github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Move service account key file arg to the service-account controller options

Browse Source
This commit is contained in:
Jordan Liggitt
2018-06-18 09:35:51 -04:00
parent 3abba25160
commit dd5dccc740
7 changed files with 15 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/controller-manager/app/options/kubecloudshared.go
View File

@@ -36,7 +36,6 @@ type KubeCloudSharedOptions struct {
AllocateNodeCIDRs bool
CIDRAllocatorType string
ConfigureCloudRoutes bool
ServiceAccountKeyFile string
NodeSyncPeriod metav1.Duration
}
@@ -74,9 +73,6 @@ func (o *KubeCloudSharedOptions) AddFlags(fs *pflag.FlagSet) {
fs.StringVar(&o.CIDRAllocatorType, "cidr-allocator-type", "RangeAllocator", "Type of CIDR allocator to use")
fs.BoolVar(&o.ConfigureCloudRoutes, "configure-cloud-routes", true, "Should CIDRs allocated by allocate-node-cidrs be configured on the cloud provider.")
// TODO: remove --service-account-private-key-file 6 months after 1.8 is released (~1.10)
fs.StringVar(&o.ServiceAccountKeyFile, "service-account-private-key-file", o.ServiceAccountKeyFile, "Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.")
fs.MarkDeprecated("service-account-private-key-file", "This flag is currently no-op and will be deleted.")
fs.DurationVar(&o.NodeSyncPeriod.Duration, "node-sync-period", 0, ""+
"This flag is deprecated and will be removed in future releases. See node-monitor-period for Node health checking or "+
"route-reconciliation-period for cloud provider's route configuration settings.")
@@ -100,7 +96,6 @@ func (o *KubeCloudSharedOptions) ApplyTo(cfg *componentconfig.KubeCloudSharedCon
cfg.AllocateNodeCIDRs = o.AllocateNodeCIDRs
cfg.CIDRAllocatorType = o.CIDRAllocatorType
cfg.ConfigureCloudRoutes = o.ConfigureCloudRoutes
cfg.ServiceAccountKeyFile = o.ServiceAccountKeyFile
cfg.NodeSyncPeriod = o.NodeSyncPeriod
return nil

3
cmd/controller-manager/app/options/serviceaccountcontroller.go
View File

@@ -23,6 +23,7 @@ import (
// SAControllerOptions holds the ServiceAccountController options.
type SAControllerOptions struct {
ServiceAccountKeyFile string
ConcurrentSATokenSyncs int32
RootCAFile string
}
@@ -33,6 +34,7 @@ func (o *SAControllerOptions) AddFlags(fs *pflag.FlagSet) {
return
}
fs.StringVar(&o.ServiceAccountKeyFile, "service-account-private-key-file", o.ServiceAccountKeyFile, "Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.")
fs.Int32Var(&o.ConcurrentSATokenSyncs, "concurrent-serviceaccount-token-syncs", o.ConcurrentSATokenSyncs, "The number of service account token objects that are allowed to sync concurrently. Larger number = more responsive token generation, but more CPU (and network) load")
fs.StringVar(&o.RootCAFile, "root-ca-file", o.RootCAFile, "If set, this root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle.")
}
@@ -43,6 +45,7 @@ func (o *SAControllerOptions) ApplyTo(cfg *componentconfig.SAControllerConfigura
return nil
}
cfg.ServiceAccountKeyFile = o.ServiceAccountKeyFile
cfg.ConcurrentSATokenSyncs = o.ConcurrentSATokenSyncs
cfg.RootCAFile = o.RootCAFile