kubeadm: Add the --use-service-account-credentials to controller-manager

2025-07-23 11:50:44 +00:00 · 2017-02-20 21:26:59 +02:00 · 2017-02-20 21:26:59 +02:00 · 9853e8e7c3
commit 9853e8e7c3
parent dfacc61c5f
2 changed files with 4 additions and 5 deletions
--- a/cmd/kubeadm/app/master/manifests.go
+++ b/cmd/kubeadm/app/master/manifests.go
@ -37,7 +37,6 @@ import (

 // Static pod definitions in golang form are included below so that `kubeadm init` can get going.
 const (
-	DefaultClusterName     = "kubernetes"
 	DefaultCloudConfigPath = "/etc/kubernetes/cloud-config"

 	etcd                  = "etcd"
@ -387,12 +386,12 @@ func getControllerManagerCommand(cfg *kubeadmapi.MasterConfiguration, selfHosted
 		"--address=127.0.0.1",
 		"--leader-elect",
 		"--master=127.0.0.1:8080",
-		"--cluster-name="+DefaultClusterName,
 		"--root-ca-file="+getCertFilePath(kubeadmconstants.CACertName),
 		"--service-account-private-key-file="+getCertFilePath(kubeadmconstants.ServiceAccountPrivateKeyName),
 		"--cluster-signing-cert-file="+getCertFilePath(kubeadmconstants.CACertName),
 		"--cluster-signing-key-file="+getCertFilePath(kubeadmconstants.CAKeyName),
 		"--insecure-experimental-approve-all-kubelet-csrs-for-group="+kubeadmconstants.CSVTokenBootstrapGroup,
+		"--use-service-account-credentials",
 	)

 	if cfg.CloudProvider != "" {
--- a/cmd/kubeadm/app/master/manifests_test.go
+++ b/cmd/kubeadm/app/master/manifests_test.go
@ -481,12 +481,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 			},
 		},
 		{
@ -496,12 +496,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 				"--cloud-provider=foo",
 			},
 		},
@ -512,12 +512,12 @@ func TestGetControllerManagerCommand(t *testing.T) {
 				"--address=127.0.0.1",
 				"--leader-elect",
 				"--master=127.0.0.1:8080",
-				"--cluster-name=" + DefaultClusterName,
 				"--root-ca-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--service-account-private-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/sa.key",
 				"--cluster-signing-cert-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.crt",
 				"--cluster-signing-key-file=" + kubeadmapi.GlobalEnvParams.HostPKIPath + "/ca.key",
 				"--insecure-experimental-approve-all-kubelet-csrs-for-group=kubeadm:kubelet-bootstrap",
+				"--use-service-account-credentials",
 				"--allocate-node-cidrs=true",
 				"--cluster-cidr=bar",
 			},