Comments (8)
@palimarium sure thing! I'll push a v0.1.1 now.
from istio-csr.
Tested now with cluster.local
but still doesn't seem to work.
E0201 10:04:58.945874 1 auth.go:35] certificate-provider "msg"="failed to authenticate request" "error"="could not get cluster cluster.local's kube client"
E0201 10:04:59.084455 1 auth.go:35] certificate-provider "msg"="failed to authenticate request" "error"="could not get cluster cluster.local's kube client"
E0201 10:04:59.788517 1 auth.go:35] certificate-provider "msg"="failed to authenticate request" "error"="could not get cluster cluster.local's kube client"
I look forward to this release!
from istio-csr.
Hi @palimarium,
Great to see it working for you in the default case!
Auth is currently limited to token, and only the default cluster name. This definitely something we want to include.
/feature
/assign
from istio-csr.
/kind feature
from istio-csr.
@JoshVanL: The label(s) kind/feature
cannot be applied, because the repository doesn't have them
In response to this:
/kind feature
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
from istio-csr.
Hi @JoshVanL
Thank you that you are planning to extend the capabilities!
In the meantime is there any workaround for this? What is the default cluster name, that istio-csr use for auth? If I use this name in the multiCluster(clusterName) config, it should work?
Thanks!
from istio-csr.
@palimarium My feeling is cluster.local
is one that would work.. though not tested. Intent to pick this up over the next couple days.
from istio-csr.
Hi @JoshVanL
I have tested your fix and works like a charm!
Any chance to get this pushed into a new release? so can be easily installed with the default helm chart?
Thanks a lot!
from istio-csr.
Related Issues (20)
- istio-csr should seperate leases role permissions from cert-manager issuer namespace
- Third-party JWT issue HOT 1
- add the compatibility matrix for Kubernetes versions to README
- Add ability to annotate certificate requests generateed by istio-csr HOT 1
- Add custom annotations to deployment HOT 3
- charts.jetstack.io beding cluster presents a challenge and breaks deployment
- istio-csr vault integration - permission denied - Vault failed to sign certificate HOT 2
- Restarting a namespace with 30+ deployments causes errors in istio-csr which tends to reolve after a while. HOT 1
- Custom DNS support in istio-csr's istiod certificate HOT 1
- False positive warnings from trivy and dependabot HOT 2
- ClusterRole & ClusterRoleBindings for istio-csr
- TODO: tests - carotation creates two kind clusters
- Populate Subject Fields in Certificate HOT 1
- CSR generation always defaults to P256 curve due to missing parameter HOT 4
- It is not possible to provide SAN for istiod certificate HOT 2
- how to build oci image locally using make command HOT 1
- Istio sidecar can only request new cert using istio-token HOT 1
- Document / improve that sometimes the issuer needs to set `ca.crt`
- Image version is v0.0.0 HOT 4
- Getting Readiness probe failed when using cert-manager-istio-csr
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from istio-csr.