Loading...

XML

Word

Printable

Release Note Status:
None
Release Note Type:
None
Release Note Text:

Hide
Previously, the operator came with a "kube-rbac-proxy" container to manage RBAC for its metrics server. This external component being deprecated, it was necessary to remove it. It is now replaced with direct TLS and RBAC management via Kubernetes controller-runtime, without the need for a side-car proxy.

Show
Previously, the operator came with a "kube-rbac-proxy" container to manage RBAC for its metrics server. This external component being deprecated, it was necessary to remove it. It is now replaced with direct TLS and RBAC management via Kubernetes controller-runtime, without the need for a side-car proxy.

Recommended approach is to use a new function API WithAuthenticationAndAuthorization

Since we already support TLS for metrics, we also need to implement that in the operator. There's a FAQ (https://github.com/kubernetes-sigs/kubebuilder/discussions/3907#discussion-6670554 ) to help transitioning - and a PR will soon provide some helpers for using with certificates: https://github.com/kubernetes-sigs/kubebuilder/pull/4400

links to