Skip to main content

furyctl create pki

Creates the Public Key Infrastructure files needed for an on-premises cluster.

Synopsis

Creates the Public Key Infrastructure files needed (CA, certificates, keys, etc.) by a Kubernetes cluster and its etcd database. You can limit the creation of the PKI to just etcd or just Kubernetes using the flags, if not specified the command will create the PKI for both of them.

Usage

furyctl create pki [flags]

Options

  -c, --controlplane   create PKI only for the Kubernetes control plane components
  -e, --etcd           create PKI only for etcd
  -h, --help           help for pki
  -p, --path string    path where to save the created PKI files. One subfolder will be created for the control plane files and another one for the etcd files (default "pki")

Options inherited from parent commands

  -D, --debug                       Enables furyctl debug output. This will greatly increase the verbosity. Debug logs and additional logs are also always written to the log file. See the --log flag.
  -d, --disable-analytics           Disable analytics
  -g, --git-protocol git-protocol   Download repositories using the given protocol. Use when SSH traffic is being blocked or when SSH client has not been configured
                                    set the GITHUB_TOKEN environment variable with your token to use authentication while downloading, for example for private repositories. 
                                    Options are: ssh, https (default https)
  -H, --https                       DEPRECATED: by default furyctl uses https protocol to download repositories. See --git-protocol flag (default true)
  -l, --log string                  Path to a file or folder where to write logs to. Set to 'stdout' write to standard output. Target path will be created if it does not exists. Path is relative to --workdir. Default is '<outdir>/.furyctl/furyctl.<timestamp>-<random number>.log'
  -T, --no-tty                      Disable TTY making furyctl's output more friendly to non-interactive shells by disabling animations and colors
  -o, --outdir string               Path where to create the ".furyctl" data directory. Default is the user's home. Path is relative to --workdir
  -w, --workdir string              Switch to a different working directory before executing the given subcommand. NOTE: this will affect all the paths passed, including other flags like outdir and log, for example

See Also

  • furyctl create - Create a cluster, a sample configuration file, or the PKI needed for an on-premises cluster