tls config change to apiserver to verify client cert, removed readiness probe given cert check (#800)

Author: Jeff McCormick

apiserver.go

@@ -169,7 +169,7 @@ func main() {
 	caCertPool := x509.NewCertPool()
 	caCertPool.AppendCertsFromPEM(caCert)
 	cfg := &tls.Config{
-		//ClientAuth: tls.RequireAndVerifyClientCert,
+		ClientAuth: tls.RequireAndVerifyClientCert,
 		//specify pgo-apiserver in the CN....then, add ServerName: "pgo-apiserver",
 		ServerName:         "pgo-apiserver",
 		InsecureSkipVerify: tlsNoVerify,

deploy/deployment.json

@@ -24,15 +24,6 @@
                                 "containerPort": 8443
                             }
                         ],
-			"livenessProbe": {
-				"httpGet": {
-					"port": 8443,
-					"path": "/health",
-					"scheme": "HTTPS"
-				},
-				"initialDelaySeconds": 4,
-				"periodSeconds": 5
-			},
                         "env": [
                             {
                                 "name": "CRUNCHY_DEBUG",