From 02ec1e84b08ca05582bd5fafb55391778db5a39e Mon Sep 17 00:00:00 2001
From: Chuck Ha <ha.chuck@gmail.com>
Date: Wed, 14 Nov 2018 17:05:24 -0500
Subject: [PATCH] kubeadm: document required etcd configuration

Signed-off-by: Chuck Ha <ha.chuck@gmail.com>
---
 cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go
index 53eebca036f..9daf711450a 100644
--- a/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go
+++ b/cmd/kubeadm/app/apis/kubeadm/v1beta1/types.go
@@ -276,15 +276,22 @@ type LocalEtcd struct {
 	PeerCertSANs []string `json:"peerCertSANs,omitempty"`
 }
 
-// ExternalEtcd describes an external etcd cluster
+// ExternalEtcd describes an external etcd cluster.
+// Kubeadm has no knowledge of where certificate files live and they must be supplied.
 type ExternalEtcd struct {
 	// Endpoints of etcd members. Required for ExternalEtcd.
 	Endpoints []string `json:"endpoints"`
+
 	// CAFile is an SSL Certificate Authority file used to secure etcd communication.
+	// Required if using a TLS connection.
 	CAFile string `json:"caFile"`
+
 	// CertFile is an SSL certification file used to secure etcd communication.
+	// Required if using a TLS connection.
 	CertFile string `json:"certFile"`
+
 	// KeyFile is an SSL key file used to secure etcd communication.
+	// Required if using a TLS connection.
 	KeyFile string `json:"keyFile"`
 }