mirror of
https://github.com/openshift/openshift-docs.git
synced 2026-02-05 12:46:18 +01:00
26 lines
1.6 KiB
Plaintext
26 lines
1.6 KiB
Plaintext
// Module included in the following assemblies:
|
|
//
|
|
// * microshift/microshift_configuring/microshift-node-access-kubeconfig.adoc
|
|
|
|
:_mod-docs-content-type: CONCEPT
|
|
[id="remote-access-con_{context}"]
|
|
= Remote access kubeconfig files
|
|
|
|
When a {microshift-short} node connects to the API server from an external source, a certificate with all of the alternative names in the SAN field is used for validation. {microshift-short} generates a default `kubeconfig` for external access by using the `hostname` value. The defaults are set in the `<node.hostnameOverride>`, `<node.nodeIP>` and `api.<dns.baseDomain>` parameter values of the default `kubeconfig` file.
|
|
|
|
The `/var/lib/microshift/resources/kubeadmin/<hostname>/kubeconfig` file uses the `hostname` of the machine, or `node.hostnameOverride` if that option is set, to reach the API server. The CA of the `kubeconfig` file is able to validate certificates when accessed externally.
|
|
|
|
.Example contents of a default `kubeconfig` file for remote access
|
|
[source,yaml]
|
|
----
|
|
clusters:
|
|
- cluster:
|
|
certificate-authority-data: <base64 CA>
|
|
server: https://microshift-rhel9:6443
|
|
----
|
|
|
|
//line space was not showing on PV1 preview, so added extra blank line
|
|
[id="remote-access-customization_{context}"]
|
|
== Remote access customization
|
|
Multiple remote access `kubeconfig` file values can be generated for accessing the node with different IP addresses or host names. An additional `kubeconfig` file generates for each entry in the `apiServer.subjectAltNames` parameter. You can copy remote access `kubeconfig` files from the host during times of IP connectivity and then use them to access the API server from other workstations.
|