[jboss-jira] [JBoss JIRA] (WFLY-12118) kubernetes.KUBE_PING using token auth does not verify CA and always defaults to insecure stream
Radoslav Husar (Jira)
issues at jboss.org
Sat Jun 15 08:30:00 EDT 2019
[ https://issues.jboss.org/browse/WFLY-12118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13747506#comment-13747506 ]
Radoslav Husar commented on WFLY-12118:
---------------------------------------
Merged upstream, requires 1.0.10.Final upgrade.
> kubernetes.KUBE_PING using token auth does not verify CA and always defaults to insecure stream
> -----------------------------------------------------------------------------------------------
>
> Key: WFLY-12118
> URL: https://issues.jboss.org/browse/WFLY-12118
> Project: WildFly
> Issue Type: Bug
> Components: Clustering
> Affects Versions: 16.0.0.Final, 17.0.0.Alpha1
> Reporter: Radoslav Husar
> Assignee: Radoslav Husar
> Priority: Major
>
> The recommendation is to do verify is file is available:
> {quote}If available, a certificate bundle is placed into the filesystem tree of each container at /var/run/secrets/kubernetes.io/serviceaccount/ca.crt, and should be used to verify the serving certificate of the apiserver.{quote}
> https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list