:49:29 -07:00
committed by GitHub
parent 269d3e39ac
commit b9cff79792
1 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/rancher/v2.x/en/cluster-admin/certificate-rotation/_index.md
+10 -13
View File
@@ -3,12 +3,8 @@ title: Certificate Rotation
weight: 2040
---
_Available as of v2.2.0_
By default, Kubernetes clusters require certificates and Rancher launched Kubernetes clusters automatically generate certificates for the Kubernetes components. Rotating these certificates is important before the certificates expire as well as if a certificate is compromised. After the certificates are rotated, the Kubernetes components are automatically restarted.
> **Note:** Even though the RKE CLI can use custom certificates for the Kubernetes cluster components, Rancher currently doesn't allow the ability to upload these in Rancher Launched Kubernetes clusters.
Certificates can be rotated for the following services:
- etcd
@@ -18,6 +14,11 @@ Certificates can be rotated for the following services:
- kube-scheduler
- kube-controller-manager
### Certificate Rotation in Rancher v2.2.x
_Available as of v2.2.0_
Rancher launched Kubernetes clusters have the ability to rotate the auto-generated certificates through the UI.
1. In the **Global** view, navigate to the cluster that you want to rotate certificates.
@@ -33,18 +34,14 @@ Rancher launched Kubernetes clusters have the ability to rotate the auto-generat
**Results:** The selected certificates will be rotated and the related services will be restarted to start using the new certificate.
_Certificate Rotation for v2.1.14 and v2.0.9_
> **Note:** Even though the RKE CLI can use custom certificates for the Kubernetes cluster components, Rancher currently doesn't allow the ability to upload these in Rancher Launched Kubernetes clusters.
Certificate Rotation for all services was backported to **v2.1.14** and **v2.0.9**, the following services will be rotated:
- etcd
- kubelet
- kube-apiserver
- kube-proxy
- kube-scheduler
- kube-controller-manager
### Certificate Rotation in Rancher v2.1.x and v2.0.x
Certificates can be rotated through the API using the following steps:
_Available as of v2.1.14 and v2.0.9_
Rancher launched Kubernetes clusters have the ability to rotate the auto-generated certificates through the API.
1. In the **Global** view, navigate to the cluster that you want to rotate certificates.