Skip to content

Commit da59a6d

Browse files
k8s-ci-robotk8s-ci-robot
authored
Merge pull request kubernetes#72478 from bart0sh/PR0054-kubeadm-selfhosting-pivot-kube-apiserver
kubeadm: add required etcd certs to selfhosting api-server
2 parents 58eb3e4 + 7b058c4 commit da59a6d

File tree

1 file changed

+46
-1
lines changed

1 file changed

+46
-1
lines changed

cmd/kubeadm/app/phases/selfhosting/selfhosting_volumes.go

Lines changed: 46 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ import (
2020
"fmt"
2121
"io/ioutil"
2222
"path/filepath"
23+
"strings"
2324

2425
"k8s.io/api/core/v1"
2526
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -128,6 +129,40 @@ func apiServerCertificatesVolumeSource() v1.VolumeSource {
128129
},
129130
},
130131
},
132+
{
133+
Secret: &v1.SecretProjection{
134+
LocalObjectReference: v1.LocalObjectReference{
135+
Name: strings.Replace(kubeadmconstants.EtcdCACertAndKeyBaseName, "/", "-", -1),
136+
},
137+
Items: []v1.KeyToPath{
138+
{
139+
Key: v1.TLSCertKey,
140+
Path: kubeadmconstants.EtcdCACertName,
141+
},
142+
{
143+
Key: v1.TLSPrivateKeyKey,
144+
Path: kubeadmconstants.EtcdCAKeyName,
145+
},
146+
},
147+
},
148+
},
149+
{
150+
Secret: &v1.SecretProjection{
151+
LocalObjectReference: v1.LocalObjectReference{
152+
Name: kubeadmconstants.APIServerEtcdClientCertAndKeyBaseName,
153+
},
154+
Items: []v1.KeyToPath{
155+
{
156+
Key: v1.TLSCertKey,
157+
Path: kubeadmconstants.APIServerEtcdClientCertName,
158+
},
159+
{
160+
Key: v1.TLSPrivateKeyKey,
161+
Path: kubeadmconstants.APIServerEtcdClientKeyName,
162+
},
163+
},
164+
},
165+
},
131166
},
132167
},
133168
}
@@ -175,7 +210,7 @@ func controllerManagerCertificatesVolumeSource() v1.VolumeSource {
175210
func kubeConfigVolumeSource(kubeconfigSecretName string) v1.VolumeSource {
176211
return v1.VolumeSource{
177212
Secret: &v1.SecretVolumeSource{
178-
SecretName: kubeconfigSecretName,
213+
SecretName: strings.Replace(kubeconfigSecretName, "/", "-", -1),
179214
},
180215
}
181216
}
@@ -294,5 +329,15 @@ func getTLSKeyPairs() []*tlsKeyPair {
294329
cert: kubeadmconstants.FrontProxyClientCertName,
295330
key: kubeadmconstants.FrontProxyClientKeyName,
296331
},
332+
{
333+
name: strings.Replace(kubeadmconstants.EtcdCACertAndKeyBaseName, "/", "-", -1),
334+
cert: kubeadmconstants.EtcdCACertName,
335+
key: kubeadmconstants.EtcdCAKeyName,
336+
},
337+
{
338+
name: kubeadmconstants.APIServerEtcdClientCertAndKeyBaseName,
339+
cert: kubeadmconstants.APIServerEtcdClientCertName,
340+
key: kubeadmconstants.APIServerEtcdClientKeyName,
341+
},
297342
}
298343
}

0 commit comments

Comments
 (0)