coreos-kubernetes icon indicating copy to clipboard operation
coreos-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon coreos

Documentation: Etcd TLS

Open stongo opened this issue 8 years ago • 2 comments

Is there any reason the documentation chooses to make Etcd2 insecure and not use TLS? TL;DR CoreOS bills itself as a security first company except when using Etcd?

This is problematic for a couple reasons:

  • There's potentially many people who've deployed K8S on CoreOS with an insecure Etcd cluster after following these instructions. Considering K8S does not encrypt secrets in Etcd, this is a catastrophic security risk. One could argue this is dependent on the user making good choices, but CoreOS should guide all users to make the right choices.
  • It allows TLS related bugs in all services to go unnoticed for longer due to lower levels of community testing. I've personally hit a wall with Calico due to TLS issues

stongo avatar Feb 16 '17 15:02 stongo

The current effort to support this in a manageable way is with the etcd-operator, which has TLS support underway: https://github.com/coreos/etcd-operator/pull/736

robszumski avatar Feb 16 '17 18:02 robszumski

Awesome! Thanks for the response. I've been issuing k8s and etcd certificates with Vault PKI backend. It's really made it much easier

stongo avatar Feb 17 '17 02:02 stongo