Uploaded image for project: 'Network Observability'
  1. Network Observability
  2. NETOBSERV-1999

rbac-proxy being removed - need to switch

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • netobserv-1.8
    • netobserv-1.7
    • Operator
    • None
    • False
    • None
    • False
    • Hide
      Previously, the operator came with a "kube-rbac-proxy" container to manage RBAC for its metrics server. This external component being deprecated, it was necessary to remove it. It is now replaced with direct TLS and RBAC management via Kubernetes controller-runtime, without the need for a side-car proxy.
      Show
      Previously, the operator came with a "kube-rbac-proxy" container to manage RBAC for its metrics server. This external component being deprecated, it was necessary to remove it. It is now replaced with direct TLS and RBAC management via Kubernetes controller-runtime, without the need for a side-car proxy.
    • NetObserv - Sprint 264, NetObserv - Sprint 265

      cf upstream ticket https://github.com/netobserv/network-observability-operator/issues/915

      Recommended approach is to use a new function API WithAuthenticationAndAuthorization

      Since we already support TLS for metrics, we also need to implement that in the operator. There's a  FAQ (https://github.com/kubernetes-sigs/kubebuilder/discussions/3907#discussion-6670554 ) to help transitioning - and a PR will soon provide some helpers for using with certificates: https://github.com/kubernetes-sigs/kubebuilder/pull/4400

              jtakvori Joel Takvorian
              jtakvori Joel Takvorian
              Mehul Modi Mehul Modi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: