Uploaded image for project: 'OpenShift Hosted Control Plane'
  1. OpenShift Hosted Control Plane
  2. HOSTEDCP-117

Support for machine config server authentication

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • openshift-4.9
    • None
    • None
    • None
    • 0
    • 0
    • 0

      Integrates a haproxy side car server with the machine config server that can enable it to do authentication using the node bootstrapper token.

      Adds a controller that handles syncing any changes to the node bootstrapper token in a user cluster to the control plane and updating of the asssociated user-data secret to update the auth for the initial call workers use to auth to the ignition server.

      Moves the ignition route to have E2E tls validation. CAs are passed to the user-data that workers use to make the initial ignition call to validate TLS.

      https://github.com/openshift/hypershift/pull/92

              dmace@redhat.com Daniel Mace (Inactive)
              azaalouk Adel Zaalouk
              Jie Zhao Jie Zhao
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: