749a8b7535
Image location not readable in DS builds. Moved under kubernetes Build cannot read image geometry metadata, causing :scale: option to fail. Removed. Signed-off-by: Ron Stone <ronald.stone@windriver.com> Change-Id: I526e798bc22efc7efb03b81392825bb3ea9504f0
2.1 KiB
2.1 KiB
Issuers in Distributed Cloud
In a Distributed Cloud environment, end-user’s applications have a number of options for the cert-manager ISSUERs they use:
- (Recommended) As part of your application deployment on each
subcloud, create a cert-manager ISSUER for the External that you wish to
use for signing your certificates.
- The External -type ISSUER is configured exactly the same way for each of your application deployments on each subcloud, and
- Your external clients need only trust a single External ’s public certificate.
- As part of your application deployment on each subcloud, create a
local internal RootCA
caISSUER for signing your certificates.- The local internal RootCA
caISSUER should ideally be slightly different (e.g. a unique subject) on each deployment, and - Your external clients need to trust each application deployment’s (on each subcloud) local internal RootCA public certificate.
- This option is not ideal since this could mean 100s of RootCA Certificates.
- The local internal RootCA