Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 11 for Hosken (0.22 sec)

  2. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.21.md 

      - This changes the tokens provided to containers at `/var/run/secrets/kubernetes.io/serviceaccount/token` to be time-limited, auto-refreshed, and invalidated when the containing pod is deleted.
  - Clients should reload the token from disk periodically (once per minute is recommended) to ensure they continue to use a valid token. `k8s.io/client-go` version v11.0.0+ and v0.15.0+ reload tokens automatically.
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Fri Oct 14 07:03:14 GMT 2022
    - 367.3K bytes
    - Viewed (4)
  3. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.27.md 

    - Graduated the `LegacyServiceAccountTokenTracking` feature gate to Beta. The usage of auto-generated secret-based service account token now produces warnings by default, and relevant Secrets are labeled with a last-used timestamp (label key `kubernetes.io/legacy-token-last-used`). ([#114523](https://github.com/kubernetes/kubernetes/pull/114523), [@zshihang](https://github.com/zshihang)) [SIG API Machinery and Auth]
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Apr 16 15:20:21 GMT 2024
    - 434.3K bytes
    - Viewed (3)
  4. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.8.md 

     - The default Bootstrap Token created with `kubeadm init` v1.8 expires
 and is deleted after 24 hours by default to limit the exposure of the
 valuable credential. You can create a new Bootstrap Token with
 `kubeadm token create` or make the default token permanently valid by specifying
 `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with
 `kubeadm token delete`.
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Feb 20 15:45:02 GMT 2024
    - 312.2K bytes
    - Viewed (1)
  5. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.28.md 

      is now available as alpha (off by default). When enabled, the `legacy-service-account-token-cleaner`
  controller loop removes service account token secrets that have not been used
  in the time specified by `--legacy-service-account-token-clean-up-period` (defaulting
  to one year), **and are** referenced from the `.secrets` list of a ServiceAccount
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Apr 16 20:44:48 GMT 2024
    - 385.1K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.24.md 

    ServiceAccount. Use the [TokenRequest](https://kubernetes.io/docs/reference/kubernetes-api/authentication-resources/token-request-v1/) API to acquire service account tokens, or if a non-expiring token is required, create a Secret API object for the token controller to populate with a service account token by following this [guide](https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets). ([#108309](https://github.com/kubernetes/kubernetes/pull/108309), [@zshihang](https://github.com/zshihang))...
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Thu Aug 24 00:02:43 GMT 2023
    - 473.4K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.22.md 

    unprivileged pods, using the proxy to perform privileged storage operations on the node.

Another feature moving to GA in v1.22 is CSI Service Account Token support. This feature allows CSI drivers to use pods' [bound service account tokens](https://kubernetes.io/docs/reference/access-authn-authz/service-accounts-admin/#bound-service-account-token-volume) instead of a more privileged identity. It also provides control over to re-publishing these volumes, so that short-lived tokens can be refreshed....
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Dec 13 12:43:45 GMT 2022
    - 454.1K bytes
    - Viewed (1)
  8. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.23.md 

    - Fixes an issue where an admission webhook can observe a v1 Pod object that does not have the `defaultMode` field set in the injected service account token volume in kube-api-server. ([#104523](https://github.com/kubernetes/kubernetes/pull/104523), [@liggitt](https://github.com/liggitt))
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Feb 28 21:06:52 GMT 2023
    - 424.5K bytes
    - Viewed (0)
  9. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.25.md 

    - Fix a data race in authentication between AuthenticatedGroupAdder and cached token authenticator. ([#109969](https://github.com/kubernetes/kubernetes/pull/109969), [@sttts](https://github.com/sttts)) [SIG API Machinery and Auth]
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Thu Nov 16 11:30:31 GMT 2023
    - 419K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.30.md 

    - Updated an audit annotation key used by the `…/serviceaccounts/<name>/token` resource handler.
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Wed Apr 17 17:56:15 GMT 2024
    - 227.9K bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.29.md 

    - `kube-controller-manager`: The `LegacyServiceAccountTokenCleanUp` feature gate is now `beta` and enabled by default. When enabled, legacy auto-generated service account token secrets are auto-labeled with a `kubernetes.io/legacy-token-invalid-since` label if the credentials have not been used in the time...
    Plain Text
    - Registered: Fri May 03 09:05:14 GMT 2024
    - Last Modified: Tue Apr 16 21:41:06 GMT 2024
    - 299.9K bytes
    - Viewed (1)
Back to top