github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
47,756 Commits 1 Branch 31 Tags
c349d36da3be738e1dec9bd23e8ed95d145ace8d
Commit Graph

4 Commits

Author SHA1 Message Date
Jacob Simpson
a926c1f258 Allow certificate manager to be initialized with no certs. 
Adds support to the certificate manager so it can be initialized with no
certs and only a connection to the certificate request signing API. This
specifically covers the scenario for the kubelet server certificate,
where there is a request signing client but on first boot there is no
bootstrapping or local certs.
 2017-05-01 17:36:33 -07:00
Jacob Simpson
e992eaec8f Add bootstrap support to certificate manager. 2017-04-20 16:27:32 -07:00
Jacob Simpson
e7666648bf Fix the certificate rotation threshold and add jitter. 2017-04-11 09:20:16 -07:00
Jacob Simpson
855627e5cb Rotate the kubelet certificate when about to expire. 
Changes the kubelet so it doesn't use the cert/key files directly for
starting the TLS server. Instead the TLS server reads the cert/key from
the new CertificateManager component, which is responsible for
requesting new certificates from the Certificate Signing Request API on
the API Server.
 2017-02-17 17:42:35 -08:00