github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
70,930 Commits 1 Branch 31 Tags 1,019 MiB
c7886f8ba4
Commit Graph

12 Commits

Author SHA1 Message Date
fabriziopandini
66e846fa26 Add etcd ports constant 2018-10-12 09:33:07 +02:00
Rafael Fernández López
503c6c7b85
kubeadm: do not panic if etcd local alpha phase is called when an external etcd config is used 
If etcd local alpha phase is called manually while the kubeadm configuration
points to an external etcd cluster kubeadm panics.
 2018-10-05 07:55:17 +02:00
Lucas Käldström
5224551fa1 kubeadm: Split out ClusterConfiguration from InitConfiguration 
Trivial rebasement, fixed some broken tests,
and inserted some TODOs: Rostislav M. Georgiev <rostislavg@vmware.com>
 2018-08-22 11:43:02 +03:00
Lucas Käldström
52f0591ad9
Automated rename from MasterConfiguration to InitConfiguration 2018-07-09 04:55:02 +03:00
Jason DeTiberus
793a51cef0
kubeadm - local etcd configuration bugfixes 
- Set peer urls for default etcd instance to avoid leaving peer port unsecured
- Update generated etcd peer certificate SANs to include localhost
- Use a proper CN for etcd server and peer certificates
- Increase the manifest update timeout
 2018-06-11 21:29:11 -04:00
Lucas Käldström
099e60b1db
kubeadm: Refactor the .Etcd substruct in the v1alpha2 API 2018-05-23 21:13:32 +03:00
Joe Betz
a795cb61bc Bump etcd default server version to 3.2.18 2018-04-11 21:12:44 -07:00
leigh schrandt
2d9b2d9fef Switch to a dedicated CA for kubeadm etcd identities 2018-02-27 17:42:43 -07:00
leigh schrandt
f5e11a0ce0 Change SANs for etcd serving and peer certs 
- Place etcd server and peer certs & keys into pki subdir
- Move certs.altName functions to pkiutil + add appendSANstoAltNames()
    Share the append logic for the getAltName functions as suggested by
    @jamiehannaford.
    Move functions/tests to certs/pkiutil as suggested by @luxas.

    Update Bazel BUILD deps

- Warn when an APIServerCertSANs or EtcdCertSANs entry is unusable
- Add MasterConfiguration.EtcdPeerCertSANs
- Move EtcdServerCertSANs and EtcdPeerCertSANs under MasterConfiguration.Etcd
 2018-02-23 17:05:39 -07:00
leigh schrandt
bb689eb2bb Secure etcd API /w TLS on kubeadm init [kubeadm/#594] 
- Generate Server and Peer cert for etcd
- Generate Client cert for apiserver
- Add flags / hostMounts for etcd static pod
- Add flags / hostMounts for apiserver static pod

- Generate certs on upgrade of static-pods for etcd/kube-apiserver
- Modify logic for appending etcd flags to staticpod to be safer for external etcd
 2018-02-23 16:06:55 -07:00
cheyang
4ca3903eab fix typo in kubeadm 
Signed-off-by: cheyang <cheyang@163.com>
 2018-02-06 13:48:18 +08:00
fabriziopandini
740a78b0f3 Main work -- move etcd to separate phase and hook up most things 2017-08-14 16:31:09 +02:00