mirror of
https://github.com/rancher/rke.git
synced 2025-06-26 23:40:06 +00:00
9f7a37845e
Add API server parameters `requestheader-client-ca-file`, `requestheader-allowed-names`, `proxy-client-key-file` and `proxy-client-cert-file`. After we added this parameters into API server, the API aggregation server will be supported when it is deployed in rke cluster.
32 lines
1.1 KiB
Go
32 lines
1.1 KiB
Go
package pki
|
|
|
|
const (
|
|
CertPathPrefix = "/etc/kubernetes/ssl/"
|
|
CertificatesServiceName = "certificates"
|
|
CrtDownloaderContainer = "cert-deployer"
|
|
CertFetcherContainer = "cert-fetcher"
|
|
CertificatesSecretName = "k8s-certs"
|
|
TempCertPath = "/etc/kubernetes/.tmp/"
|
|
ClusterConfig = "cluster.yml"
|
|
BundleCertPath = "/backup/pki.bundle.tar.gz"
|
|
|
|
CACertName = "kube-ca"
|
|
RequestHeaderCACertName = "kube-apiserver-requestheader-ca"
|
|
KubeAPICertName = "kube-apiserver"
|
|
KubeControllerCertName = "kube-controller-manager"
|
|
KubeSchedulerCertName = "kube-scheduler"
|
|
KubeProxyCertName = "kube-proxy"
|
|
KubeNodeCertName = "kube-node"
|
|
EtcdCertName = "kube-etcd"
|
|
EtcdClientCACertName = "kube-etcd-client-ca"
|
|
EtcdClientCertName = "kube-etcd-client"
|
|
APIProxyClientCertName = "kube-apiserver-proxy-client"
|
|
|
|
KubeNodeCommonName = "system:node"
|
|
KubeNodeOrganizationName = "system:nodes"
|
|
|
|
KubeAdminCertName = "kube-admin"
|
|
KubeAdminOrganizationName = "system:masters"
|
|
KubeAdminConfigPrefix = "kube_config_"
|
|
)
|