kubernetes-retired / cluster-api-provider-nested

Cluster API Provider for Nested Clusters
Apache License 2.0
301 stars 67 forks source link

✨ Add external apiserver domain to the APIServer certificate #283

Closed m-messiah closed 2 years ago

m-messiah commented 2 years ago

What this PR does / why we need it: The PR checks the presence of tenancy.x-k8s.io/external-apiserver-domain label in VirtualCluster object and adds it contents to the list of altNames.DNSNames in the apiserver certificate, allowing access to the apiserver from outside of the cluster (through an external LoadBalancer service). This is the responsibility of an operator or other controllers to set that label according to the super-cluster configuration.

k8s-ci-robot commented 2 years ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: christopherhein, m-messiah

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[virtualcluster/OWNERS](https://github.com/kubernetes-sigs/cluster-api-provider-nested/blob/main/virtualcluster/OWNERS)~~ [christopherhein] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment
christopherhein commented 2 years ago

Nice work, thanks!