rancher/rke
1
0
Fork 0
mirror of https://github.com/rancher/rke.git synced 2025-09-12 13:18:47 +00:00
Code Issues Releases Wiki Activity

Regenerate requestheader ca for legacy clusters

Browse Source
This commit is contained in:
galal-hussein
2019-03-06 03:02:46 +02:00
committed by Alena Prokharchyk
parent edf9d3bf9b
commit 2aac0e475f
2 changed files with 16 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
pki/services.go
View File

@@ -400,6 +400,13 @@ func GenerateServiceTokenKey(ctx context.Context, certs map[string]CertificatePK
}
func GenerateRKECACerts(ctx context.Context, certs map[string]CertificatePKI, configPath, configDir string) error {
if err := GenerateRKEMasterCACert(ctx, certs, configPath, configDir); err != nil {
return err
}
return GenerateRKERequestHeaderCACert(ctx, certs, configPath, configDir)
}
func GenerateRKEMasterCACert(ctx context.Context, certs map[string]CertificatePKI, configPath, configDir string) error {
// generate kubernetes CA certificate and key
log.Infof(ctx, "[certificates] Generating CA kubernetes certificates")
@@ -408,7 +415,10 @@ func GenerateRKECACerts(ctx context.Context, certs map[string]CertificatePKI, co
return err
}
certs[CACertName] = ToCertObject(CACertName, "", "", caCrt, caKey, nil)
return nil
}
func GenerateRKERequestHeaderCACert(ctx context.Context, certs map[string]CertificatePKI, configPath, configDir string) error {
// generate request header client CA certificate and key
log.Infof(ctx, "[certificates] Generating Kubernetes API server aggregation layer requestheader client CA certificates")
requestHeaderCACrt, requestHeaderCAKey, err := GenerateCACertAndKey(RequestHeaderCACertName, nil)