© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0f7b58d
(Get the code!)
Yes, we use a single ca for the cluster. The ca.key is passed with the heat-agent, not via user_data.
Having the ca.key in the master node is a moderate security concern.
We need to check:
1. If we generate a second CA for the certificate signing and use it also for the service account keys, will it work? I mean having different sets if CA, will it cause any incompatibility issues?
2. What we will achieve with this? The problem we try to solve is to secure the the ca.key to not grant access to someone that has access to the ca.key. But, to access the ca.key you must access a master node. Even with different CAs, if someone has access to a master node, he has access to the kubernetes api as admin and access to the etcd data. The question is, what we gain?