kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

apiserver: fix misleading delegated authn/z warnings 

Kubernetes-commit: 059fce63b755ef6052db273fd6c91f3090036389
This commit is contained in:
Dr. Stefan Schimanski 2018-09-05 09:11:45 +02:00 committed by Kubernetes Publisher
parent e9312c1529
commit c8f47fd79c
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/server/options/authentication.go
View File

@ -230,10 +230,10 @@ func (s *DelegatingAuthenticationOptions) lookupMissingConfigInCluster(client ku
}
if client == nil {
if len(s.ClientCert.ClientCA) == 0 {
glog.Warningf("No authentication-kubeconfig provided in order to lookup client-ca-file in configmap/%s in %s, so client certificate authentication to extension api-server won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
glog.Warningf("No authentication-kubeconfig provided in order to lookup client-ca-file in configmap/%s in %s, so client certificate authentication won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
}
if len(s.RequestHeader.ClientCAFile) == 0 {
glog.Warningf("No authentication-kubeconfig provided in order to lookup requestheader-client-ca-file in configmap/%s in %s, so request-header client certificate authentication to extension api-server won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
glog.Warningf("No authentication-kubeconfig provided in order to lookup requestheader-client-ca-file in configmap/%s in %s, so request-header client certificate authentication won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
}
return nil
}
@ -262,7 +262,7 @@ func (s *DelegatingAuthenticationOptions) lookupMissingConfigInCluster(client ku
}
}
if len(s.ClientCert.ClientCA) == 0 {
glog.Warningf("Cluster doesn't provide client-ca-file in configmap/%s in %s, so client certificate authentication to extension api-server won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
glog.Warningf("Cluster doesn't provide client-ca-file in configmap/%s in %s, so client certificate authentication won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
}
}
@ -277,7 +277,7 @@ func (s *DelegatingAuthenticationOptions) lookupMissingConfigInCluster(client ku
}
}
if len(s.RequestHeader.ClientCAFile) == 0 {
glog.Warningf("Cluster doesn't provide requestheader-client-ca-file in configmap/%s in %s, so request-header client certificate authentication to extension api-server won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
glog.Warningf("Cluster doesn't provide requestheader-client-ca-file in configmap/%s in %s, so request-header client certificate authentication won't work.", authenticationConfigMapName, authenticationConfigMapNamespace)
}
}