Home
Posts
Add additional certificate SANs to Kubernetes with Talos Linux

Add additional certificate SANs to Kubernetes with Talos Linux

This tutorial offers a comprehensive method for integrating extra cluster certificates into your Talos system.

Goran Nushkov
Category: Linux | Series: Talos Linux Setup

16-04-2023 | 16-04-2023 | 106 words | One minute

This tutorial offers a comprehensive method for integrating extra cluster certificates into your Talos system.

Series - Talos Linux Setup

This is useful if you want to access the Kubernetes API outside of the network where it is installed, for example over a DNS record.

Tip

You can do this before installing Talos, or if you have already installed it, do it with talosctl edit machineconfig.

Configuration

This configuration has to be done only on the control plane node, as we are not configuring the API server on worker nodes. Here is the configuration (click to expand):

1
2
3
4
5
6


cluster:
  apiServer:
        # Extra certificate subject alternative names for the API server's certificate.
        certSANs:
            - 192.168.0.241
            - example.com # This is the additional certificate.