mirror of https://github.com/k3s-io/k3s
1834039960
Automatic merge from submit-queue Alpha JWS Discovery API for locating an apiserver securely This PR contains an early alpha prototype of the JWS discovery API outlined in proposal #30707. CA certificate, API endpoints, and the token to be used to authenticate to this discovery API are currently passed in as secrets. If the caller provides a valid token ID, a JWS signed blob of ClusterInfo containing the API endpoints and the CA cert to use will be returned to the caller. This is used by the alpha kubeadm to allow seamless, very quick cluster setup with simple commands well suited for copy paste. Current TODO list: - [x] Allow the use of arbitrary strings as token ID/token, we're currently treating them as raw keys. - [x] Integrate the building of the pod container, move to cluster/images/kube-discovery. - [x] Build for: amd64, arm, arm64 and ppc64le. (just replace GOARCH=) - [x] Rename to gcr.io/google_containers/kube-discovery-ARCH:1.0 - [x] Cleanup rogue files in discovery sub-dir. - [x] Move pkg/discovery/ to cmd/discovery/app. There is additional pending work to return a kubeconfig rather than ClusterInfo, however I believe this is slated for post-alpha. |
||
|---|---|---|
| .. | ||
| etcd | ||
| etcd-empty-dir-cleanup | ||
| flannel | ||
| hyperkube | ||
| kube-discovery | ||
| kubemark | ||