Skip to content

Commit

Permalink
Merge pull request #4198 from zhzhuang-zju/tls1.3
Browse files Browse the repository at this point in the history 
set MinVersion to VersionTLS13 for tlsconfig
  • Loading branch information
@karmada-bot
karmada-bot authored Nov 16, 2023
2 parents a4b1444 + 9ee49a5 commit 98e655f
Show file tree
Hide file tree
Showing 9 changed files with 10 additions and 0 deletions.
1 change: 1 addition & 0 deletions artifacts/deploy/karmada-aggregated-apiserver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ spec:
- --feature-gates=APIPriorityAndFairness=false
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
resources:
requests:
cpu: 100m
Expand Down
1 change: 1 addition & 0 deletions artifacts/deploy/karmada-apiserver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ spec:
- --requestheader-username-headers=X-Remote-User
- --tls-cert-file=/etc/karmada/pki/apiserver.crt
- --tls-private-key-file=/etc/karmada/pki/apiserver.key
- --tls-min-version=VersionTLS13
name: karmada-apiserver
image: registry.k8s.io/kube-apiserver:v1.25.4
imagePullPolicy: IfNotPresent
Expand Down
1 change: 1 addition & 0 deletions artifacts/deploy/karmada-metrics-adapter.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@ spec:
- --audit-log-path=-
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
readinessProbe:
httpGet:
path: /readyz
Expand Down
1 change: 1 addition & 0 deletions artifacts/deploy/karmada-search.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ spec:
- --feature-gates=APIPriorityAndFairness=false
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
livenessProbe:
httpGet:
path: /livez
Expand Down
1 change: 1 addition & 0 deletions charts/karmada/templates/karmada-aggregated-apiserver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ spec:
- --feature-gates=APIPriorityAndFairness=false
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
resources:
{{- toYaml .Values.aggregatedApiServer.resources | nindent 12 }}
readinessProbe:
Expand Down
1 change: 1 addition & 0 deletions charts/karmada/templates/karmada-apiserver.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,7 @@ spec:
- --tls-private-key-file=/etc/kubernetes/pki/karmada.key
- --max-requests-inflight={{ .Values.apiServer.maxRequestsInflight }}
- --max-mutating-requests-inflight={{ .Values.apiServer.maxMutatingRequestsInflight }}
- --tls-min-version=VersionTLS13
ports:
- name: http
containerPort: 5443
Expand Down
1 change: 1 addition & 0 deletions charts/karmada/templates/karmada-search.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@ spec:
- --feature-gates=APIPriorityAndFairness=false
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
livenessProbe:
httpGet:
path: /livez
Expand Down
2 changes: 2 additions & 0 deletions operator/pkg/controlplane/apiserver/mainfests.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@ spec:
- --max-requests-inflight=1500
- --max-mutating-requests-inflight=500
- --v=4
- --tls-min-version=VersionTLS13
livenessProbe:
failureThreshold: 8
httpGet:
Expand Down Expand Up @@ -171,6 +172,7 @@ spec:
- --feature-gates=APIPriorityAndFairness=false
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
volumeMounts:
- mountPath: /etc/karmada/kubeconfig
name: kubeconfig
Expand Down
1 change: 1 addition & 0 deletions operator/pkg/controlplane/metricsadapter/mainfests.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ spec:
- --audit-log-path=-
- --audit-log-maxage=0
- --audit-log-maxbackup=0
- --tls-min-version=VersionTLS13
volumeMounts:
- name: kubeconfig
subPath: kubeconfig
Expand Down

0 comments on commit 98e655f

Please sign in to comment.