TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-08-19 09:30:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

cmd/k8s-operator: configure proxies for HA Ingress to run in cert share mode (#15308)

Browse Source 
cmd/k8s-operator: configure HA Ingress replicas to share certs

Creates TLS certs Secret and RBAC that allows HA Ingress replicas
to read/write to the Secret.
Configures HA Ingress replicas to run in read-only mode.

Updates tailscale/corp#24795


Signed-off-by: Irbe Krumina <irbe@tailscale.com>
This commit is contained in:
Irbe Krumina
2025-03-19 12:49:31 +00:00
committed by GitHub
parent b0095a5da4
commit f50d3b22db
18 changed files with 255 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/k8s-operator/svc.go
View File

@@ -84,10 +84,10 @@ func childResourceLabels(name, ns, typ string) map[string]string {
// proxying. Instead, we have to do our own filtering and tracking with
// labels.
return map[string]string{
LabelManaged: "true",
LabelParentName: name,
LabelParentNamespace: ns,
LabelParentType: typ,
kubetypes.LabelManaged: "true",
LabelParentName: name,
LabelParentNamespace: ns,
LabelParentType: typ,
}
}