Skip to content

First draft of security doc covering minion/etcd isolation#859

Merged
erictune merged 1 commit intokubernetes:masterfrom
smarterclayton:add_security_doc
Aug 13, 2014
Merged

First draft of security doc covering minion/etcd isolation#859
erictune merged 1 commit intokubernetes:masterfrom
smarterclayton:add_security_doc

Conversation

@smarterclayton
Copy link
Copy Markdown
Contributor

@smarterclayton smarterclayton commented Aug 12, 2014

Covers topics raised in #846 at a high level.

@lavalamp
Copy link
Copy Markdown
Contributor

lavalamp commented Aug 12, 2014

An additional paragraph about how a scheduler should be constrained might be handy.

@erictune might be relevant to the doc you're working on.

@smarterclayton smarterclayton mentioned this pull request Aug 12, 2014
Merged
@derekwaynecarr
Copy link
Copy Markdown
Member

derekwaynecarr commented Aug 12, 2014

LGTM - I prefer this approach over direct access to etcd from each minion.

@erictune
Copy link
Copy Markdown
Contributor

erictune commented Aug 13, 2014

LGTM

erictune added a commit that referenced this pull request Aug 13, 2014
@erictune
Merge pull request #859 from smarterclayton/add_security_doc
b8ac709 
First draft of security doc covering minion/etcd isolation
@erictune erictune merged commit b8ac709 into kubernetes:master Aug 13, 2014
pchico83
pchico83 reviewed Aug 13, 2014
View reviewed changes
docs/security.md
Copy link
Copy Markdown

@pchico83 pchico83 Aug 13, 2014

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This will help etcd-io/etcd#91

smarterclayton added a commit to smarterclayton/kubernetes that referenced this pull request Aug 23, 2014
@smarterclayton
Proposal: Isolate kubelet from etcd
e54e076 
Discusses the current security risks posed by the kubelet->etcd pattern
and discusses some options.

Triggered by kubernetes#846 and referenced in kubernetes#859
@erictune erictune mentioned this pull request Sep 12, 2014
Closed
smarterclayton added a commit to smarterclayton/kubernetes that referenced this pull request Jan 4, 2015
@smarterclayton
Proposal: Isolate kubelet from etcd
99977ce 
Discusses the current security risks posed by the kubelet->etcd pattern
and discusses some options.

Triggered by kubernetes#846 and referenced in kubernetes#859
@smarterclayton smarterclayton deleted the add_security_doc branch February 11, 2015 02:21
vishh added a commit to vishh/kubernetes that referenced this pull request Apr 6, 2016
@vishh
Merge pull request kubernetes#859 from mikedanese/go1.5
5d30b67 
use vanity domain for gcloud-golang
xingzhou pushed a commit to xingzhou/kubernetes that referenced this pull request Dec 15, 2016
@smarterclayton
Proposal: Isolate kubelet from etcd
606dcf1 
Discusses the current security risks posed by the kubelet->etcd pattern
and discusses some options.

Triggered by kubernetes#846 and referenced in kubernetes#859
b3atlesfan pushed a commit to b3atlesfan/kubernetes that referenced this pull request Feb 5, 2021
@tomdee
Merge pull request kubernetes#859 from tomdee/remove-aci
34f17ae 
Makefile: Stop building ACIs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@smarterclayton @lavalamp @derekwaynecarr @erictune @pchico83