github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-23 11:50:44 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #21379 from hlamer/hyperkube-apiserver-cert-fix

Browse Source 
Auto commit by PR queue bot
This commit is contained in:
k8s-merge-robot 2016-02-25 09:02:30 -08:00
commit a20d4f83ff
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cluster/images/hyperkube/master-multi.json
View File

@ -64,7 +64,8 @@
"name": "setup",
"image": "gcr.io/google_containers/hyperkube-ARCH:VERSION",
"command": [
"/setup-files.sh"
"/setup-files.sh",
"IP:10.0.0.1"
],
"volumeMounts": [
{

3
cluster/images/hyperkube/master.json
View File

@ -64,7 +64,8 @@
"name": "setup",
"image": "gcr.io/google_containers/hyperkube-ARCH:VERSION",
"command": [
"/setup-files.sh"
"/setup-files.sh",
"IP:10.0.0.1"
],
"volumeMounts": [
{

7
cluster/images/hyperkube/setup-files.sh
View File

@ -23,6 +23,11 @@ set -o errexit
set -o nounset
set -o pipefail
# Additional address of the API server to be added to the
# list of Subject Alternative Names of the server TLS certificate
# Should contain internal IP, i.e. IP:10.0.0.1 for 10.0.0.0/24 cluster IP range
EXTRA_SANS=$1
create_token() {
echo $(cat /dev/urandom | base64 | tr -d "=+/" | dd bs=32 count=1 2> /dev/null)
}
@ -32,7 +37,7 @@ echo "admin,admin,admin" > /data/basic_auth.csv
# Create HTTPS certificates
groupadd -f -r kube-cert-test
CERT_DIR=/data CERT_GROUP=kube-cert-test /make-ca-cert.sh $(hostname -i)
CERT_DIR=/data CERT_GROUP=kube-cert-test /make-ca-cert.sh $(hostname -i) ${EXTRA_SANS}
# Create known tokens for service accounts
echo "$(create_token),admin,admin" >> /data/known_tokens.csv