cilium: Fix the configuration of tls for hubble (#9880)
Signed-off-by: utam0k <k0ma@utam0k.jp>pull/9922/head
parent
f6e4a231cb
commit
8afd74ce1f
|
@ -1,3 +1,4 @@
|
|||
#jinja2: trim_blocks:False
|
||||
---
|
||||
# Source: cilium helm chart: cilium/templates/hubble-relay/configmap.yaml
|
||||
apiVersion: v1
|
||||
|
@ -16,6 +17,8 @@ data:
|
|||
sort-buffer-drain-timeout:
|
||||
tls-client-cert-file: /var/lib/hubble-relay/tls/client.crt
|
||||
tls-client-key-file: /var/lib/hubble-relay/tls/client.key
|
||||
tls-server-cert-file: /var/lib/hubble-relay/tls/server.crt
|
||||
tls-server-key-file: /var/lib/hubble-relay/tls/server.key
|
||||
tls-hubble-server-ca-files: /var/lib/hubble-relay/tls/hubble-server-ca.crt
|
||||
disable-server-tls: {% if cilium_hubble_tls_generate %}false{% else %}true{% endif %}
|
||||
disable-client-tls: {% if cilium_hubble_tls_generate %}false{% else %}true{% endif %}
|
||||
|
|
|
@ -79,12 +79,21 @@ spec:
|
|||
- secret:
|
||||
name: hubble-relay-client-certs
|
||||
items:
|
||||
- key: ca.crt
|
||||
path: hubble-server-ca.crt
|
||||
- key: tls.crt
|
||||
path: client.crt
|
||||
- key: tls.key
|
||||
path: client.key
|
||||
- key: ca.crt
|
||||
path: hubble-server-ca.crt
|
||||
- secret:
|
||||
name: hubble-server-certs
|
||||
items:
|
||||
- key: tls.crt
|
||||
path: server.crt
|
||||
- key: tls.key
|
||||
path: server.key
|
||||
name: tls
|
||||
---
|
||||
# Source: cilium/templates/hubble-ui/deployment.yaml
|
||||
|
|
Loading…
Reference in New Issue