github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 03:41:45 +00:00
Code Issues Projects Releases Wiki Activity

only use a kubelet client cert auth if it's available

Browse Source 
TODO(mikedanese): revert this commit
This commit is contained in:
Mike Danese 2017-02-03 13:15:25 -08:00
parent 86d9493747
commit 3d7aeb480c
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cluster/gce/gci/configure-helper.sh
View File

@ -821,8 +821,10 @@ function start-kube-apiserver {
params+=" --secure-port=443"
params+=" --tls-cert-file=/etc/srv/kubernetes/server.cert"
params+=" --tls-private-key-file=/etc/srv/kubernetes/server.key"
params+=" --kubelet-client-certificate=/etc/srv/kubernetes/kubeapiserver.cert"
params+=" --kubelet-client-key=/etc/srv/kubernetes/kubeapiserver.key"
if [[ -e /etc/srv/kubernetes/kubeapiserver.cert ]] && [[ -e /etc/srv/kubernetes/kubeapiserver.key ]]; then
params+=" --kubelet-client-certificate=/etc/srv/kubernetes/kubeapiserver.cert"
params+=" --kubelet-client-key=/etc/srv/kubernetes/kubeapiserver.key"
fi
params+=" --token-auth-file=/etc/srv/kubernetes/known_tokens.csv"
if [[ -n "${KUBE_PASSWORD:-}" && -n "${KUBE_USER:-}" ]]; then
params+=" --basic-auth-file=/etc/srv/kubernetes/basic_auth.csv"