Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 32 for token2 (0.34 sec)

  1. CHANGELOG/CHANGELOG-1.29.md

      - `alpha` support (guarded by the `ServiceAccountTokenJTI` feature gate) for adding a `jti` (JWT ID) claim to service account tokens it issues, adding an `authentication.kubernetes.io/credential-id` audit annotation in audit logs when the tokens are issued, and `authentication.kubernetes.io/credential-id` entry in the extra user info when the token is used to authenticate.
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Oct 23 04:37:31 UTC 2024
    - 375.1K bytes
    - Viewed (1)
  2. common-protos/k8s.io/api/core/v1/generated.proto

      // token, and otherwise should reject the token. The audience defaults to the
      // identifier of the apiserver.
      // +optional
      optional string audience = 1;
    
      // expirationSeconds is the requested duration of validity of the service
      // account token. As the token approaches expiration, the kubelet volume
      // plugin will proactively rotate the service account token. The kubelet will
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Mon Mar 11 18:43:24 UTC 2024
    - 255.8K bytes
    - Viewed (0)
  3. CHANGELOG/CHANGELOG-1.8.md

     - The default Bootstrap Token created with `kubeadm init` v1.8 expires
     and is deleted after 24 hours by default to limit the exposure of the
     valuable credential. You can create a new Bootstrap Token with
     `kubeadm token create` or make the default token permanently valid by specifying
     `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with
     `kubeadm token delete`.
    
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Feb 20 15:45:02 UTC 2024
    - 312.2K bytes
    - Viewed (0)
  4. CHANGELOG/CHANGELOG-1.21.md

      - This changes the tokens provided to containers at `/var/run/secrets/kubernetes.io/serviceaccount/token` to be time-limited, auto-refreshed, and invalidated when the containing pod is deleted.
      - Clients should reload the token from disk periodically (once per minute is recommended) to ensure they continue to use a valid token. `k8s.io/client-go` version v11.0.0+ and v0.15.0+ reload tokens automatically.
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Fri Oct 14 07:03:14 UTC 2022
    - 367.3K bytes
    - Viewed (0)
  5. CHANGELOG/CHANGELOG-1.6.md

    * **[alpha]** New Bootstrap Token authentication and management method. Works well with kubeadm. kubeadm now supports managing tokens, including time based expiration, after the cluster is launched.  See [kubeadm reference docs](https://kubernetes.io/docs/admin/kubeadm/#manage-tokens) for details.
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 304K bytes
    - Viewed (0)
  6. CHANGELOG/CHANGELOG-1.7.md

    * `--service-account-lookup` now defaults to true, requiring the Secret API object containing the token to exist in order for a service account token to be valid. This enables service account tokens to be revoked by deleting the Secret object containing the token. ([#44071](https://github.com/kubernetes/kubernetes/pull/44071), [@liggitt](https://github.com/liggitt))
    
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu May 05 13:44:43 UTC 2022
    - 308.7K bytes
    - Viewed (1)
  7. CHANGELOG/CHANGELOG-1.11.md

     * kubeadm: The Token-related fields in the `MasterConfiguration` object have now been refactored. Instead of the top-level `.Token`, `.TokenTTL`, `.TokenUsages`, `.TokenGroups` fields, there is now a `BootstrapTokens` slice of `BootstrapToken` objects that support the same features under the `.Token`, `.TTL`, `.Usages`, `.Groups` fields. ([#64408](https://github.com/kubernetes/kubernetes/pull/64408), [@lu...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Feb 06 06:04:15 UTC 2020
    - 328.4K bytes
    - Viewed (0)
  8. CHANGELOG/CHANGELOG-1.24.md

    enabled by default. When enabled, Secret API objects containing service account tokens are no longer auto-generated for every ServiceAccount. Use the [TokenRequest](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/) API to acquire service account tokens, or if a non-expiring token is required, create a Secret API object for the token controller to populate with a service account token by following this [guide](https://kubernetes.io/docs/concepts/configurati...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Aug 24 00:02:43 UTC 2023
    - 473.4K bytes
    - Viewed (0)
  9. CHANGELOG/CHANGELOG-1.17.md

    - Kube-apiserver can now specify `--authentication-token-webhook-version=v1` or `--authorization-webhook-version=v1` to use `v1` TokenReview and SubjectAccessReview API objects when communicating with authentication and authorization webhooks. ([#84768](https://github.com/kubernetes/kubernetes/pull/84768), [@liggitt](https://github.com/liggitt))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Jan 28 10:44:33 UTC 2021
    - 346.2K bytes
    - Viewed (1)
  10. CHANGELOG/CHANGELOG-1.18.md

    - The alpha feature `ServiceAccountIssuerDiscovery` enables publishing OIDC discovery information and service account token verification keys at `/.well-known/openid-configuration` and `/openid/v1/jwks` endpoints by API servers configured to issue service account tokens. ([#80724](https://github.com/kubernetes/kubernetes/pull/80724), [@cceckman](https://github.com/cceckman)) [SIG API Machinery, Auth, Cluster Lifecycle and Testing]
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Jun 16 17:18:28 UTC 2021
    - 373.2K bytes
    - Viewed (0)
Back to top