cheshire/hscloud
1
0
Fork 0
forked from hswaw/hscloud
Code Pull requests Activity
hscloud/cluster/certs
History
Sergiusz Bazanski b13b7ffcdb prod{access,vider}: implement 
Prodaccess/Prodvider allow issuing short-lived certificates for all SSO
users to access the kubernetes cluster.

Currently, all users get a personal-$username namespace in which they
have adminitrative rights. Otherwise, they get no access.

In addition, we define a static CRB to allow some admins access to
everything. In the future, this will be more granular.

We also update relevant documentation.

Change-Id: Ia18594eea8a9e5efbb3e9a25a04a28bbd6a42153
2019-08-30 23:08:18 +02:00
..
BUILD.bazel prod{access,vider}: implement 2019-08-30 23:08:18 +02:00
ca-etcd.crt *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
ca-etcdpeer.crt *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
ca-kube-prodvider.cert prod{access,vider}: implement 2019-08-30 23:08:18 +02:00
ca-kube.crt *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
ca-kubefront.crt *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-bc01n01.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-bc01n02.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-bc01n03.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-calico.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-kube.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcd-root.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcdpeer-bc01n01.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcdpeer-bc01n02.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
etcdpeer-bc01n03.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-apiserver.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-controllermanager.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-kubelet-bc01n01.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-kubelet-bc01n02.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-kubelet-bc01n03.hswaw.net.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-proxy.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-scheduler.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kube-serviceaccounts.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00
kubefront-apiserver.cert *: rejigger tls certs and more 2019-04-07 00:06:23 +02:00