Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Harbor self-signed certificate auto-injection #18

Open
lubronzhan opened this issue Mar 11, 2021 · 2 comments
Open

Harbor self-signed certificate auto-injection #18

lubronzhan opened this issue Mar 11, 2021 · 2 comments

Comments

@lubronzhan
Copy link
Collaborator

lubronzhan commented Mar 11, 2021

If customer use self-signed certificate, the container runtime of K8s cluster needs to trust the certifcate.
In the future, k8s will be using containerd as primary runtime.
But currently containerd doesn't support hosts-dir folder as docker to inject cert in runtime.
Once this PR is in containerd/containerd#4978 new containerd and used by K8s, we should be able to inject cert without restarting containerd

@lubronzhan
Copy link
Collaborator Author

lubronzhan commented Mar 17, 2021

It will be in containerd 1.5 https://github.com/containerd/containerd/releases/tag/v1.5.0

@lubronzhan
Copy link
Collaborator Author

https://github.com/kubernetes-sigs/kind/releases/tag/v0.11.1
kind 0.11 has containerd 1.5.2. I could try test on this kind

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant