Hi There,
We want to set up service account token volume projection and service account issuer discovery.
From what I understand we should be able to set the following:
In the edit cluster management yaml:
kube-api:
always_pull_images: false
pod_security_policy: false
secrets_encryption_config:
enabled: false
service_node_port_range: 30000-32767
extraArgs:
service-account-signing-key-file: /etc/kubernetes/pki/sa.key
service-account-key-file: /etc/kubernetes/pki/sa.pub
service-account-issuer: https://path.to/issuer.svc
service-account-api-audiences: aud1,aud2
But I also need to provide the worker nodes with the sa.key and sa.pub files. How do I roll these out too?
Is this the best/easiest way to set this up?