- support a similar dynamic config patter in the apiserver-webhook
chart as the base apiserver chart
- Update the example values.yaml in apiserver to fully reflect
configuration of the aggregation API
Change-Id: I85da2512934071fb9d9465ee4b957e18a8e394ad
a. Adding the same encryption configuration to webhook-apiserver
as is used for kubernetes-apiserver, so it can access secrets
stored in etcd by kubernetes-apiserver.
b. Adding an additional ingress annotation to allow for TLS
access to the Keystone backend.
c. Adding an apt-get clean to Dockerfile as this seems to be
needed to get image building working properly.
This patchset has passed the Promenade resiliency gate.
Change-Id: I7b15779b688458ec0faf2b23700d0c1bc2ede7e6
- Updates to the webhook-enabled apiserver chart to properly
support certificate trust and allow for fragmented CAs for
better security.
Change-Id: I56dee9d1ca4e0807d89ce6b0f3ab3fb5d4ea8c67
This commit create an apisever pods with kubernetes keystone webhook
as a side for. The sole purpose of this pods is authentication and
authorization.
Change-Id: I74472576d7dc0da6ac66d7e0a8e1db5fad156952