- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 11 for tlsOptions (0.22 sec)
-
pilot/pkg/bootstrap/certcontroller.go
func (s *Server) initFileCertificateWatches(tlsOptions TLSOptions) error { if err := s.istiodCertBundleWatcher.SetFromFilesAndNotify(tlsOptions.KeyFile, tlsOptions.CertFile, tlsOptions.CaCertFile); err != nil { return fmt.Errorf("set keyCertBundle failed: %v", err) } // TODO: Setup watcher for root and restart server if it changes. for _, file := range []string{tlsOptions.CertFile, tlsOptions.KeyFile} {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 11.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/server_test.go
} // Update cert/key files. if err := os.WriteFile(tlsOptions.CertFile, testcerts.RotatedCert, 0o644); err != nil { // nolint: vetshadow t.Fatalf("WriteFile(%v) failed: %v", tlsOptions.CertFile, err) } if err := os.WriteFile(tlsOptions.KeyFile, testcerts.RotatedKey, 0o644); err != nil { // nolint: vetshadow t.Fatalf("WriteFile(%v) failed: %v", tlsOptions.KeyFile, err) } g := NewWithT(t)
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 23.1K bytes - Viewed (0) -
pilot/pkg/bootstrap/options.go
// Optional TLS configuration TLSOptions TLSOptions // The listening address for secured gRPC. If the port in the address is empty or "0" (as in "127.0.0.1:" or "[::1]:0") // a port number is automatically chosen. SecureGRPCAddr string } type InjectionOptions struct { // Directory of injection related config files. InjectionDirectory string } // TLSOptions is optional TLS parameters for Istiod server.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 6.1K bytes - Viewed (0) -
pilot/pkg/bootstrap/server.go
func hasCustomTLSCerts(tlsOptions TLSOptions) (ok bool, tlsCertPath, tlsKeyPath, caCertPath string) { // load from tls args as priority if hasCustomTLSCertArgs(tlsOptions) { return true, tlsOptions.CertFile, tlsOptions.KeyFile, tlsOptions.CaCertFile }
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 17:48:28 UTC 2024 - 46.3K bytes - Viewed (0) -
pilot/pkg/bootstrap/webhook.go
return } tlsConfig := &tls.Config{ GetCertificate: s.getIstiodCertificate, MinVersion: tls.VersionTLS12, CipherSuites: args.ServerOptions.TLSOptions.CipherSuits, } // Compliance for control plane validation and injection webhook server. sec_model.EnforceGoCompliance(tlsConfig) istiolog.Info("initializing secure webhook server for istiod webhooks")
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Tue Jun 11 17:37:53 UTC 2024 - 2.7K bytes - Viewed (0) -
pkg/kubelet/server/server.go
WriteTimeout: 4 * 60 * time.Minute, MaxHeaderBytes: 1 << 20, } if tlsOptions != nil { s.TLSConfig = tlsOptions.Config // Passing empty strings as the cert and key files means no // cert/keys are specified and GetCertificate in the TLSConfig // should be called instead. if err := s.ListenAndServeTLS(tlsOptions.CertFile, tlsOptions.KeyFile); err != nil { klog.ErrorS(err, "Failed to listen and serve") os.Exit(1)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Jun 04 06:25:43 UTC 2024 - 40.1K bytes - Viewed (0) -
cmd/kubelet/app/server.go
} // Specify allowed CAs for client certificates tlsOptions.Config.ClientCAs = clientCAs // Populate PeerCertificates in requests, but don't reject connections without verified certificates tlsOptions.Config.ClientAuth = tls.RequestClientCert } return tlsOptions, nil } // setContentTypeForClient sets the appropriate content type into the rest config
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 00:05:34 UTC 2024 - 53.9K bytes - Viewed (0) -
pkg/kubemark/hollow_kubelet.go
Cloud: nil, OSInterface: &containertest.FakeOS{}, ContainerManager: containerManager, VolumePlugins: volumePlugins(), TLSOptions: nil, OOMAdjuster: oom.NewFakeOOMAdjuster(), Mounter: &mount.FakeMounter{}, Subpather: &subpath.FakeSubpath{},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 17:10:54 UTC 2024 - 7.8K bytes - Viewed (0) -
pkg/kubelet/kubelet.go
} } else if kubeDeps.TLSOptions.CertFile != "" && kubeDeps.TLSOptions.KeyFile != "" && utilfeature.DefaultFeatureGate.Enabled(features.ReloadKubeletServerCertificateFile) { klet.serverCertificateManager, err = kubeletcertificate.NewKubeletServerCertificateDynamicFileManager(kubeDeps.TLSOptions.CertFile, kubeDeps.TLSOptions.KeyFile) if err != nil {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 14 16:09:17 UTC 2024 - 126.1K bytes - Viewed (0) -
pkg/kubelet/kubelet_test.go
cadvisor.EXPECT().ImagesFsInfo().Return(cadvisorapiv2.FsInfo{ Usage: 400, Capacity: 1000, Available: 600, }, nil).AnyTimes() tlsOptions := &server.TLSOptions{ Config: &tls.Config{ MinVersion: 0, }, } fakeRuntime, endpoint := createAndStartFakeRemoteRuntime(t) defer func() { fakeRuntime.Stop() }()
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 14 16:09:17 UTC 2024 - 106.9K bytes - Viewed (0)