Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support Basic Auth for Etcd v2 #23398

Closed
shanegibbs opened this Issue Mar 23, 2016 · 8 comments

Comments

Projects
None yet
8 participants
@shanegibbs
Copy link

shanegibbs commented Mar 23, 2016

Etcd supports basic auth for it's Auth and Security features. https://github.com/coreos/etcd/blob/master/Documentation/auth_api.md#basic-auth

Would be nice if kube-apiserver supported this.

@shanegibbs shanegibbs changed the title Support Basic Auth Etcd Support Basic Auth for Etcd Mar 23, 2016

@shanegibbs

This comment has been minimized.

Copy link
Author

shanegibbs commented Mar 23, 2016

Seems fairly straight forward. Something like #23400

@shanegibbs

This comment has been minimized.

Copy link
Author

shanegibbs commented Mar 24, 2016

The roadmap for k8s and etcd is heading towards the etcd v3 client. This will not support basic auth.

See etcd-io/etcd#4475

There may be a need to support both versions of etcd for some time.

@shanegibbs shanegibbs closed this Mar 24, 2016

@shanegibbs shanegibbs reopened this Mar 28, 2016

@shanegibbs shanegibbs changed the title Support Basic Auth for Etcd Support Basic Auth for Etcd v2 Mar 28, 2016

@timothysc timothysc added the area/etcd label Jan 5, 2017

@timothysc

This comment has been minimized.

Copy link
Member

timothysc commented Jan 5, 2017

@hongchaodeng can you comment re: v3?

@hongchaodeng

This comment has been minimized.

Copy link
Member

hongchaodeng commented Jan 17, 2017

@timothysc
This issue is pretty self-explanatory. There are two kinds of auth in etcd: TLS auth and etcd's own auth.

We have supported TLS auth in k8s. But we need to fix, at least clarify, some hidden behavior as discussed in #39588 (comment)

For etcd auth, we can add it if there are enough use cases. We didn't add it for k8s in v3 because it wasn't there in v2 either.

@xiang90

This comment has been minimized.

Copy link
Contributor

xiang90 commented Jan 17, 2017

@lavalamp @timothysc @smarterclayton @philips

This is something every easy to add I believe (need some tests though).

Shall we add this feature into API sever? Or shall we wait?

@smarterclayton

This comment has been minimized.

Copy link
Contributor

smarterclayton commented Jan 17, 2017

I would like to have this.

@fejta-bot

This comment has been minimized.

Copy link

fejta-bot commented Dec 20, 2017

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

Prevent issues from auto-closing with an /lifecycle frozen comment.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle stale

@fejta-bot

This comment has been minimized.

Copy link

fejta-bot commented Jan 19, 2018

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle rotten
/remove-lifecycle stale

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.