c12s-kubespray/roles/kubernetes/secrets/tasks
Vincent Schwarzer ea1f072c7e Granular authentication Control
It is now possible to deactivate selected authentication methods
(basic auth, token auth) inside the cluster by adding
removing the required arguments to the Kube API Server and generating
the secrets accordingly.

The x509 authentification is currently not optional because disabling it
would affect the kubectl clients deployed on the master nodes.
2017-03-14 16:57:35 +01:00
..
check-certs.yml Use find module for checking for certificates 2017-03-03 16:21:01 +03:00
check-tokens.yml Granular authentication Control 2017-03-14 16:57:35 +01:00
gen_certs_script.yml Use find module for checking for certificates 2017-03-03 16:21:01 +03:00
gen_certs_vault.yml Vault security hardening and role isolation 2017-02-08 21:41:36 +00:00
gen_tokens.yml set "check_mode: no" for read-only "shell" steps that registers result 2017-02-13 18:53:41 +03:00
main.yml Granular authentication Control 2017-03-14 16:57:35 +01:00
sync_kube_master_certs.yml Vault security hardening and role isolation 2017-02-08 21:41:36 +00:00
sync_kube_node_certs.yml Vault security hardening and role isolation 2017-02-08 21:41:36 +00:00