add karmada cert message doc#824
Merged
Merged
Conversation
karmada-bot
added
the
size/XXL
windsonsea
reviewed
Apr 14, 2025
windsonsea
left a comment
windsonsea
left a comment
Member
There was a problem hiding this comment.
Too many repeated headings like:
### 简介:
### 内容示例:
windsonsea
reviewed
Apr 15, 2025
karmada-bot
added
size/XL
tiansuo114
force-pushed
the
cert
branch
2 times, most recently
from
346a040 to
147a9d0
Compare
Contributor
Author
|
I tried to modify the document content according to yesterday's meeting, how does it look now? |
Contributor
|
Thanks |
|
|
||
| This document provides a comprehensive description of the certificate framework in the Karmada system, including the organizational structure, purpose, and configuration recommendations for all certificate resources. The Karmada certificate framework defines the certificate system required for secure communication between components, clearly articulating how each component uses certificates for authentication and communication encryption. This document will help administrators understand Karmada's certificate architecture, correctly configure and manage the certificates required by components, and ensure the security of the entire system. | ||
|
|
||
| Currently, this document introduces the certificate information related to secrets in the cluster deployed using the community-maintained `hack/deploy-karmada.sh` script installation tool. Since there are currently four deployment methods in the Karmada system (deployment via `karmadactl init`, deployment via `karmada-operator`, deployment via `helm`, and deployment via the `hack/deploy-karmada.sh` script installation tool), in Karmada versions `v1.13` and earlier, components in the Karmada cluster shared the same certificate content. This will be a preliminary change to standardize and implement the new Karmada certificate standard (information about this change can be found in the [related issue](https://github.com/karmada-io/karmada/issues/6091)). |
Contributor
There was a problem hiding this comment.
How about:
Suggested change
| Currently, this document introduces the certificate information related to secrets in the cluster deployed using the community-maintained `hack/deploy-karmada.sh` script installation tool. Since there are currently four deployment methods in the Karmada system (deployment via `karmadactl init`, deployment via `karmada-operator`, deployment via `helm`, and deployment via the `hack/deploy-karmada.sh` script installation tool), in Karmada versions `v1.13` and earlier, components in the Karmada cluster shared the same certificate content. This will be a preliminary change to standardize and implement the new Karmada certificate standard (information about this change can be found in the [related issue](https://github.com/karmada-io/karmada/issues/6091)). | |
| Note: Currently, certificates are generated according to the certificate framework described in this document when installing Karmada via the community-maintained `hack/deploy-karmada.sh` script. Other [installation methods](../../installation/installation.md) will be synchronized with this document in the future. |
Contributor
Author
There was a problem hiding this comment.
OK, I have updated this part of the description as suggested. Does the content look appropriate now?
Contributor
|
/lgtm |
XiShanYongYe-Chang
left a comment
XiShanYongYe-Chang
left a comment
Member
There was a problem hiding this comment.
Thanks a lot~
LGTM
Contributor
Author
|
Hello, it seems that the LFX project related to this PR will end on May 27th😭😭. All relevant PRs need to be merged before then. Could you please let me know if you have time today to review and merge this PR? Thank you! @windsonsea @RainbowMango |
windsonsea
reviewed
May 27, 2025
Signed-off-by: tiansuo114 <zhaoyi_114@outlook.com> fix Signed-off-by: tiansuo114 <zhaoyi_114@outlook.com> fix Signed-off-by: tiansuo114 <zhaoyi_114@outlook.com>
windsonsea
reviewed
May 27, 2025
windsonsea
left a comment
windsonsea
left a comment
Member
There was a problem hiding this comment.
Thanks, please mark each comment as Resolved
/lgtm
Member
|
This pr is waiting for merge now. |
Member
|
Should we merge it? It seems there's no problem. /lgtm |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: RainbowMango, samzong, windsonsea The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
karmada-bot
added
the
approved
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this?
/kind design
What this PR does / why we need it:
This PR is a sub-PR related to the LFX topic, with the goal of providing documentation and security guidelines for all certificates in the current Karmada system.
Which issue(s) this PR fixes:
Fixes #6091
Special notes for your reviewer:
@XiShanYongYe-Chang
@zhzhuang-zju