TLS configuration: support kubernetes.io/tls type of secret.

coreos / etcd-operator

etcd operator creates/configures/manages etcd clusters atop Kubernetes

https://coreos.com/blog/introducing-the-etcd-operator.html

Apache License 2.0

1.75k stars 741 forks source link

TLS configuration: support kubernetes.io/tls type of secret. #2080

Open jgreat opened 5 years ago

jgreat commented 5 years ago

Please consider supporting the the standard tls type of secret or add an option to specify the secret data key names in the config. This would allow for automatic cert generation with tools like cert-manager.

cert-manager generates tls secret objects like this:

kind: Secret
type: kubernetes.io/tls
apiVersion: v1
data:
  ca.crt: ...
  tls.crt: ...
  tls.key: ...

sz-po commented 5 years ago

Is there any progres in this issue?

judahrand commented 5 years ago

This looks like it would be relatively straightforward to implement if you were happy to drop support for the current naming scheme and instead use only tls type secrets. This seems to me like it would be a reasonable thing to do?

I'm trying to use etcd with a self signing issuer from cert-manager which only supports tls secrets and this is causing some real frustration.

I'm happy to put a PR together based on a maintainers advice?

Smana commented 4 years ago

Is there any update in this issue ? That would be great if we could use the certificate generated from cert-manager.