You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As part of the ongoing sig-cluster-lifecycle work and the kubeadm utility that resulted, we have implemented a standalone JWS discovery service as a pod which kubeadm configures so other systems can run kubeadm and join the cluster. The discovery service pod expects to be passed the API CA certificate, API endpoints list, and a secure token as secrets when launched.
We hope to bring this service into the core API (details in #30707), as part of the kubeadm beta (#31711) targeted for 1.5.
Requirements for this to happen:
Must implement a token sub-system in core API. May want to plan for multiple types of tokens, discovery being the first. May need expiration and cleanup. Callers may want to be able to specify their own tokens.
Post cluster info into core API. Challenge will be fitting this into API framework, as it's a single entity per cluster.
Start loading API endpoints and CA cert dynamically once in core API.
The text was updated successfully, but these errors were encountered:
As part of the ongoing sig-cluster-lifecycle work and the kubeadm utility that resulted, we have implemented a standalone JWS discovery service as a pod which kubeadm configures so other systems can run kubeadm and join the cluster. The discovery service pod expects to be passed the API CA certificate, API endpoints list, and a secure token as secrets when launched.
We hope to bring this service into the core API (details in #30707), as part of the kubeadm beta (#31711) targeted for 1.5.
Requirements for this to happen:
The text was updated successfully, but these errors were encountered: