Chore: Secure proxy server and start using authentication when connecting to it
Closed this issue · 1 comments
Description
kube-eleven timed out when downloading kubeadm packages because it couldn't reach the proxy server. It eventually succeeded in downloading the packages, but it took a couple of retries.
The downloading timed out because the proxy was overflowed with the connections. Eventually, people found out we don't use authentication on our proxy server...
We should secure our proxy server with authentication. After implementing the authentication on the proxy server we have to update Claudie to start using the chosen authentication method.
Exit criteria
- Implement authentication on proxy server
- Use authentication when connecting to the proxy from Claudie
I'm throwing another idea onto the table - keep the proxy open, but limit its usability in a way, that it'll allow only outgoing connections to the limited set of destinations (only to the repos and registries that are needed by Claudie).