mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2025-11-28 20:33:54 +00:00
b32d982aec
Automatic merge from submit-queue (batch tested with PRs 53234, 53252, 53267, 53276, 53107). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. kubeadm: Let kubelets in the cluster rotate their certificates **What this PR does / why we need it**: As of 1.8.0 kubelet in kubeadm configuration ships with enabled feature of node certificate autorotation, it makes sense to enable automatic certificate rotation csr signing. It will help to avoid issues like described in #53231 and #53237. **Which issue this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close that issue when PR gets merged)*: fixes #53237. **Special notes for your reviewer**: We need that patch to be applied both to master branch and cherry-pick into 1.8, so kubeadm in 1.8.1 release will create correct role bindings on upgrades between 1.7 -> 1.8 and initialization of new clusters with 1.8.x cc @luxas @liggitt @pipejakob **Release note**: ```release-note kubeadm allows the kubelets in the cluster to automatically renew their client certificates ```