SKS Certificates and API Keys

Certificates Authorities

Several certificates authorities are generated when you create a cluster. You can retrieve the public certificate for some of these authorities by using the exo compute sks authority-cert <CLUSTER-NAME|ID> <AUTHORITY> command in the CLI.

The authorities are:

• kubelet: the authority generating certificates for the Kubelet daemon running on the workers.
• aggregation: the authority used by the aggregation layer.

CCM API key

The Exoscale Cloud Controller Manager needs an IAM key. This key is created automatically on your account when you create a cluster. Its description is sks-cluster-<cluster-id>. The key will also be deleted automatically if the cluster is deleted.

If you want to regenerate this key, you use the exo compute sks rotate-ccm-credentials <CLUSTER-NAME|ID> command in the CLI.