mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
feat: set some auth flags for KCM and KS
Set `--authentication-kubeconfig` and `--authorization-kubeconfig` to enable metrics to be grabbed from the secure port. Signed-off-by: Jian Zeng <zengjian.zj@bytedance.com>
This commit is contained in:
parent
9aa6f0bc47
commit
6c9ab10872
@ -654,6 +654,8 @@ function start_controller_manager {
|
||||
--pvclaimbinder-sync-period="${CLAIM_BINDER_SYNC_PERIOD}" \
|
||||
--feature-gates="${FEATURE_GATES}" \
|
||||
"${cloud_config_arg[@]}" \
|
||||
--authentication-kubeconfig "${CERT_DIR}"/controller.kubeconfig \
|
||||
--authorization-kubeconfig "${CERT_DIR}"/controller.kubeconfig \
|
||||
--kubeconfig "${CERT_DIR}"/controller.kubeconfig \
|
||||
--use-service-account-credentials \
|
||||
--controllers="${KUBE_CONTROLLERS}" \
|
||||
@ -917,6 +919,8 @@ EOF
|
||||
--v="${LOG_LEVEL}" \
|
||||
--config=/tmp/kube-scheduler.yaml \
|
||||
--feature-gates="${FEATURE_GATES}" \
|
||||
--authentication-kubeconfig "${CERT_DIR}"/scheduler.kubeconfig \
|
||||
--authorization-kubeconfig "${CERT_DIR}"/scheduler.kubeconfig \
|
||||
--master="https://${API_HOST}:${API_SECURE_PORT}" >"${SCHEDULER_LOG}" 2>&1 &
|
||||
SCHEDULER_PID=$!
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user