promenade

History

Mark Burnett 1399731096 Use separate CA for kubelet authorization This increases isolation of actions against the node API. With the previous combined CA approach, each node would have a valid key to talk to each other node. With this separated approach, only the API servers will have keys with access to the node APIs. Change-Id: I2705016eb963ca9d2cc2a344047677f4b2cc3025	2018-08-28 09:38:34 -05:00
..
docker.service.d	Migrate to self hosted using charts	2017-10-17 13:29:46 -05:00
kubelet.service	Use separate CA for kubelet authorization	2018-08-28 09:38:34 -05:00

Mark Burnett 1399731096 Use separate CA for kubelet authorization

This increases isolation of actions against the node API.  With the
previous combined CA approach, each node would have a valid key to talk
to each other node.  With this separated approach, only the API servers
will have keys with access to the node APIs.

Change-Id: I2705016eb963ca9d2cc2a344047677f4b2cc3025

2018-08-28 09:38:34 -05:00

docker.service.d

Migrate to self hosted using charts

2017-10-17 13:29:46 -05:00

kubelet.service

Use separate CA for kubelet authorization

2018-08-28 09:38:34 -05:00