Closed jvanderhoof closed 5 years ago
More info: "it's a single instance of OSS that can communicate with a k8s authn client deployed to a pod"
Expectation (from the info we have right now) is that this mTLS is intra-cluster rather than the larger inter-cluster setup.
Finally can get back to this. I will be trying to implement something like https://github.com/conjurinc/openshift-conjur-oss-deploy or https://github.com/conjurinc/container-appliance in the helm chart to move us forward with internal mTLS.
The story size is definitely not 2 days so I will update the estimate as well.
CC: @garkler
As a Conjur operator, I want to be able to configure OS Conjur to support TLS, so that I can use
authn-k8s
, which requires mTLS.GIVEN a Kubernetes environment WHEN I deploy OS Conjur using the Helm chart THEN Conjur is configured with nginx to support TLS
mTLS is needed to support authn-k8s authentication within the same cluster between the Conjur OSS (master) instance and clients (conjur-authn-k8s-client) sidecar or init container using service accounts.
Estimate: 2 weeks Confidence: low