Skip to content
This repository has been archived by the owner on Mar 28, 2020. It is now read-only.

doc: cluster_tls, wildcard domain correction #1403

Closed
wants to merge 1 commit into from

Conversation

raoofm
Copy link

@raoofm raoofm commented Sep 14, 2017

doc: cluster_tls, wildcard domain correction

based on the discussion etcd-io/etcd#8534 (comment)

doc: cluster_tls, wildcard domain correction

based on the discussion etcd-io/etcd#8534 (comment)
@etcd-bot
Copy link
Collaborator

Can one of the admins verify this patch?

1 similar comment
@etcd-bot
Copy link
Collaborator

Can one of the admins verify this patch?

@@ -35,8 +35,8 @@ The example cluster YAML manifest and example certs can be found in [example/tls

The peer TLS assets should have the following:
- **peer.crt**: peer communication cert.
The certificate should allow wildcard domain `*.${clusterName}.${namespace}.svc`.
In this case, it is `*.example.default.svc`.
The certificate should allow wildcard domain `*.${clusterName}.${namespace}.svc` and `*.{clusterName}.{namespace}.svc.cluster.local`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See https://github.com/coreos/etcd-operator/blob/master/pkg/util/etcdutil/member.go#L40

After 0.5.1+, etcd operator will not have ".cluster.local" suffix in domain.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tls was failing as the host didn't had .cluster.local suffix while creating the cert. I'll try with 0.5.2 and will let you know.

@hongchaodeng
Copy link
Member

I don't understand why you create this PR. Can you elaborate your problem again?

@hongchaodeng
Copy link
Member

Closing this since it's not necessary.
@raoofm Feel free to reopen if you still have any issue

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants