Version 1.12. This version is no longer supported. For information about how to upgrade to version 1.13, see Upgrading Anthos on bare metal in the 1.13 documentation. For more information about supported and unsupported versions, see the Version history page in the latest documentation.

Required periodic maintenance

This document describes periodic maintenance that is required for your GKE Enterprise clusters on bare metal.

Rotate certificate authorities

The certificate authorities (CAs) in a cluster are valid for five years, so you must rotate your CAs at least once every five years.

Certificates for cluster components

Cluster components use certificates for authentication. These components include kube-apiserver, kube-controller-manager, kube-scheduler, etcd and kubelet. The certificates are valid for 1 year and are renewed during cluster upgrade . To prevent the certificates from expiring, you must upgrade your cluster at least once a year.

Required periodic maintenance Stay organized with collections Save and categorize content based on your preferences.

Rotate certificate authorities

Certificates for cluster components

Required periodic maintenance