Uploaded image for project: 'OpenShift CFE'
  1. OpenShift CFE
  2. CFE-220 As a user of ExternalDNS I would like to be able to use from a proxied environment
  3. CFE-222

Ensure operand containers use custom CA

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Major Major
    • None
    • None
    • None
    • None
    • 5
    • False
    • False
    • CFE Sprint 213

      Motivation

      Potential implementation:

      • Operator consumes the custom CA as a name of the configmap
      • Operator has a flag which expects the name of the config map containing the trusted ca bundle (something like --trusted-ca-bundle-configmap)
      • Operator implements a new controller which copies the CA configmap from the operator namespace to operand's (similar to what the existing credentials secret controller does)
      • Operator creates a volume and volumeMounts for each operand container to place the CA into the per-defined trusted CA path
      • Operator's documentation is updated with instructions of how to create a configmap containing trusted bundles ("config.openshift.io/inject-trusted-cabundle" annotation can be used for OpenShift)

              alebedev@redhat.com Andrey Lebedev
              alebedev@redhat.com Andrey Lebedev
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: