kubernetes
/
kube-controller-manager
mirror of https://github.com/kubernetes/kube-controller-manager.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

allow setting different certificates for kube-controller-managed CSR signers 

Kubernetes-commit: e88fecf26bf5a0738cf9ba197a0521c8fa81a39b
This commit is contained in:
David Eads 2020-05-06 16:02:31 -04:00 committed by Kubernetes Publisher
parent 004ee30e3b
commit a64c0efcf0
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
config/v1alpha1/types.go
View File

@ -246,11 +246,31 @@ type CSRSigningControllerConfiguration struct {
// clusterSigningCertFile is the filename containing a PEM-encoded // clusterSigningCertFile is the filename containing a PEM-encoded
// RSA or ECDSA private key used to issue cluster-scoped certificates // RSA or ECDSA private key used to issue cluster-scoped certificates
ClusterSigningKeyFile string ClusterSigningKeyFile string
// kubeletServingSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kubelet-serving signer
KubeletServingSignerConfiguration CSRSigningConfiguration
// kubeletClientSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kube-apiserver-client-kubelet
KubeletClientSignerConfiguration CSRSigningConfiguration
// kubeAPIServerClientSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/kube-apiserver-client
KubeAPIServerClientSignerConfiguration CSRSigningConfiguration
// legacyUnknownSignerConfiguration holds the certificate and key used to issue certificates for the kubernetes.io/legacy-unknown
LegacyUnknownSignerConfiguration CSRSigningConfiguration
// clusterSigningDuration is the length of duration signed certificates // clusterSigningDuration is the length of duration signed certificates
// will be given. // will be given.
ClusterSigningDuration metav1.Duration ClusterSigningDuration metav1.Duration
} }
// CSRSigningConfiguration holds information about a particular CSR signer
type CSRSigningConfiguration struct {
// certFile is the filename containing a PEM-encoded
// X509 CA certificate used to issue certificates
CertFile string
// keyFile is the filename containing a PEM-encoded
// RSA or ECDSA private key used to issue certificates
KeyFile string
}
// DaemonSetControllerConfiguration contains elements describing DaemonSetController. // DaemonSetControllerConfiguration contains elements describing DaemonSetController.
type DaemonSetControllerConfiguration struct { type DaemonSetControllerConfiguration struct {
// concurrentDaemonSetSyncs is the number of daemonset objects that are // concurrentDaemonSetSyncs is the number of daemonset objects that are