You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Check out how to properly build static Kubernetes binaries without breaking CGO
The proper way of building static Kubernetes binaries seems to be using the KUBE_STATIC_OVERRIDES environment variable. To my current understanding, this disables CGO altogether. This might backfire for FIPS builds. Properly forward CGO settings into Kubernetes build #2910
Adjust nodeutil.GetHostname imports
Migrate from --container-runtime-endpoint kubelet flag to KubeletConfiguration.ContainerRuntimeEndpoint kubelet configuration field
Properly check for required key usages when approving node certificates
The "key encipherment" usage is only required when using RSA keys, which the kubelet doesn't by default. Kubernetes 1.27 will no longer request that usage for node certificates if not using RSA keys.
Tracking issue, things to be done:
static/misc/api-resources.yaml
.The proper way of building static Kubernetes binaries seems to be using the
KUBE_STATIC_OVERRIDES
environment variable. To my current understanding, this disables CGO altogether. This might backfire for FIPS builds.Properly forward CGO settings into Kubernetes build #2910
nodeutil.GetHostname
imports--container-runtime-endpoint
kubelet flag toKubeletConfiguration.ContainerRuntimeEndpoint
kubelet configuration fieldThe "key encipherment" usage is only required when using RSA keys, which the kubelet doesn't by default. Kubernetes 1.27 will no longer request that usage for node certificates if not using RSA keys.
k0s kc
. @kkeThe text was updated successfully, but these errors were encountered: