Simplify the authentication mechanisms
Now master services (scheduler and controller manager) all authenticate using the master bearer token. This goes against the least privilege principle but those run in the same process as the master itself, so very little harm is to expect from this simplification.
Showing
- services/apiserver.go 33 additions, 42 deletionsservices/apiserver.go
- services/certs.go 0 additions, 30 deletionsservices/certs.go
- services/cm.go 1 addition, 1 deletionservices/cm.go
- services/k8s.go 19 additions, 7 deletionsservices/k8s.go
- services/kubelet.go 1 addition, 1 deletionservices/kubelet.go
- services/manager.go 13 additions, 10 deletionsservices/manager.go
- services/scheduler.go 1 addition, 1 deletionservices/scheduler.go
Loading
Please register or sign in to comment