mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2025-11-04 04:08:16 +00:00
Allow specifying cluster signing ca/key
Makes it useful in testing some scenarios with automatically signing certificates
This commit is contained in:
Davanum Srinivas
@@ -213,6 +213,8 @@ ENABLE_CONTROLLER_ATTACH_DETACH=${ENABLE_CONTROLLER_ATTACH_DETACH:-"true"} # cur
|
|||||||
CERT_DIR=${CERT_DIR:-"/var/run/kubernetes"}
|
CERT_DIR=${CERT_DIR:-"/var/run/kubernetes"}
|
||||||
ROOT_CA_FILE=${CERT_DIR}/server-ca.crt
|
ROOT_CA_FILE=${CERT_DIR}/server-ca.crt
|
||||||
ROOT_CA_KEY=${CERT_DIR}/server-ca.key
|
ROOT_CA_KEY=${CERT_DIR}/server-ca.key
|
||||||
|
CLUSTER_SIGNING_CERT_FILE=${CLUSTER_SIGNING_CERT_FILE:-"${ROOT_CA_FILE}"}
|
||||||
|
CLUSTER_SIGNING_KEY_FILE=${CLUSTER_SIGNING_KEY_FILE:-"${ROOT_CA_KEY}"}
|
||||||
|
|
||||||
# name of the cgroup driver, i.e. cgroupfs or systemd
|
# name of the cgroup driver, i.e. cgroupfs or systemd
|
||||||
if [[ ${CONTAINER_RUNTIME} == "docker" ]]; then
|
if [[ ${CONTAINER_RUNTIME} == "docker" ]]; then
|
||||||
@@ -545,8 +547,8 @@ function start_controller_manager {
|
|||||||
--v=${LOG_LEVEL} \
|
--v=${LOG_LEVEL} \
|
||||||
--service-account-private-key-file="${SERVICE_ACCOUNT_KEY}" \
|
--service-account-private-key-file="${SERVICE_ACCOUNT_KEY}" \
|
||||||
--root-ca-file="${ROOT_CA_FILE}" \
|
--root-ca-file="${ROOT_CA_FILE}" \
|
||||||
--cluster-signing-cert-file="${ROOT_CA_FILE}" \
|
--cluster-signing-cert-file="${CLUSTER_SIGNING_CERT_FILE}" \
|
||||||
--cluster-signing-key-file="${ROOT_CA_KEY}" \
|
--cluster-signing-key-file="${CLUSTER_SIGNING_KEY_FILE}" \
|
||||||
--enable-hostpath-provisioner="${ENABLE_HOSTPATH_PROVISIONER}" \
|
--enable-hostpath-provisioner="${ENABLE_HOSTPATH_PROVISIONER}" \
|
||||||
${node_cidr_args} \
|
${node_cidr_args} \
|
||||||
--pvclaimbinder-sync-period="${CLAIM_BINDER_SYNC_PERIOD}" \
|
--pvclaimbinder-sync-period="${CLAIM_BINDER_SYNC_PERIOD}" \
|
||||||
|
|||||||
Reference in New Issue
Block a user