-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pass Kubelet certificate CA bundle as an argument #1256
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
Comments
k8s-ci-robot
added
kind/feature
Categorizes issue or PR as related to a new feature.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
labels
Apr 29, 2023
/triage accepted |
k8s-ci-robot
added
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
and removed
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
labels
Jun 29, 2023
@dgrisonnet I would like to give this a try if it no one has taken it up. Thanks! |
/assign @csauoss |
@serathius @dgrisonnet when you get a chance, can you please review #1516? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
triage/accepted
Indicates an issue or PR is ready to be actively worked on.
What would you like to be added:
A new argument
--kubelet-certificate-authority-text
which allows the CA to be passed as an argument instead of as a path.Why is this needed:
The current way to feed a CA to metrics-server is to use
--kubelet-certificate-authority
. This requires the certificate to be present in the metrics-server pod, which isn't easy to do in a persistent way using the Helm chart (maybe we could useextraVolumeMounts
and a ad-hocConfigMap
created for this purpose).These additional steps makes securing the setup a little bit involved. The ability to simply pass the certificate would ease this.
/kind feature
The text was updated successfully, but these errors were encountered: