node-feature-discovery

mirror of https://github.com/kubernetes-sigs/node-feature-discovery.git synced 2024-12-14 11:57:51 +00:00

History

Markus Lehtonen 5253d25d99 Add worker (client) authentication Implement TLS client certificate authentication. It is enabled by specifying --ca-file, --key-file and --cert-file, on both the nfd-master and nfd-worker side. When enabled, nfd-master verifies that the client (worker) presents a valid certificate signed by the root certificate (--ca-file). In addition, nfd-master does authorization based on the Common Name (CN) of the client certificate: CN must match the node name specified in the labeling request. This ensures (assuming that the worker certificates are correctly deployed) that nfd-worker is only able to label the node it is running on, i.e. prevents it from labeling other nodes.	2019-04-04 22:40:24 +03:00
..
main.go	Add worker (client) authentication	2019-04-04 22:40:24 +03:00
main_test.go	Add worker (client) authentication	2019-04-04 22:40:24 +03:00

Markus Lehtonen 5253d25d99 Add worker (client) authentication

Implement TLS client certificate authentication. It is enabled by
specifying --ca-file, --key-file and --cert-file, on both the nfd-master
and nfd-worker side. When enabled, nfd-master verifies that the client
(worker) presents a valid certificate signed by the root certificate
(--ca-file). In addition, nfd-master does authorization based on the Common Name
(CN) of the client certificate: CN must match the node name specified in
the labeling request. This ensures (assuming that the worker
certificates are correctly deployed) that nfd-worker is only able to label
the node it is running on, i.e. prevents it from labeling other nodes.

2019-04-04 22:40:24 +03:00

main.go

Add worker (client) authentication

2019-04-04 22:40:24 +03:00

main_test.go

Add worker (client) authentication

2019-04-04 22:40:24 +03:00