certificate-init-container

command module

v0.9.0 Latest Latest Go to latest Published: Apr 8, 2021 License: Apache-2.0 Imports: 23 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/proofpoint/certificate-init-container

Links

Open Source Insights

README ¶

Certificate Init Container

The certificate-init-container generates TLS certificates for pods using the Kubernetes certificate API.

Prerequisites

Kubernetes 1.6.0+

Usage

Create a deployment that uses the certificate-init-container:

kubectl create -f deployments/tls-app.yaml

The certificate-init-container will generate a private key, certificate signing request (csr), and submit a certificate signing request to the Kubernetes certificate API, then wait for the certificate to be approved.

For handling approval of certificate requests we recommend using proofpoint/kapprover.

Once the certificate signing request has been approved the certificate-init-container will fetch the signed certificate and write it in both PEM and Java keystore (password "keystore") format to a shared filesystem.

Next the certificate-init-container will exit and the pod will start the remaining containers, which will have access to the certificate and private key.

See the example deployment for more details.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL