mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 19:31:44 +00:00
Merge pull request #83008 from reith/local-cluster-webhook-conf
hack/local-up-cluster.sh: ability to configure auth webhooks
This commit is contained in:
commit
512eccac1f
@ -90,6 +90,10 @@ AUTHORIZATION_MODE=${AUTHORIZATION_MODE:-"Node,RBAC"}
|
||||
KUBECONFIG_TOKEN=${KUBECONFIG_TOKEN:-""}
|
||||
AUTH_ARGS=${AUTH_ARGS:-""}
|
||||
|
||||
# WebHook Authentication and Authorization
|
||||
AUTHORIZATION_WEBHOOK_CONFIG_FILE=${AUTHORIZATION_WEBHOOK_CONFIG_FILE:-""}
|
||||
AUTHENTICATION_WEBHOOK_CONFIG_FILE=${AUTHENTICATION_WEBHOOK_CONFIG_FILE:-""}
|
||||
|
||||
# Install a default storage class (enabled by default)
|
||||
DEFAULT_STORAGE_CLASS=${KUBE_DEFAULT_STORAGE_CLASS:-true}
|
||||
|
||||
@ -549,6 +553,8 @@ EOF
|
||||
--vmodule="${LOG_SPEC}" \
|
||||
--audit-policy-file="${AUDIT_POLICY_FILE}" \
|
||||
--audit-log-path="${LOG_DIR}/kube-apiserver-audit.log" \
|
||||
--authorization-webhook-config-file="${AUTHORIZATION_WEBHOOK_CONFIG_FILE}" \
|
||||
--authentication-token-webhook-config-file="${AUTHENTICATION_WEBHOOK_CONFIG_FILE}" \
|
||||
--cert-dir="${CERT_DIR}" \
|
||||
--client-ca-file="${CERT_DIR}/client-ca.crt" \
|
||||
--kubelet-client-certificate="${CERT_DIR}/client-kube-apiserver.crt" \
|
||||
|
Loading…
Reference in New Issue
Block a user