forked from hswaw/hscloud
Sergiusz Bazanski
b13b7ffcdb
Prodaccess/Prodvider allow issuing short-lived certificates for all SSO users to access the kubernetes cluster. Currently, all users get a personal-$username namespace in which they have adminitrative rights. Otherwise, they get no access. In addition, we define a static CRB to allow some admins access to everything. In the future, this will be more granular. We also update relevant documentation. Change-Id: Ia18594eea8a9e5efbb3e9a25a04a28bbd6a42153 |
||
---|---|---|
.. | ||
BUILD.bazel | ||
ca-etcd.crt | ||
ca-etcdpeer.crt | ||
ca-kube-prodvider.cert | ||
ca-kube.crt | ||
ca-kubefront.crt | ||
etcd-bc01n01.hswaw.net.cert | ||
etcd-bc01n02.hswaw.net.cert | ||
etcd-bc01n03.hswaw.net.cert | ||
etcd-calico.cert | ||
etcd-kube.cert | ||
etcd-root.cert | ||
etcdpeer-bc01n01.hswaw.net.cert | ||
etcdpeer-bc01n02.hswaw.net.cert | ||
etcdpeer-bc01n03.hswaw.net.cert | ||
kube-apiserver.cert | ||
kube-controllermanager.cert | ||
kube-kubelet-bc01n01.hswaw.net.cert | ||
kube-kubelet-bc01n02.hswaw.net.cert | ||
kube-kubelet-bc01n03.hswaw.net.cert | ||
kube-proxy.cert | ||
kube-scheduler.cert | ||
kube-serviceaccounts.cert | ||
kubefront-apiserver.cert |