mirror of https://github.com/kubernetes/kops.git
Merge pull request #14608 from hakman/kops-controller_apiserver_role
Don't serve config from kops-controller for APIServer nodes
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
e4606e8ed0
|
|
@ -132,7 +132,7 @@ func (b *BootstrapScript) buildEnvironmentVariables(cluster *kops.Cluster) (map[
|
||||||
env["GOSSIP_DNS_CONN_LIMIT"] = os.Getenv("GOSSIP_DNS_CONN_LIMIT")
|
env["GOSSIP_DNS_CONN_LIMIT"] = os.Getenv("GOSSIP_DNS_CONN_LIMIT")
|
||||||
}
|
}
|
||||||
|
|
||||||
if os.Getenv("S3_ENDPOINT") != "" && (!model.UseKopsControllerForNodeBootstrap(cluster) || b.ig.IsMaster()) {
|
if os.Getenv("S3_ENDPOINT") != "" && (!model.UseKopsControllerForNodeBootstrap(cluster) || b.ig.HasAPIServer()) {
|
||||||
env["S3_ENDPOINT"] = os.Getenv("S3_ENDPOINT")
|
env["S3_ENDPOINT"] = os.Getenv("S3_ENDPOINT")
|
||||||
env["S3_REGION"] = os.Getenv("S3_REGION")
|
env["S3_REGION"] = os.Getenv("S3_REGION")
|
||||||
env["S3_ACCESS_KEY_ID"] = os.Getenv("S3_ACCESS_KEY_ID")
|
env["S3_ACCESS_KEY_ID"] = os.Getenv("S3_ACCESS_KEY_ID")
|
||||||
|
|
|
||||||
|
|
@ -165,32 +165,10 @@ __EOF_CLUSTER_SPEC
|
||||||
|
|
||||||
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
cat > conf/kube_env.yaml << '__EOF_KUBE_ENV'
|
||||||
CloudProvider: aws
|
CloudProvider: aws
|
||||||
ConfigServer:
|
ConfigBase: memfs://clusters.example.com/minimal.example.com
|
||||||
CACertificates: |
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIBbjCCARigAwIBAgIMFpANqBD8NSD82AUSMA0GCSqGSIb3DQEBCwUAMBgxFjAU
|
|
||||||
BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwODAwWhcNMzEwNzA3MDcw
|
|
||||||
ODAwWjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD
|
|
||||||
SwAwSAJBANFI3zr0Tk8krsW8vwjfMpzJOlWQ8616vG3YPa2qAgI7V4oKwfV0yIg1
|
|
||||||
jt+H6f4P/wkPAPTPTfRp9Iy8oHEEFw0CAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG
|
|
||||||
MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNG3zVjTcLlJwDsJ4/K9DV7KohUA
|
|
||||||
MA0GCSqGSIb3DQEBCwUAA0EAB8d03fY2w7WKpfO29qI295pu2C4ca9AiVGOpgSc8
|
|
||||||
tmQsq6rcxt3T+rb589PVtz0mw/cKTxOk6gH2CCC+yHfy2w==
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIBbjCCARigAwIBAgIMFpANvmSa0OAlYmXKMA0GCSqGSIb3DQEBCwUAMBgxFjAU
|
|
||||||
BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwOTM2WhcNMzEwNzA3MDcw
|
|
||||||
OTM2WjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD
|
|
||||||
SwAwSAJBAMF6F4aZdpe0RUpyykaBpWwZCnwbffhYGOw+fs6RdLuUq7QCNmJm/Eq7
|
|
||||||
WWOziMYDiI9SbclpD+6QiJ0N3EqppVUCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG
|
|
||||||
MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLImp6ARjPDAH6nhI+scWVt3Q9bn
|
|
||||||
MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
|
|
||||||
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
server: https://kops-controller.internal.minimal.example.com:3988/
|
|
||||||
InstanceGroupName: apiserver
|
InstanceGroupName: apiserver
|
||||||
InstanceGroupRole: APIServer
