Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automated OSD Certificate Rotation #67

Closed
andrewrynhard opened this issue May 7, 2018 · 1 comment
Closed

Automated OSD Certificate Rotation #67

andrewrynhard opened this issue May 7, 2018 · 1 comment
Assignees
@Ulexus
Labels
area/security kind/feature
Milestone
v0.2

Comments

@andrewrynhard
Copy link
Member

andrewrynhard commented May 7, 2018
edited by bradbeam

No description provided.

@andrewrynhard andrewrynhard added this to the v0.1.0 milestone May 7, 2018
@andrewrynhard andrewrynhard self-assigned this May 7, 2018
@andrewrynhard andrewrynhard modified the milestones: v0.1.0, v0.2.0 May 12, 2018
@andrewrynhard andrewrynhard removed this from the v0.2.0-alpha.0 milestone Feb 20, 2019
@andrewrynhard andrewrynhard changed the title feat: automated certificate rotation Automated OSD Certificate Rotation Jun 21, 2019
@andrewrynhard andrewrynhard added this to the v0.2 milestone Jun 21, 2019
@Ulexus Ulexus self-assigned this Jun 22, 2019
@andrewrynhard
Copy link
Member Author

This is the blog that inspired this idea: https://diogomonica.com/2017/01/11/hitless-tls-certificate-rotation-in-go/

Ulexus referenced this issue in Ulexus/talos Jul 1, 2019
@Ulexus
feat(osd): talos node certificate rotation
ffc477f 
- Implements part of #67
- Create option functions for gRPC TLS config
- Create CertificateProvider interface
- Create (legacy) userdata CertificateProvider
- Create cert renewing, file-caching CertificateProvider
- Create tls.NewConfigWithOpts() to specify custom gRPC TLS options
- Adapt existing tls.NewConfig to use options
- Update osd to use dynamic CertificateProvider
- Add a constant for location of Talos node certificate

Signed-off-by: Seán C McCord <ulexus@gmail.com>
@andrewrynhard andrewrynhard mentioned this issue Jul 1, 2019
Merged
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 7, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@Ulexus Ulexus

Labels
area/security kind/feature
Projects
None yet
Milestone
v0.2
Development

No branches or pull requests
3 participants
@Ulexus @andrewrynhard @bradbeam