github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-17 07:03:31 +00:00
Code Issues Projects Releases Wiki Activity

Fetch hacked easyrsa in kube-up instead of command run on master

Browse Source 
This is good because it removes an obstacle to using the
cluster/ubuntu scripting to install Kubernetes into a restricted
environment where the machines can not open connections to arbitrary
external locations.

Also add debuggability to make-ca-cert.sh

Resolves #21037
Resolves #21092
This commit is contained in:
Mike Spreitzer
2016-02-11 14:27:27 -05:00
parent 9d776d999d
commit 07d7cfd346
2 changed files with 19 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
cluster/ubuntu/util.sh
View File

@@ -312,6 +312,9 @@ function kube-up() {
# downloading tarball release
"${KUBE_ROOT}/cluster/ubuntu/download-release.sh"
# Fetch the hacked easyrsa that make-ca-cert.sh will use
curl -L -O https://storage.googleapis.com/kubernetes-release/easy-rsa/easy-rsa.tar.gz > /dev/null 2>&1
setClusterInfo
local ii=0
@@ -357,6 +360,7 @@ function provision-master() {
# copy the binaries and scripts to the ~/kube directory on the master
scp -r $SSH_OPTS \
saltbase/salt/generate-cert/make-ca-cert.sh \
easy-rsa.tar.gz \
ubuntu/reconfDocker.sh \
"${KUBE_CONFIG_FILE}" \
ubuntu/util.sh \
@@ -404,7 +408,7 @@ function provision-master() {
cp ~/kube/init_scripts/* /etc/init.d/
groupadd -f -r kube-cert
${PROXY_SETTING} ~/kube/make-ca-cert.sh \"${MASTER_IP}\" \"${EXTRA_SANS}\"
${PROXY_SETTING} DEBUG='${DEBUG}' ~/kube/make-ca-cert.sh \"${MASTER_IP}\" \"${EXTRA_SANS}\"
mkdir -p /opt/bin/
cp ~/kube/master/* /opt/bin/
service etcd start
@@ -478,6 +482,7 @@ function provision-masterandnode() {
# scp order matters
scp -r $SSH_OPTS \
saltbase/salt/generate-cert/make-ca-cert.sh \
easy-rsa.tar.gz \
"${KUBE_CONFIG_FILE}" \
ubuntu/util.sh \
ubuntu/minion/* \
@@ -536,7 +541,7 @@ function provision-masterandnode() {
cp ~/kube/init_scripts/* /etc/init.d/
groupadd -f -r kube-cert
${PROXY_SETTING} ~/kube/make-ca-cert.sh \"${MASTER_IP}\" \"${EXTRA_SANS}\"
${PROXY_SETTING} DEBUG='${DEBUG}' ~/kube/make-ca-cert.sh \"${MASTER_IP}\" \"${EXTRA_SANS}\"
mkdir -p /opt/bin/
cp ~/kube/master/* /opt/bin/
cp ~/kube/minion/* /opt/bin/