|
InstanceGroupRole: APIServer
|
||||||
NodeupConfigHash: 5yiCVw+BD0+36GR/X1I5O0qfDuUXCvYxqqwaNy5BYFU=
|
NodeupConfigHash: vMi9Desod9xbuTf+IOVqaO3/VqrVtrOHP20EojREMJU=
|
||||||
|
|
||||||
__EOF_KUBE_ENV
|
__EOF_KUBE_ENV
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -109,6 +109,27 @@ CAs:
|
||||||
x+PeBDANBgkqhkiG9w0BAQsFAANBAF1xUz77PlUVUnd9duF8F7plou0TONC9R6/E
|
x+PeBDANBgkqhkiG9w0BAQsFAANBAF1xUz77PlUVUnd9duF8F7plou0TONC9R6/E
|
||||||
YQ8C6vM1b+9NSDGjCW8YmwEU2fBgskb/BBX2lwVZ32/RUEju4Co=
|
YQ8C6vM1b+9NSDGjCW8YmwEU2fBgskb/BBX2lwVZ32/RUEju4Co=
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
kubernetes-ca: |
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBbjCCARigAwIBAgIMFpANqBD8NSD82AUSMA0GCSqGSIb3DQEBCwUAMBgxFjAU
|
||||||
|
BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwODAwWhcNMzEwNzA3MDcw
|
||||||
|
ODAwWjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD
|
||||||
|
SwAwSAJBANFI3zr0Tk8krsW8vwjfMpzJOlWQ8616vG3YPa2qAgI7V4oKwfV0yIg1
|
||||||
|
jt+H6f4P/wkPAPTPTfRp9Iy8oHEEFw0CAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG
|
||||||
|
MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNG3zVjTcLlJwDsJ4/K9DV7KohUA
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA0EAB8d03fY2w7WKpfO29qI295pu2C4ca9AiVGOpgSc8
|
||||||
|
tmQsq6rcxt3T+rb589PVtz0mw/cKTxOk6gH2CCC+yHfy2w==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
|
-----BEGIN CERTIFICATE-----
|
||||||
|
MIIBbjCCARigAwIBAgIMFpANvmSa0OAlYmXKMA0GCSqGSIb3DQEBCwUAMBgxFjAU
|
||||||
|
BgNVBAMTDWt1YmVybmV0ZXMtY2EwHhcNMjEwNzA3MDcwOTM2WhcNMzEwNzA3MDcw
|
||||||
|
OTM2WjAYMRYwFAYDVQQDEw1rdWJlcm5ldGVzLWNhMFwwDQYJKoZIhvcNAQEBBQAD
|
||||||
|
SwAwSAJBAMF6F4aZdpe0RUpyykaBpWwZCnwbffhYGOw+fs6RdLuUq7QCNmJm/Eq7
|
||||||
|
WWOziMYDiI9SbclpD+6QiJ0N3EqppVUCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEG
|
||||||
|
MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFLImp6ARjPDAH6nhI+scWVt3Q9bn
|
||||||
|
MA0GCSqGSIb3DQEBCwUAA0EAVQVx5MUtuAIeePuP9o51xtpT2S6Fvfi8J4ICxnlA
|
||||||
|
9B7UD2ushcVFPtaeoL9Gfu8aY4KJBeqqg5ojl4qmRnThjw==
|
||||||
|
-----END CERTIFICATE-----
|
||||||
ClusterName: minimal.example.com
|
ClusterName: minimal.example.com
|
||||||
FileAssets:
|
FileAssets:
|
||||||
- content: |
|
- content: |
|
||||||
|
|
|
||||||
|
|
@ -1444,7 +1444,7 @@ func (n *nodeUpConfigBuilder) BuildConfig(ig *kops.InstanceGroup, apiserverAddit
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
useConfigServer := apiModel.UseKopsControllerForNodeBootstrap(cluster) && (role != kops.InstanceGroupRoleMaster)
|
useConfigServer := apiModel.UseKopsControllerForNodeBootstrap(cluster) && !ig.HasAPIServer()
|
||||||
if useConfigServer {
|
if useConfigServer {
|
||||||
host := "kops-controller.internal." + cluster.ObjectMeta.Name
|
host := "kops-controller.internal." + cluster.ObjectMeta.Name
|
||||||
if cluster.UsesNoneDNS() {
|
if cluster.UsesNoneDNS() {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue