github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-26 05:03:09 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #10835 from mesosphere/mesos-root-ca-file

Browse Source 
Add --root-ca-key code to Mesos controller-manager fork
This commit is contained in:
Eric Tune 2015-07-14 12:16:49 -07:00
commit 3dad5a0652
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
contrib/mesos/pkg/controllermanager/controllermanager.go
View File

@ -17,6 +17,8 @@ limitations under the License.
package controllermanager package controllermanager
import ( import (
"fmt"
"io/ioutil"
"net" "net"
"net/http" "net/http"
"strconv" "strconv"
@ -150,6 +152,20 @@ func (s *CMServer) Run(_ []string) error {
} }
pvRecycler.Run() pvRecycler.Run()
var rootCA []byte
if s.RootCAFile != "" {
rootCA, err = ioutil.ReadFile(s.RootCAFile)
if err != nil {
return fmt.Errorf("error reading root-ca-file at %s: %v", s.RootCAFile, err)
}
if _, err := util.CertsFromPEM(rootCA); err != nil {
return fmt.Errorf("error parsing root-ca-file at %s: %v", s.RootCAFile, err)
}
} else {
rootCA = kubeconfig.CAData
}
if len(s.ServiceAccountKeyFile) > 0 { if len(s.ServiceAccountKeyFile) > 0 {
privateKey, err := serviceaccount.ReadPrivateKey(s.ServiceAccountKeyFile) privateKey, err := serviceaccount.ReadPrivateKey(s.ServiceAccountKeyFile)
if err != nil { if err != nil {
@ -159,7 +175,7 @@ func (s *CMServer) Run(_ []string) error {
kubeClient, kubeClient,
serviceaccount.TokensControllerOptions{ serviceaccount.TokensControllerOptions{
TokenGenerator: serviceaccount.JWTTokenGenerator(privateKey), TokenGenerator: serviceaccount.JWTTokenGenerator(privateKey),
RootCA: kubeconfig.CAData, RootCA: rootCA,
}, },
).Run() ).Run()
} }