Kubernetes Control Plane Charm

PodSecurityPolicy does not work correctly with kube-controller-manager connecting via insecure port

Bug #1841965 reported by George Kraft
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Kubernetes Control Plane Charm
Fix Released
Undecided
Unassigned
Kubernetes Control Plane Charm 1.16

Bug Description

From https://github.com/charmed-kubernetes/charm-kubernetes-master/pull/46:

> At this moment controller managers services are talking to API server on the insecured port. (i.e:: auth and authz bypassed) PodSecurityPolicy need controller-manager service running, authentificated with it's own credential. Otherwise all PodSecurityPolicy objects would be allowed for each Pod created by controller-manager (ReplicaSet, Deployment...)

Revision history for this message
George Kraft (cynerva) wrote :

Fixed by https://github.com/charmed-kubernetes/charm-kubernetes-master/pull/46

Thanks to pierrop for the contribution!

Changed in charm-kubernetes-master:
status: New → Fix Committed
milestone: none → 1.16
Tim Van Steenburgh (tvansteenburgh)
Changed in charm-kubernetes-master:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.