github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

only use a kubelet client cert auth if it's available

Browse Source 
TODO(mikedanese): revert this commit
This commit is contained in:
Mike Danese
2017-02-03 13:15:25 -08:00
parent 86d9493747
commit 3d7aeb480c
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/gce/gci/configure-helper.sh
View File

@@ -821,8 +821,10 @@ function start-kube-apiserver {
params+=" --secure-port=443" params+=" --secure-port=443"
params+=" --tls-cert-file=/etc/srv/kubernetes/server.cert" params+=" --tls-cert-file=/etc/srv/kubernetes/server.cert"
params+=" --tls-private-key-file=/etc/srv/kubernetes/server.key" params+=" --tls-private-key-file=/etc/srv/kubernetes/server.key"
params+=" --kubelet-client-certificate=/etc/srv/kubernetes/kubeapiserver.cert" if [[ -e /etc/srv/kubernetes/kubeapiserver.cert ]] && [[ -e /etc/srv/kubernetes/kubeapiserver.key ]]; then
params+=" --kubelet-client-key=/etc/srv/kubernetes/kubeapiserver.key" params+=" --kubelet-client-certificate=/etc/srv/kubernetes/kubeapiserver.cert"
params+=" --kubelet-client-key=/etc/srv/kubernetes/kubeapiserver.key"
fi
params+=" --token-auth-file=/etc/srv/kubernetes/known_tokens.csv" params+=" --token-auth-file=/etc/srv/kubernetes/known_tokens.csv"
if [[ -n "${KUBE_PASSWORD:-}" && -n "${KUBE_USER:-}" ]]; then if [[ -n "${KUBE_PASSWORD:-}" && -n "${KUBE_USER:-}" ]]; then
params+=" --basic-auth-file=/etc/srv/kubernetes/basic_auth.csv" params+=" --basic-auth-file=/etc/srv/kubernetes/basic_auth.csv"