From 3733f64935810d9a33b50984113e4e12913405ef Mon Sep 17 00:00:00 2001 From: Matt Liggett Date: Tue, 21 Jun 2016 13:25:42 -0700 Subject: [PATCH] Add ssl certs to federation-controller-manager container. Fixes #27684. For now, I'm simply poking a hole to grab the system /etc/ssl/certs. If we decide we want something less dependent on the node filesystem, we will need to decide how we pick a "distro" more sophisticated than busybox for federation components running on k8s. I'll open a followup issue to discuss this. --- .../federation-controller-manager-deployment.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/federation/manifests/federation-controller-manager-deployment.yaml b/federation/manifests/federation-controller-manager-deployment.yaml index 438e7bf90a0..85a50b34751 100644 --- a/federation/manifests/federation-controller-manager-deployment.yaml +++ b/federation/manifests/federation-controller-manager-deployment.yaml @@ -13,8 +13,16 @@ spec: app: federated-cluster module: federation-controller-manager spec: + volumes: + - name: ssl-certs + hostPath: + path: /etc/ssl/certs containers: - name: controller-manager + volumeMounts: + - name: ssl-certs + readOnly: true + mountPath: /etc/ssl/certs image: {{.FEDERATION_CONTROLLER_MANAGER_IMAGE_REPO}}:{{.FEDERATION_CONTROLLER_MANAGER_IMAGE_TAG}} command: - /usr/local/bin/federation-controller-manager