ssmiller25
commented
4 years ago A few ideas:
Just sign the cert with Kubernetes interanl CA and the CA API within k8s itself. https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
Closed ssmiller25 closed 3 years ago
ssmiller25
commented
4 years ago A few ideas:
Just sign the cert with Kubernetes interanl CA and the CA API within k8s itself. https://kubernetes.io/docs/tasks/tls/managing-tls-in-a-cluster/
ssmiller25
commented
3 years ago Old cluster issues, closing
Right now using local scripts and kubeseal. Would rather do something that doesn't have such a local dependencies - but still lightweight. Vault might be an option, but also pretty heavy. Leaning toward a light-weight container that has cfssl baked in - and that had enough permissioned to generated sealedsecrets (which can then be exported/saved off).