kubeadm-certs-renew-front-proxy-client - Man Page

Renew the certificate for the front proxy client

Eric Paris Jan 2015

Synopsis

kubeadm certs renew front-proxy-client [Options]

Description

Renew the certificate for the front proxy client.

Renewals run unconditionally, regardless of certificate expiration date; extra attributes such as SANs will be based on the existing file/certificates, there is no need to resupply them.

Renewal by default tries to use the certificate authority in the local PKI managed by kubeadm; as alternative it is possible to use K8s certificate API for certificate renewal, or as a last option, to generate a CSR request.

After renewal, in order to make changes effective, is required to restart control-plane components and eventually re-distribute the renewed certificate in case the file is used elsewhere.

Options

--cert-dir="/etc/kubernetes/pki" The path where to save the certificates

--config="" Path to a kubeadm configuration file.

--csr-dir="" The path to output the CSRs and private keys to

--csr-only=false Create CSRs instead of generating certificates

--kubeconfig="/etc/kubernetes/admin.conf" The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file.

Options Inherited from Parent Commands

--azure-container-registry-config="" Path to the file containing Azure container registry configuration information.

--log-flush-frequency=5s Maximum number of seconds between log flushes

--rootfs="" [EXPERIMENTAL] The path to the 'real' host root filesystem.

--version=false Print version information and quit

See Also

kubeadm-certs-renew(1),

History

January 2015, Originally compiled by Eric Paris (eparis at redhat dot com) based on the kubernetes source material, but hopefully they have been automatically generated since!

Referenced By

kubeadm-certs-renew(1).

User Manuals