GitXplorerGitXplorer
f

tls-poc-operator

public
0 stars
0 forks
0 issues

Commits

List of commits on branch master.
Verified
9f871973e8fa5d4d9c98381e631e611aa3fbd820

Merge pull request #5 from fanminshi/update_readme

ffanminshi committed 6 years ago
Unverified
58e39be63743237b4c52581db85ab28c80de5f5c

readme: update readme with mutal tls

ffanminshi committed 6 years ago
Verified
bb92b8ab34cc5c89b15bfe2a30f0452ce3c38f0e

Merge pull request #4 from fanminshi/add_mutal_tls

ffanminshi committed 6 years ago
Unverified
206ca9e8c3e1ba469c8536d88e3a63c01a5daaf0

stub: add mutal tls example

ffanminshi committed 6 years ago
Verified
01bb6d8c5595b30e488ee6c20707d8e95cb49d37

Merge pull request #3 from fanminshi/add_comment

ffanminshi committed 6 years ago
Unverified
3dd8ee0ec30eb5f61f22864533c9e88115cae005

stub: add commenting

ffanminshi committed 6 years ago

README

The README file for this repository.

tls-poc-operator

The tls-poc-operator tests the TLS utility protype defined in tls util.

Overview

The tlc-poc-operator deploys a simple-server which is a server that serves a "Hello World" static html page and a simple-client that retrieves the "Hello world" page from the server. The connection between server client is secured via mutal TLS. The tlc-poc-operator also creates the necessary TLS assets, service, and deployment manifests to deploy both the simple-server and the simple-client.

Quick Start

# Download the tls-poc-operator
$ mkdir $GOPATH/src/github.com/fanminshi/
$ git clone https://github.com/fanminshi/simple-server.git
$ cd simple-server
# Setup the vendor Dependences
$ dep ensure -v
# Create the CRD and Custom Resouce.
$ kubectl create -f deploy/crd.yaml
$ kubectl create -f deploy/cr.yaml
# Run the operator locally
$ OPERATOR_NAME=app-operator operator-sdk up local --namespace=default
INFO[0000] Go Version: go1.10
INFO[0000] Go OS/Arch: darwin/amd64
INFO[0000] operator-sdk Version: 0.0.5+git
INFO[0000] Metrics service app-operator created
INFO[0000] Watching security.example.com/v1alpha1, Security, default, 5
# Verify that the deployment is ready
$ kubectl get deploy
NAME            DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
simple-client   1         1         1            0           20s
simple-server   1         1         1            1           21s
# Verify that the svc is up.
# The simple-server-service is used to access the simple-server.
# The simple-client-service is a headless service for the client pod. It is used in
# Clinet Cert's SAN field for the the server to verify the identify of the client.
$ kubectl get svc
simple-client-service   ClusterIP   None             <none>        8080/TCP    21h
simple-server-service   ClusterIP   10.105.237.227   <none>        8080/TCP    21h
# Once client and server are deployed, verify that the client is able to get Hello World page from the server.
$ kubectl logs -f simple-client-586dc44756-hdprr
2018/07/31 19:19:43 <!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>hello world</title>
  </head>
  <body>
    <h1>hello world</h1>
  </body>
</html>