mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-27 13:37:30 +00:00
Specify sshUser, sshKeyfile in kube-apiserver manifest.
Trim space on ssh key so GCE doesn't treat it as 2 lines. A couple other minor fixes.
This commit is contained in:
CJ Cullen
parent
5115fd5703
commit
de9a5f43bc
@ -81,7 +81,7 @@
|
|||||||
{% endif -%}
|
{% endif -%}
|
||||||
|
|
||||||
{% set params = address + " " + etcd_servers + " " + cloud_provider + " " + cloud_config + " " + runtime_config + " " + admission_control + " " + service_cluster_ip_range + " " + client_ca_file + " " + basic_auth_file + " " + min_request_timeout -%}
|
{% set params = address + " " + etcd_servers + " " + cloud_provider + " " + cloud_config + " " + runtime_config + " " + admission_control + " " + service_cluster_ip_range + " " + client_ca_file + " " + basic_auth_file + " " + min_request_timeout -%}
|
||||||
{% set params = params + " " + cluster_name + " " + cert_file + " " + key_file + " --secure_port=" + secure_port + " " + token_auth_file + " " + bind_address + " " + pillar['log_level'] + " " + advertise_address -%}
|
{% set params = params + " " + cluster_name + " " + cert_file + " " + key_file + " --secure_port=" + secure_port + " " + token_auth_file + " " + bind_address + " " + pillar['log_level'] + " " + advertise_address + " --ssh-user=root --ssh-keyfile=/.sshkeyfile"-%}
|
||||||
|
|
||||||
{
|
{
|
||||||
"apiVersion": "v1beta3",
|
"apiVersion": "v1beta3",
|
||||||
|
|||||||
@ -17,6 +17,7 @@ limitations under the License.
|
|||||||
package gce_cloud
|
package gce_cloud
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"bytes"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
@ -484,6 +485,7 @@ func (gce *GCECloud) AddSSHKeyToAllInstances(user string, keyData []byte) error
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
keyData = bytes.TrimSpace(keyData)
|
||||||
found := false
|
found := false
|
||||||
for _, item := range project.CommonInstanceMetadata.Items {
|
for _, item := range project.CommonInstanceMetadata.Items {
|
||||||
if item.Key == "sshKeys" {
|
if item.Key == "sshKeys" {
|
||||||
|
|||||||
@ -340,6 +340,8 @@ func New(c *Config) *Master {
|
|||||||
serviceReadWriteIP: serviceReadWriteIP,
|
serviceReadWriteIP: serviceReadWriteIP,
|
||||||
// TODO: serviceReadWritePort should be passed in as an argument, it may not always be 443
|
// TODO: serviceReadWritePort should be passed in as an argument, it may not always be 443
|
||||||
serviceReadWritePort: 443,
|
serviceReadWritePort: 443,
|
||||||
|
|
||||||
|
installSSHKey: c.InstallSSHKey,
|
||||||
}
|
}
|
||||||
|
|
||||||
var handlerContainer *restful.Container
|
var handlerContainer *restful.Container
|
||||||
@ -827,7 +829,9 @@ func (m *Master) generateSSHKey(user, keyfile string) error {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
ioutil.WriteFile(keyfile, util.EncodePrivateKey(private), 0600)
|
if err := ioutil.WriteFile(keyfile, util.EncodePrivateKey(private), 0600); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
data, err := util.EncodeSSHKey(public)
|
data, err := util.EncodeSSHKey(public)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user