Search Options

Results per page
Sort
Preferred Languages
Advance

Results 11 - 20 of 24 for tlsOptions (0.21 sec)

  2. github.com/istio/istio

    pilot/pkg/bootstrap/webhook.go 

    		return
	}

	tlsConfig := &tls.Config{
		GetCertificate: s.getIstiodCertificate,
		MinVersion:     tls.VersionTLS12,
		CipherSuites:   args.ServerOptions.TLSOptions.CipherSuits,
	}
	// Compliance for control plane validation and injection webhook server.
	sec_model.EnforceGoCompliance(tlsConfig)

	istiolog.Info("initializing secure webhook server for istiod webhooks")
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Jun 11 17:37:53 UTC 2024
    - 2.7K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/kubelet/server/server.go 

    		WriteTimeout:   4 * 60 * time.Minute,
		MaxHeaderBytes: 1 << 20,
	}

	if tlsOptions != nil {
		s.TLSConfig = tlsOptions.Config
		// Passing empty strings as the cert and key files means no
		// cert/keys are specified and GetCertificate in the TLSConfig
		// should be called instead.
		if err := s.ListenAndServeTLS(tlsOptions.CertFile, tlsOptions.KeyFile); err != nil {
			klog.ErrorS(err, "Failed to listen and serve")
			os.Exit(1)
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue Jun 04 06:25:43 UTC 2024
    - 40.1K bytes
    - Viewed (0)
  4. github.com/kubernetes/kubernetes

    cmd/kubelet/app/server.go 

    		}
		// Specify allowed CAs for client certificates
		tlsOptions.Config.ClientCAs = clientCAs
		// Populate PeerCertificates in requests, but don't reject connections without verified certificates
		tlsOptions.Config.ClientAuth = tls.RequestClientCert
	}

	return tlsOptions, nil
}

// setContentTypeForClient sets the appropriate content type into the rest config
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 07 00:05:34 UTC 2024
    - 53.9K bytes
    - Viewed (0)
  5. github.com/istio/istio

    pilot/pkg/grpc/grpc.go 

    	defaultInitialWindowSize           = 1024 * 1024 // default gRPC ConnWindowSize
)

// ClientOptions returns consistent grpc dial options with custom dial options
func ClientOptions(options *istiokeepalive.Options, tlsOpts *TLSOptions) ([]grpc.DialOption, error) {
	if options == nil {
		options = istiokeepalive.DefaultOption()
	}
	keepaliveOption := grpc.WithKeepaliveParams(keepalive.ClientParameters{
		Time:    options.Time,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Sat Feb 17 04:27:50 UTC 2024
    - 4.2K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    pkg/kubemark/hollow_kubelet.go 

    		Cloud:                     nil,
		OSInterface:               &containertest.FakeOS{},
		ContainerManager:          containerManager,
		VolumePlugins:             volumePlugins(),
		TLSOptions:                nil,
		OOMAdjuster:               oom.NewFakeOOMAdjuster(),
		Mounter:                   &mount.FakeMounter{},
		Subpather:                 &subpath.FakeSubpath{},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 07 17:10:54 UTC 2024
    - 7.8K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/kubelet/kubelet.go 

    			}

		} else if kubeDeps.TLSOptions.CertFile != "" && kubeDeps.TLSOptions.KeyFile != "" && utilfeature.DefaultFeatureGate.Enabled(features.ReloadKubeletServerCertificateFile) {
			klet.serverCertificateManager, err = kubeletcertificate.NewKubeletServerCertificateDynamicFileManager(kubeDeps.TLSOptions.CertFile, kubeDeps.TLSOptions.KeyFile)
			if err != nil {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 14 16:09:17 UTC 2024
    - 126.1K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pkg/istio-agent/agent_test.go 

    	meta.Namespace = "fake-namespace"
	meta.ServiceAccount = "fake-sa"
	meta.ProxyConfig = pc
	return meta
}

func setupCa(t *testing.T, auth *security.FakeAuthenticator) *mock.CAServer {
	t.Helper()
	opt := tlsOptions(t)
	s, err := mock.NewCAServerWithKeyCert(0,
		testutil.ReadFile(t, filepath.Join(env.IstioSrc, "./tests/testdata/certs/pilot/ca-key.pem")),
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 16 22:12:28 UTC 2024
    - 33.4K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/istio-agent/xds_proxy.go 

    func (p *XdsProxy) getTLSOptions(agent *Agent) (*istiogrpc.TLSOptions, error) {
	if agent.proxyConfig.ControlPlaneAuthPolicy == meshconfig.AuthenticationPolicy_NONE {
		return nil, nil
	}
	xdsCACertPath, err := agent.FindRootCAForXDS()
	if err != nil {
		return nil, fmt.Errorf("failed to find root CA cert for XDS: %v", err)
	}
	key, cert := agent.GetKeyCertsForXDS()
	return &istiogrpc.TLSOptions{
		RootCert:      xdsCACertPath,
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Thu May 16 22:12:28 UTC 2024
    - 27.9K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    pkg/kubelet/kubelet_test.go 

    	cadvisor.EXPECT().ImagesFsInfo().Return(cadvisorapiv2.FsInfo{
		Usage:     400,
		Capacity:  1000,
		Available: 600,
	}, nil).AnyTimes()
	tlsOptions := &server.TLSOptions{
		Config: &tls.Config{
			MinVersion: 0,
		},
	}
	fakeRuntime, endpoint := createAndStartFakeRemoteRuntime(t)
	defer func() {
		fakeRuntime.Stop()
	}()
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Fri Jun 14 16:09:17 UTC 2024
    - 106.9K bytes
    - Viewed (0)
  11. github.com/istio/istio

    pilot/pkg/config/kube/gateway/testdata/eastwest-tlsoption.yaml 

    Frank Budinsky <******@****.***> 1697669019 -0400
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Wed Oct 18 22:43:39 UTC 2023
    - 1.1K bytes
    - Viewed (0)
Back to top