github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-29 22:46:12 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #7326 from roberthbailey/client-cert-auth

Browse Source 
Pass the CA root cert into the apiserver
This commit is contained in:
Zach Loafman 2015-04-27 07:48:59 -07:00
commit df1cfae368
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cluster/saltbase/salt/kube-apiserver/kube-apiserver.manifest
View File

@ -43,10 +43,12 @@
{% set cert_file = "--tls_cert_file=/srv/kubernetes/server.cert" -%} {% set cert_file = "--tls_cert_file=/srv/kubernetes/server.cert" -%}
{% set key_file = "--tls_private_key_file=/srv/kubernetes/server.key" -%} {% set key_file = "--tls_private_key_file=/srv/kubernetes/server.key" -%}
{% set client_ca_file = "--client_ca_file=/dev/null" -%}
{% set secure_port = "6443" -%} {% set secure_port = "6443" -%}
{% if grains['cloud'] is defined and grains['cloud'] == 'gce' %} {% if grains['cloud'] is defined and grains['cloud'] == 'gce' %}
{% set secure_port = "443" -%} {% set secure_port = "443" -%}
{% set client_ca_file = "--client_ca_file=/srv/kubernetes/ca.crt" -%}
{% endif -%} {% endif -%}
{% set token_auth_file = "--token_auth_file=/dev/null" -%} {% set token_auth_file = "--token_auth_file=/dev/null" -%}
@ -92,6 +94,7 @@
"{{key_file}}", "{{key_file}}",
"--secure_port={{secure_port}}", "--secure_port={{secure_port}}",
"{{token_auth_file}}", "{{token_auth_file}}",
"{{client_ca_file}}",
"{{publicAddressOverride}}", "{{publicAddressOverride}}",
"{{pillar['log_level']}}" "{{pillar['log_level']}}"
], ],