mokul
June 23, 2021, 6:34pm
1
Would like to draw attention around the two enhancements PR is sitting there. These PR will help to deploy self-hoster mender cluster in k8s. dont know where to knock for those PRs thats why posted here.
mendersoftware:master ā nucatus:traefik_no_ssl
opened 03:12PM - 15 Jun 21 UTC
In case no SSL termination is desired in the api-gateway, that should be
possibā¦ le and the traefik configuration should be consistent with the
supplied configuration parameter `api_gateway.env.SSL`.
Signed-off-by: Alexandru Ionita <alexandru.ionita@gmail.com>
mendersoftware:master ā ffoysal:use-service-account2
opened 07:21AM - 17 Jun 21 UTC
Signed-off-by: Foysal Iqbal <foysal.iqbal.fb@gmail.com>
Once the K8s cluster ā¦ in AWS infrastructure use can use service account to access aws resources. detail explanation is in https://aws.amazon.com/blogs/opensource/introducing-fine-grained-iam-roles-service-accounts/
In order to use K8s service account according to this need to provide `serviceAccountName` in the pod spec. User does not need to provide `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` if they want to use k8s service account. If they dont want to use service account the default behavior in chart remains as before.
Signed-off-by: Foysal Iqbal <foysal.iqbal.fb@gmail.com>
Hello @mokul , Iām reviewing those PRs and get back to you in a few days.
2 Likes