hack/quickstart: apiserver flag not needed

Patrick Baxter · Yifan Gu · commit 8afee1f3aa5c · 2017-04-03T18:05:30.000-07:00
The --require-kubeconfig flag is needed if we remove the apiserver flag
because of a bug that persisted into 1.5. This should eventually default
to true.
diff --git a/hack/quickstart/init-worker.sh b/hack/quickstart/init-worker.sh
@@ -13,33 +13,17 @@ function usage() {
     exit 1
 }
 
-function extract_master_endpoint (){
-    grep 'certificate-authority-data' ${KUBECONFIG} | awk '{print $2}' | base64 -d > /home/core/ca.crt
-    grep 'client-certificate-data' ${KUBECONFIG} | awk '{print $2}'| base64 -d > /home/core/client.crt
-    grep 'client-key-data' ${KUBECONFIG} | awk '{print $2}'| base64 -d > /home/core/client.key
-
-    MASTER_PUB="$(awk '/server:/ {print $2}' ${KUBECONFIG} | awk -F/ '{print $3}' | awk -F: '{print $1}')"
-    # TODO (aaron): The -k was added with the gce conformance tests - figure out why it's needed here.
-    #     The certs are seemingly signed correctly, but says no SAN for MASTER_PUB
-    MASTER_PRIV=$(curl -k https://${MASTER_PUB}:443/api/v1/namespaces/default/endpoints/kubernetes \
-        --cacert /home/core/ca.crt --cert /home/core/client.crt --key /home/core/client.key \
-        | jq -r '.subsets[0].addresses[0].ip')
-    rm -f /home/core/client.crt /home/core/client.key
-}
-
 # Initialize a worker node
 function init_worker_node() {
-    extract_master_endpoint
 
     # Setup kubeconfig
     mkdir -p /etc/kubernetes
     cp ${KUBECONFIG} /etc/kubernetes/kubeconfig
-    # Pulled out of the kubeconfig in extract_master_endpoint. Other installations should
-    # place the root CA here manually.
-    mv /home/core/ca.crt /etc/kubernetes/ca.crt
+    # Pulled out of the kubeconfig. Other installations should place the root
+    # CA here manually.
+    grep 'certificate-authority-data' ${KUBECONFIG} | awk '{print $2}' | base64 -d > /etc/kubernetes/ca.crt
 
-    sed "s/{{apiserver}}/${MASTER_PRIV}/" /home/core/kubelet.worker > /etc/systemd/system/kubelet.service
-    rm /home/core/kubelet.worker
+    mv /home/core/kubelet.worker /etc/systemd/system/kubelet.service
 
     # Start services
     systemctl daemon-reload
diff --git a/hack/quickstart/kubelet.master b/hack/quickstart/kubelet.master
@@ -13,8 +13,8 @@ ExecStartPre=/bin/mkdir -p /srv/kubernetes/manifests
 ExecStartPre=/bin/mkdir -p /var/lib/cni
 ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/run/kubelet-pod.uuid
 ExecStart=/usr/lib/coreos/kubelet-wrapper \
-  --api-servers=https://${COREOS_PRIVATE_IPV4}:443 \
   --kubeconfig=/etc/kubernetes/kubeconfig \
+  --require-kubeconfig \
   --client-ca-file=/etc/kubernetes/ca.crt \
   --anonymous-auth=false \
   --cni-conf-dir=/etc/kubernetes/cni/net.d \
diff --git a/hack/quickstart/kubelet.worker b/hack/quickstart/kubelet.worker
@@ -11,8 +11,8 @@ ExecStartPre=/bin/mkdir -p /etc/kubernetes/cni/net.d
 ExecStartPre=/bin/mkdir -p /var/lib/cni
 ExecStartPre=-/usr/bin/rkt rm --uuid-file=/var/run/kubelet-pod.uuid
 ExecStart=/usr/lib/coreos/kubelet-wrapper \
-  --api-servers=https://{{apiserver}}:443 \
   --kubeconfig=/etc/kubernetes/kubeconfig \
+  --require-kubeconfig \
   --client-ca-file=/etc/kubernetes/ca.crt \
   --anonymous-auth=false \
   --cni-conf-dir=/etc/kubernetes/cni/net.d \
