[jboss-jira] [JBoss JIRA] (WFLY-12118) kubernetes.KUBE_PING using token auth does not verify CA and always defaults to insecure stream
Radoslav Husar (Jira)
issues at jboss.org
Thu May 23 13:05:00 EDT 2019
[ https://issues.jboss.org/browse/WFLY-12118?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Radoslav Husar updated WFLY-12118:
----------------------------------
Summary: kubernetes.KUBE_PING using token auth does not verify CA and always defaults to insecure stream (was: kubernetes.KUBE_PING using token auth does not verify CA and defaults to insecure stream)
> kubernetes.KUBE_PING using token auth does not verify CA and always defaults to insecure stream
> -----------------------------------------------------------------------------------------------
>
> Key: WFLY-12118
> URL: https://issues.jboss.org/browse/WFLY-12118
> Project: WildFly
> Issue Type: Bug
> Components: Clustering
> Affects Versions: 16.0.0.Final, 17.0.0.Alpha1
> Reporter: Radoslav Husar
> Assignee: Radoslav Husar
> Priority: Major
>
> The recommendation is to do verify is file is available:
> {quote}If available, a certificate bundle is placed into the filesystem tree of each container at /var/run/secrets/kubernetes.io/serviceaccount/ca.crt, and should be used to verify the serving certificate of the apiserver.{quote}
> https://kubernetes.io/docs/tasks/access-application-cluster/access-cluster/#accessing-the-api-from-a-pod
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
More information about the jboss-jira
mailing list