add privateCA support for containerd images #2079
Conversation
| data: | ||
| update-containerd-certs.sh: | | ||
| #!/usr/bin/env sh | ||
| if [ ! -f /hostcontainerd/config.toml ]; then |
There was a problem hiding this comment.
theoretically I think this file could be totally absent and need to be created, but if we have tested on Azure, AWS, and GCP I'm fine with crossing that bridge when we come to it. In reality, I would expect it always exists.
There was a problem hiding this comment.
yes this file always exists in all cloud provider only difference is the content
values.yaml
Outdated
| @@ -19,6 +19,10 @@ global: | |||
| privateCaCertsAddToHost: | |||
| enabled: false | |||
| hostDirectory: /etc/docker/certs.d | |||
| addToContainerd: false | |||
| containerdConfigPath: /etc/containerd/certs.d | |||
There was a problem hiding this comment.
key name should be something else as that sounds like the path that should put to containerd.toml itself. Maybe rename to containerdCertsConfigPath or similar?
| @@ -19,6 +19,10 @@ global: | |||
| privateCaCertsAddToHost: | |||
| enabled: false | |||
| hostDirectory: /etc/docker/certs.d | |||
| addToContainerd: false | |||
| containerdConfigPath: /etc/containerd/certs.d | |||
| containerdnodeAffinitys: [] | |||
There was a problem hiding this comment.
Are these actually templated into the daemonset anywhere?
rishkarajgi
changed the title
|
Description
Adds the ability to support privateCA for containerd images
Related Issues
https://github.com/astronomer/issues/issues/6022
Testing
tested on AWS, GCP, Azure, local clusters
Merging
release-0.34