-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Improve cluster configuration when enableTls is true (#169)
## Motivation Improve the basic functionality of `enabledTls` flag. Setting the flag to true means that the broker, proxy, and function worker will all enable TLS, but not use it unless configured. See the README update for more details. ### Changes * Add documentation to README. * Add `.Values.tls.<component>.enableHostnameVerification` flag that makes it possible to enable hostname verification for upstream connections. The default is false for now (old deployments that use `kind: Deployment` for broker would break otherwise). We will update to `true` in the next major version bump. * Update `dev-values-tls.yaml` to deploy a broker stateful set (this is necessary for hostname verification to work) * Improve bastion's client configuration to utilize TLS and to use the proxy, since that will ensure the function worker is integrated correctly * Update hostnames in the self signed certificate to support broker and function worker correctly * Update zookeeper initialization script to use the `brokerSts` component name, since statefulsets are the only way to ensure full-featured TLS connections.
- Loading branch information
1 parent
67c6caa
commit 9584392
Showing
11 changed files
with
91 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters