rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-09-13 05:34:11 +00:00
Code Issues Releases Wiki Activity

Fix rotate certificates with new state

Browse Source
This commit is contained in:
galal-hussein
2018-11-13 01:24:59 +02:00
committed by Alena Prokharchyk
parent b67a67c3bb
commit 11aa0caabc
9 changed files with 110 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cluster/state.go
View File

@@ -47,7 +47,7 @@ func (c *Cluster) GetClusterState(ctx context.Context, fullState *FullState) (*C
}
// resetup external flags
flags := GetExternalFlags(false, false, false, false, nil, c.ConfigDir, c.ConfigPath)
flags := GetExternalFlags(false, false, false, c.ConfigDir, c.ConfigPath)
currentCluster, err := InitClusterObject(ctx, fullState.CurrentState.RancherKubernetesEngineConfig, flags)
if err != nil {
return nil, err
@@ -161,15 +161,15 @@ func RebuildState(ctx context.Context, rkeConfig *v3.RancherKubernetesEngineConf
} else {
// Regenerating etcd certificates for any new etcd nodes
pkiCertBundle := oldState.DesiredState.CertificatesBundle
if err := pki.GenerateEtcdCertificates(ctx, pkiCertBundle, *rkeConfig, "", ""); err != nil {
if err := pki.GenerateEtcdCertificates(ctx, pkiCertBundle, *rkeConfig, "", "", false); err != nil {
return nil, err
}
// Regenerating kubeapi certificates for any new kubeapi nodes
if err := pki.GenerateKubeAPICertificate(ctx, pkiCertBundle, *rkeConfig, "", ""); err != nil {
if err := pki.GenerateKubeAPICertificate(ctx, pkiCertBundle, *rkeConfig, "", "", false); err != nil {
return nil, err
}
// Regenerating kubeadmin certificates/config
if err := pki.GenerateKubeAdminCertificate(ctx, pkiCertBundle, *rkeConfig, flags.ClusterFilePath, flags.ConfigDir); err != nil {
if err := pki.GenerateKubeAdminCertificate(ctx, pkiCertBundle, *rkeConfig, flags.ClusterFilePath, flags.ConfigDir, false); err != nil {
return nil, err
}
newState.DesiredState.CertificatesBundle = pkiCertBundle