I deployed a federaton control plane to a host cluster this is kubeconfig of the host cluster :
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca.pem
server: https://k8s-apiserver.bcmt.cluster.local:8443
name: bcmt-kubernetes
- cluster:
certificate-authority-data: REDACTED
server: https://172.16.1.4:32471
name: federation
contexts:
- context:
cluster: bcmt-kubernetes
namespace: default
user: kubectl
name: default-context
- context:
cluster: federation
user: federation
name: federation
- context:
cluster: bcmt-kubernetes
namespace: kube-system
user: kubectl
name: kube-system-context
current-context: default-context
kind: Config
preferences: {}
users:
- name: federation
user:
client-certificate-data: REDACTED
client-key-data: REDACTED
token: e7506989-42eb-11e8-bf70-fa163eb593a3
- name: federation-basic-auth
user:
password: e7506937-42eb-11e8-bf70-fa163eb593a3
username: admin
- name: kubectl
user:
client-certificate: /etc/kubernetes/ssl/kubectl.pem
client-key: /etc/kubernetes/ssl/kubectl-key.pemand now i'm trying to join a cluster to the federation, below the configuration of this cluster :
apiVersion: v1
clusters:
- cluster:
certificate-authority: /etc/kubernetes/ssl/ca.pem
server: https://k8s-apiserver.bcmt.cluster.local:8443
name: bcmt-kubernetes
contexts:
- context:
cluster: bcmt-kubernetes
namespace: default
user: kubectl
name: default-context
- context:
cluster: bcmt-kubernetes
namespace: kube-system
user: kubectl
name: kube-system-context
current-context: default-context
kind: Config
preferences: {}
users:
- name: kubectl
user:
client-certificate: /etc/kubernetes/ssl/kubectl.pem
client-key: /etc/kubernetes/ssl/kubectl-key.pem
As you can see the acces to the api server is done with certificate how to do in order to join this cluster to federation; I mean should i expose the apiserver of the cluster that i'm joining and how the host cluster will use the certificate in order to reach the apiserver of the joining cluster ? Any hints please how to do that !