security - Kubernetes on TLS secured etcd -

running coreos, etcd not secured default. secure can use tls, adds level of complexity i'm willing work on.

now, kubernetes able use tls secured etcd cluster?

in config kubelet , various pods, kubernetes passes etcd endpoints parameters, require etcd , need certificates talk if secured. if kubernetes supports tls connection etcd, how configured?

thanks

digging further , asking on github project, directed towards post hope answers question:

https://groups.google.com/forum/#!topic/google-containers/btfecrq3n28/discussion

in short config file should like:

{   "cluster": {     "machines": [           "https://kube-master.internal:2379",           "https://kube-minion1.internal:2379",           "https://kube-minion2.internal:2379"     ]   },   "config": {     "certfile": "/etc/etcd/kube-master.internal.pem",     "keyfile": "/etc/etcd/kube-master.internal.key",     "cacertfiles": [ "/etc/etcd/kubecluster-ca.pem" ],     "consistency": "strong_consistency"   } }

haven't tried yet asap.

Abbruzzese

Search This Blog

security - Kubernetes on TLS secured etcd -

Comments

Post a Comment