table of contents
KUBERNETES(1)(kubernetes) | KUBERNETES(1)(kubernetes) |
NAME¶
kubeadm token - Manage bootstrap tokens
SYNOPSIS¶
kubeadm token [OPTIONS]
DESCRIPTION¶
This command manages bootstrap tokens. It is optional and needed only for advanced use cases.
In short, bootstrap tokens are used for establishing bidirectional trust between a client and a server. A bootstrap token can be used when a client (for example a node that is about to join the cluster) needs to trust the server it is talking to. Then a bootstrap token with the "signing" usage can be used. bootstrap tokens can also function as a way to allow short-lived authentication to the API Server (the token serves as a way for the API Server to trust the client), for example for doing the TLS Bootstrap.
What is a bootstrap token more exactly?
- It is a Secret in the kube-system namespace of type
"bootstrap.kubernetes.io/token".
- A bootstrap token must be of the form "[a-z0-9]{6}.[a-z0-9]{16}".
The former part is the public token ID,
while the latter is the Token Secret and it must be kept private at all
circumstances!
- The name of the Secret must be named
"bootstrap-token-(token-id)".
You can read more about bootstrap tokens here:
https://kubernetes.io/docs/admin/bootstrap-tokens/
OPTIONS¶
--dry-run=false Whether to enable dry-run mode or not
--kubeconfig="/etc/kubernetes/admin.conf" The kubeconfig file to use when talking to the cluster. If the flag is not set, a set of standard locations can be searched for an existing kubeconfig file.
OPTIONS INHERITED FROM PARENT COMMANDS¶
--azure-container-registry-config="" Path to the file containing Azure container registry configuration information.
--rootfs="" [EXPERIMENTAL] The path to the 'real' host root filesystem.
--version=false --version, --version=raw prints version information and quits; --version=vX.Y.Z... sets the reported version
SEE ALSO¶
kubeadm(1), kubeadm-token-create(1), kubeadm-token-delete(1), kubeadm-token-generate(1), kubeadm-token-list(1),
HISTORY¶
January 2015, Originally compiled by Eric Paris (eparis at redhat dot com) based on the kubernetes source material, but hopefully they have been automatically generated since!
User | Manuals |