promote tls-bootstrap to beta

This commit is contained in:
Mike Danese 2017-05-31 11:55:00 -07:00
parent f533bf729f
commit cdcfa35c2a
4 changed files with 7 additions and 4 deletions

View File

@ -691,7 +691,7 @@ function start-kubelet {
flags+=" --hairpin-mode=none" flags+=" --hairpin-mode=none"
if [[ "${REGISTER_MASTER_KUBELET:-false}" == "true" ]]; then if [[ "${REGISTER_MASTER_KUBELET:-false}" == "true" ]]; then
#TODO(mikedanese): allow static pods to start before creating a client #TODO(mikedanese): allow static pods to start before creating a client
#flags+=" --experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig" #flags+=" --bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
#flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig" #flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
flags+=" --kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig" flags+=" --kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
flags+=" --require-kubeconfig" flags+=" --require-kubeconfig"
@ -703,7 +703,7 @@ function start-kubelet {
else # For nodes else # For nodes
flags+="${NODE_KUBELET_TEST_ARGS:-}" flags+="${NODE_KUBELET_TEST_ARGS:-}"
flags+=" --enable-debugging-handlers=true" flags+=" --enable-debugging-handlers=true"
flags+=" --experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig" flags+=" --bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig"
flags+=" --require-kubeconfig" flags+=" --require-kubeconfig"
flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig" flags+=" --kubeconfig=/var/lib/kubelet/kubeconfig"
if [[ "${HAIRPIN_MODE:-}" == "promiscuous-bridge" ]] || \ if [[ "${HAIRPIN_MODE:-}" == "promiscuous-bridge" ]] || \

View File

@ -39,7 +39,7 @@
{% endif -%} {% endif -%}
{% if grains.cloud == 'gce' -%} {% if grains.cloud == 'gce' -%}
{% set api_servers = "--experimental-bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig --require-kubeconfig --kubeconfig=/var/lib/kubelet/kubeconfig" -%} {% set api_servers = "--bootstrap-kubeconfig=/var/lib/kubelet/bootstrap-kubeconfig --require-kubeconfig --kubeconfig=/var/lib/kubelet/kubeconfig" -%}
{% endif -%} {% endif -%}
{% set cloud_provider = "" -%} {% set cloud_provider = "" -%}

View File

@ -121,7 +121,9 @@ func (f *KubeletFlags) AddFlags(fs *pflag.FlagSet) {
fs.Var(&f.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set.") fs.Var(&f.KubeConfig, "kubeconfig", "Path to a kubeconfig file, specifying how to connect to the API server. --api-servers will be used for the location unless --require-kubeconfig is set.")
fs.BoolVar(&f.RequireKubeConfig, "require-kubeconfig", f.RequireKubeConfig, "If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.") fs.BoolVar(&f.RequireKubeConfig, "require-kubeconfig", f.RequireKubeConfig, "If true the Kubelet will exit if there are configuration errors, and will ignore the value of --api-servers in favor of the server defined in the kubeconfig file.")
fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "<Warning: Experimental feature> Path to a kubeconfig file that will be used to get client certificate for kubelet. "+ fs.MarkDeprecated("experimental-bootstrap-kubeconfig", "Use --bootstrap-kubeconfig")
fs.StringVar(&f.BootstrapKubeconfig, "experimental-bootstrap-kubeconfig", f.BootstrapKubeconfig, "deprecated: use --bootstrap-kubeconfig")
fs.StringVar(&f.BootstrapKubeconfig, "bootstrap-kubeconfig", f.BootstrapKubeconfig, "Path to a kubeconfig file that will be used to get client certificate for kubelet. "+
"If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. "+ "If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. "+
"On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. "+ "On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. "+
"The client certificate and key file will be stored in the directory pointed by --cert-dir.") "The client certificate and key file will be stored in the directory pointed by --cert-dir.")

View File

@ -242,6 +242,7 @@ exit-on-lock-contention
experimental-allocatable-ignore-eviction experimental-allocatable-ignore-eviction
experimental-allowed-unsafe-sysctls experimental-allowed-unsafe-sysctls
experimental-bootstrap-kubeconfig experimental-bootstrap-kubeconfig
bootstrap-kubeconfig
experimental-bootstrap-token-auth experimental-bootstrap-token-auth
experimental-check-node-capabilities-before-mount experimental-check-node-capabilities-before-mount
experimental-cluster-signing-duration experimental-cluster-signing-duration