From 13e583141a0dbee09ee851c4d4841a5451c1bc44 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Thu, 6 Apr 2017 10:57:37 -0400 Subject: [PATCH] Clarify kubelet cert flag usage --- cmd/kubelet/app/options/options.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cmd/kubelet/app/options/options.go b/cmd/kubelet/app/options/options.go index 5faed5efba0..dcec0e383bd 100644 --- a/cmd/kubelet/app/options/options.go +++ b/cmd/kubelet/app/options/options.go @@ -114,8 +114,8 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) { fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, " Path to a kubeconfig file that will be used to get client certificate for kubelet. "+ "If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. "+ - "On success, a kubeconfig file referencing the generated key and obtained certificate is written to the path specified by --kubeconfig. "+ - "The certificate and key file will be stored in the directory pointed by --cert-dir.") + "On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. "+ + "The client certificate and key file will be stored in the directory pointed by --cert-dir.") // DEPRECATED: Remove these flags at the beginning of 1.5. fs.StringSliceVar(&f.APIServerList, "api-servers", []string{}, "List of Kubernetes API servers for publishing events, and reading pods and services. (ip:port), comma separated.") @@ -170,7 +170,7 @@ func (c *kubeletConfiguration) addFlags(fs *pflag.FlagSet) { "The duration to cache 'unauthorized' responses from the webhook authorizer.") fs.StringVar(&c.TLSCertFile, "tls-cert-file", c.TLSCertFile, ""+ - "File containing x509 Certificate for HTTPS. (CA cert, if any, concatenated after server cert). "+ + "File containing x509 Certificate used for serving HTTPS (with intermediate certs, if any, concatenated after server cert). "+ "If --tls-cert-file and --tls-private-key-file are not provided, a self-signed certificate and key "+ "are generated for the public address and saved to the directory passed to --cert-dir.") fs.StringVar(&c.TLSPrivateKeyFile, "tls-private-key-file", c.TLSPrivateKeyFile, "File containing x509 private key matching --tls-cert-file.")