Daniel Weiße
f9a581f329
Add aTLS endpoint to KMS ( #236 )
...
* Move file watcher and validator to internal
* Add aTLS endpoint to KMS for Kubernetes external requests
* Update Go version in Dockerfiles
* Move most KMS packages to internal
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-29 16:13:01 +02:00
Daniel Weiße
042f668d20
AB#2190 Verification service ( #232 )
...
* Add verification service
* Update verify command to use new Constellation verification service
* Deploy verification service on cluster init
* Update pcr-reader to use verification service
* Add verification service build workflow
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-28 17:03:28 +02:00
Christoph Meyer
9441e46e4b
AB#2033 Remove redundant "failed" in error wrapping
...
Remove "failed" from wrapped errors
Where appropriate rephrase "unable to/could not" to "failed" in root
errors
Start error log messages with "Failed"
2022-06-22 12:02:10 +01:00
Daniel Weiße
4842d29aff
AB#2111 Deploy activation service on cluster init ( #205 )
...
* Deploy activation service on cluster init
* Use base image with CA certificates for activation service
* Improve KMS server
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-15 16:00:48 +02:00
Leonard Cohnen
766182b7e7
fix cilium WireGuard Pod2Pod connectivity
2022-06-14 14:01:56 +02:00
Nils Hanke
f0b8412ef8
constellation-access-manager: Persistent SSH as ConfigMap ( #184 )
2022-06-13 16:23:19 +02:00
Leonard Cohnen
791d5564ba
replace flannel with cilium
2022-06-02 13:08:25 +02:00
Christoph Meyer
db5468a886
Deploy KMS server image in Constellation
...
Add image pull secret for ghcr.io
2022-05-31 11:13:26 +02:00
Malte Poll
1331ee4077
Install kubernetes on init / join and restart kubelet after reboot
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-23 11:40:22 +02:00
Malte Poll
c9226de9ab
Create kubernetes join token on demand
...
Signed-off-by: Malte Poll <mp@edgeless.systems>
2022-05-06 12:12:44 +02:00
Daniel Weiße
d9940fddae
Only set cloud-provider as external if supported by the CSP
...
Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-04-28 14:46:24 +02:00
katexochen
482f675dac
Capitalize Kubernetes
2022-04-26 12:02:17 +02:00
Benedict Schlueter
0ac9617dac
kubernetes: support for certKey request / support for control-plane join
...
Signed-off-by: Benedict Schlueter <bs@edgeless.systems>
2022-04-25 17:39:18 +02:00
Malte Poll
1e7794b4c2
Add Secrets / Volumes / VolumeMounts / Env to cluster-autoscaler deployment
2022-03-29 15:13:30 +02:00
Malte Poll
78d2358b9c
k8s: Use cloud provider ip as kubelet node-ip (if available)
2022-03-28 13:35:21 +02:00
Malte Poll
f5eddf8af0
Cloud providers: Add CloudNodeManager
2022-03-28 13:35:21 +02:00
Malte Poll
2158377f9f
Cloud providers: Extend CCM with ExtraArgs / ConfigMaps / Secrets / Volumes / VolumeMounts and provide CloudServiceAccountURI
2022-03-28 13:35:21 +02:00
Leonard Cohnen
2d8fcd9bf4
monorepo
...
Co-authored-by: Malte Poll <mp@edgeless.systems>
Co-authored-by: katexochen <katexochen@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
Co-authored-by: Thomas Tendyck <tt@edgeless.systems>
Co-authored-by: Benedict Schlueter <bs@edgeless.systems>
Co-authored-by: leongross <leon.gross@rub.de>
Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com>
2022-03-22 16:09:39 +01:00