b8d2099b3f
/etc/ssl/certs is currently mounted through in a number of places. However, on Gentoo and CoreOS (and probably others), the files in /etc/ssl/certs are just symlinks to files in /usr/share/ca-certificates. For these components to correclty work, the target of the symlinks needs to be available as well. This is especially important for kube-controller-manager, where this issue was noticed. This change was originally part of #33965, but was split out for ease of review.
SaltStack configuration
This is the root of the SaltStack configuration for Kubernetes. A high level overview for the Kubernetes SaltStack configuration can be found in the docs tree.
This SaltStack configuration currently applies to default
configurations for Debian-on-GCE, Fedora-on-Vagrant, Ubuntu-on-AWS and
Ubuntu-on-Azure. (That doesn't mean it can't be made to apply to an
arbitrary configuration, but those are only the in-tree OS/IaaS
combinations supported today.) As you peruse the configuration, these
are shorthanded as gce, vagrant, aws, azure-legacy in grains.cloud;
the documentation in this tree uses this same shorthand for convenience.
See more: