K8S Certificates

<syntaxhilight>

for instance in us-wrk-01 us-wrk-02 us-wrk-03 us-wrk-04; do cat > ${instance}-csr.json <<EOF {

 "CN": "system:node:${instance}",
 "key": {
   "algo": "rsa",
   "size": 2048
 },
 "names": [
   {
     "C": "US",
     "L": "Nashville",
     "O": "system:nodes",
     "OU": "8 Bit Kubernetes",
     "ST": "Tennessee"
   }
 ]

} EOF

EXTERNAL_IP=$(dig +short ${instance}.node.8bitwizard.net) INTERNAL_IP=${instance}.node.8bitwizard.net

cfssl gencert \

 -ca=ca.pem \
 -ca-key=ca-key.pem \
 -config=ca-config.json \
 -hostname=${instance},${INTERNAL_IP},${EXTERNAL_IP} \
 -profile=kubernetes \
 ${instance}-csr.json | cfssljson -bare ${instance}

done </syntaxhilight>