This repository has been archived by the owner on Oct 21, 2020. It is now read-only.
Ceph provisioner requires creating secrets in PVC namespaces #309
Comments
rootfs
changed the title
rootfs
changed the title
cofyc
added a commit
to cofyc/external-storage
that referenced
this issue
Jan 10, 2018
- Administrators can configure a dedicated secret namespace for CephFS provisioner (fix kubernetes-retired#309) - Fix a bug in deleting secrets (should be backward compatible)
cofyc
added a commit
to cofyc/external-storage
that referenced
this issue
Jan 10, 2018
- Administrators can configure a dedicated secret namespace for CephFS provisioner (fix kubernetes-retired#309) - Fix a bug in deleting secrets (should be backward compatible)
cofyc
added a commit
to cofyc/external-storage
that referenced
this issue
Jan 10, 2018
- Administrators can configure a dedicated secret namespace for CephFS provisioner (fix kubernetes-retired#309) - Fix a bug in deleting secrets (should be backward compatible)
aglitke
pushed a commit
to aglitke/external-storage
that referenced
this issue
Jan 19, 2018
- Administrators can configure a dedicated secret namespace for CephFS provisioner (fix kubernetes-retired#309) - Fix a bug in deleting secrets (should be backward compatible)
Merged
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Existing CephFS PV expects a secret exists in the Pod's (or Claim's) namespace, and thus tries to create secret in any namespace. This will bring risk if CephFS provisioner is compromised and overrides secrets used by kubernetes.
@liggitt
The text was updated successfully, but these errors were encountered: