Kubernetes & PKCS11 Hardware security module integration


Could someone point me to some info on how to integrate kubernetes with an HSM through PKCS11. Goal is to put our private key on the HSM and use kubernetes to sign certs that pods need on the fly.

If not possible, how do you guys do it ?