Open
Description
RKE version:
RKE 1.2.9
Docker version: (docker version,docker info preferred)
NA
Operating system and kernel: (cat /etc/os-release, uname -r preferred)
NA
Type/provider of hosts: (VirtualBox/Bare-metal/AWS/GCE/DO)
Any
cluster.yml file:
NA
Steps to Reproduce:
- use custom Root CA for Kubernetes
- use RKE cert generate-csr command
- cluster fails to provision if Org DN field is not correct, error is kube-admin not authorized to create clusterrolebindings
Results:
This RFE is just to add validation to RKE to ensure the DN Field for Organization should be set properly for certain Common Names (CN).
The Kubernetes the Hard Way section on CA Certificates outlines what these should be for every component.