github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add files specified in the kube config as a potential source of cert/key data.

Browse Source
This commit is contained in:
Jacob Simpson
2017-06-15 10:35:37 -07:00
parent 562e721ece
commit 694fc52214
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/kubelet/app/server.go
View File

@@ -457,7 +457,7 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.KubeletDeps) (err error) {
if err != nil { if err != nil {
return err return err
} }
clientCertificateManager, err = initializeClientCertificateManager(s.CertDirectory, nodeName, clientConfig.CertData, clientConfig.KeyData) clientCertificateManager, err = initializeClientCertificateManager(s.CertDirectory, nodeName, clientConfig.CertData, clientConfig.KeyData, clientConfig.CertFile, clientConfig.KeyFile)
if err != nil { if err != nil {
return err return err
} }
@@ -664,13 +664,13 @@ func updateTransport(clientConfig *restclient.Config, clientCertificateManager c
// client that can be used to sign new certificates (or rotate). It answers with // client that can be used to sign new certificates (or rotate). It answers with
// whatever certificate it is initialized with. If a CSR client is set later, it // whatever certificate it is initialized with. If a CSR client is set later, it
// may begin rotating/renewing the client cert // may begin rotating/renewing the client cert
func initializeClientCertificateManager(certDirectory string, nodeName types.NodeName, certData []byte, keyData []byte) (certificate.Manager, error) { func initializeClientCertificateManager(certDirectory string, nodeName types.NodeName, certData []byte, keyData []byte, certFile string, keyFile string) (certificate.Manager, error) {
certificateStore, err := certificate.NewFileStore( certificateStore, err := certificate.NewFileStore(
"kubelet-client", "kubelet-client",
certDirectory, certDirectory,
certDirectory, certDirectory,
"", certFile,
"") keyFile)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to initialize certificate store: %v", err) return nil, fmt.Errorf("failed to initialize certificate store: %v", err)
} }