mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
promote tls-bootstrap to beta
This commit is contained in:
parent
f533bf729f
commit
cdcfa35c2a
@ -691,7 +691,7 @@ function start-kubelet {
|
|||||||
flags+=" --hairpin-mode=none"
|
flags+=" --hairpin-mode=none"
|
||||||
if [[ "${REGISTER_MASTER_KUBELET:-false}" == "true" ]]; then
|
if [[ "${REGISTER_MASTER_KUBELET:-false}" == "true" ]]; then
|
||||||
#TODO(mikedanese): allow static pods to start before creating a client
|
#TODO(mikedanese): allow static pods to start before creating a client
|
||||||
#flags+=" --experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
#flags+=" --bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
||||||
#flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
|
#flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
|
||||||
flags+=" --kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
flags+=" --kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
||||||
flags+=" --require-kubeconfig"
|
flags+=" --require-kubeconfig"
|
||||||
@ -703,7 +703,7 @@ function start-kubelet {
|
|||||||
else # For nodes
|
else # For nodes
|
||||||
flags+="${NODE_KUBELET_TEST_ARGS:-}"
|
flags+="${NODE_KUBELET_TEST_ARGS:-}"
|
||||||
flags+=" --enable-debugging-handlers=true"
|
flags+=" --enable-debugging-handlers=true"
|
||||||
flags+=" --experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
flags+=" --bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
|
||||||
flags+=" --require-kubeconfig"
|
flags+=" --require-kubeconfig"
|
||||||
flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
|
flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
|
||||||
if [[ "${HAIRPIN_MODE:-}" == "promiscuous-bridge" ]] || \
|
if [[ "${HAIRPIN_MODE:-}" == "promiscuous-bridge" ]] || \
|
||||||
|
@ -39,7 +39,7 @@
|
|||||||
{% endif -%}
|
{% endif -%}
|
||||||
|
|
||||||
{% if grains.cloud == 'gce' -%}
|
{% if grains.cloud == 'gce' -%}
|
||||||
{% set api_servers = "--experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig --require-kubeconfig --kubeconfig=/var/lib/kubelet/kubeconfig" -%}
|
{% set api_servers = "--bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig --require-kubeconfig --kubeconfig=/var/lib/kubelet/kubeconfig" -%}
|
||||||
{% endif -%}
|
{% endif -%}
|
||||||
|
|
||||||
{% set cloud_provider = "" -%}
|
{% set cloud_provider = "" -%}
|
||||||
|
@ -121,7 +121,9 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
|
|||||||
fs.Var(&f.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set.")
|
fs.Var(&f.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set.")
|
||||||
fs.BoolVar(&f.RequireKubeConfig, "require-kubeconfig", f.RequireKubeConfig, "If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.")
|
fs.BoolVar(&f.RequireKubeConfig, "require-kubeconfig", f.RequireKubeConfig, "If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.")
|
||||||
|
|
||||||
fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "<Warning: Experimental feature> Path to a kubeconfig file that will be used to get client certificate for kubelet. "+
|
fs.MarkDeprecated("experimental-bootstrap-kubeconfig", "Use --bootstrap-kubeconfig")
|
||||||
|
fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "deprecated: use --bootstrap-kubeconfig")
|
||||||
|
fs.StringVar(&f.BootstrapKubeconfig, "bootstrap-kubeconfig", f.BootstrapKubeconfig, "Path to a kubeconfig file that will be used to get client certificate for kubelet. "+
|
||||||
"If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. "+
|
"If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. "+
|
||||||
"On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. "+
|
"On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. "+
|
||||||
"The client certificate and key file will be stored in the directory pointed by --cert-dir.")
|
"The client certificate and key file will be stored in the directory pointed by --cert-dir.")
|
||||||
|
@ -242,6 +242,7 @@ exit-on-lock-contention
|
|||||||
experimental-allocatable-ignore-eviction
|
experimental-allocatable-ignore-eviction
|
||||||
experimental-allowed-unsafe-sysctls
|
experimental-allowed-unsafe-sysctls
|
||||||
experimental-bootstrap-kubeconfig
|
experimental-bootstrap-kubeconfig
|
||||||
|
bootstrap-kubeconfig
|
||||||
experimental-bootstrap-token-auth
|
experimental-bootstrap-token-auth
|
||||||
experimental-check-node-capabilities-before-mount
|
experimental-check-node-capabilities-before-mount
|
||||||
experimental-cluster-signing-duration
|
experimental-cluster-signing-duration
|
||||||
|
Loading…
Reference in New Issue
Block a user