From b94da0213a3d15f9ead1a21d5c79af114af7f238 Mon Sep 17 00:00:00 2001 From: jcope Date: Fri, 30 Apr 2021 11:01:20 -0500 Subject: [PATCH 1/3] go fmt --- pkg/cmd/node.go | 3 --- 1 file changed, 3 deletions(-) diff --git a/pkg/cmd/node.go b/pkg/cmd/node.go index f96b09528a..5ded99c7f6 100644 --- a/pkg/cmd/node.go +++ b/pkg/cmd/node.go @@ -18,9 +18,6 @@ package cmd import ( "github.com/sirupsen/logrus" "github.com/spf13/cobra" - - kubeproxy "k8s.io/kubernetes/cmd/kube-proxy/app" - kubelet "k8s.io/kubernetes/cmd/kubelet/app" ) // nodeCmd represents the node command From 3f5887039cdc5705d4318dfe4a641631f2fae0b9 Mon Sep 17 00:00:00 2001 From: jcope Date: Fri, 30 Apr 2021 14:01:22 -0500 Subject: [PATCH 2/3] cert gens --- pkg/cmd/init.go | 46 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 40 insertions(+), 6 deletions(-) diff --git a/pkg/cmd/init.go b/pkg/cmd/init.go index eb4d75e66b..47d3ece2b9 100644 --- a/pkg/cmd/init.go +++ b/pkg/cmd/init.go @@ -63,29 +63,63 @@ func initCerts() error { } // kube-apiserver // client-ca-file: /etc/kubernetes/static-pod-certs/configmaps/client-ca/ca-bundle.crt - + util.GenCerts("kube-apiserver", + "/etc/kubernetes/static-pod-certs/configmaps/client-ca/", + "ca-bundle.crt", + "ca-bundle.key") // kubelet // kubelet-certificate-authority: /etc/kubernetes/static-pod-resources/configmaps/kubelet-serving-ca/ca-bundle.crt + util.GenCerts("kubelet-cert", + "/etc/kubernetes/static-pod-resources/configmaps/kubelet-serving-ca", + "ca-bundle.crt", + "ca-bundle.key") // kubelet-client-certificate: /etc/kubernetes/static-pod-resources/secrets/kubelet-client/tls.crt + util.GenCerts("kubelet-client-certificate", + "/etc/kubernetes/static-pod-resources/secrets/kubelet-client", + "tls.crt", + "tls.key") // kubelet-client-key: /etc/kubernetes/static-pod-resources/secrets/kubelet-client/tls.key - + util.GenCerts("/etc/kubernetes/static-pod-resources/secrets/kubelet-client/", + "/etc/kubernetes/static-pod-resources/secrets/kubelet-client", + "tls.crt", + "tls.key") // proxy client // proxy-client-cert-file: /etc/kubernetes/static-pod-certs/secrets/aggregator-client/tls.crt // proxy-client-key-file: /etc/kubernetes/static-pod-certs/secrets/aggregator-client/tls.key - + util.GenCerts("proxy-client", + "/etc/kubernetes/static-pod-certs/secrets/aggregator-client/", + "tls.crt", + "tls.key") // request header // requestheader-client-ca-file: /etc/kubernetes/static-pod-certs/configmaps/aggregator-client-ca/ca-bundle.crt - + util.GenCerts("requestheader-client-ca-file", + "/etc/kubernetes/static-pod-certs/configmaps/aggregator-client-ca/ca-bundle.crt", + "ca-bundle.crt", + "ca-bundle.key") // tls // tls-cert-file: /etc/kubernetes/static-pod-certs/secrets/service-network-serving-certkey/tls.crt // tls-private-key-file: /etc/kubernetes/static-pod-certs/secrets/service-network-serving-certkey/tls.key - + util.GenCerts("tls", + "/etc/kubernetes/static-pod-certs/secrets/service-network-serving-certkey", + "tls.crt", + "tls.key") // kube-controller-manager // root-ca-file: /etc/kubernetes/static-pod-resources/configmaps/serviceaccount-ca/ca-bundle.crt + util.GenCerts("kube-controller-manager", + "/etc/kubernetes/static-pod-resources/configmaps/serviceaccount-ca/", + "ca-bundle.crt", + "ca-bundle.key") // service-account-private-key-file: /etc/kubernetes/static-pod-resources/secrets/service-account-private-key/service-account.key + util.GenCerts("service-account-private-key-file", + "/etc/kubernetes/static-pod-resources/secrets/service-account-private-key", + "service-account.crt", + "service-account.key") // cluster-signing-cert-file: /etc/kubernetes/static-pod-certs/secrets/csr-signer/tls.crt // cluster-signing-key-file: /etc/kubernetes/static-pod-certs/secrets/csr-signer/tls.key - + util.GenCerts("cluster-signing-key-file", + "/etc/kubernetes/static-pod-certs/secrets/csr-signer", + "tls.crt", + "tls.key") // kube-scheduler // openshift-apiserver From 174080ff513fc24cd1910fbb76bab25baf57d37c Mon Sep 17 00:00:00 2001 From: jcope Date: Fri, 30 Apr 2021 14:58:47 -0500 Subject: [PATCH 3/3] fix kubelet and kube-proxy imports --- pkg/cmd/node.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/cmd/node.go b/pkg/cmd/node.go index 5ded99c7f6..1bf490e4ce 100644 --- a/pkg/cmd/node.go +++ b/pkg/cmd/node.go @@ -18,6 +18,8 @@ package cmd import ( "github.com/sirupsen/logrus" "github.com/spf13/cobra" + kubelet "k8s.io/kubernetes/cmd/kubelet/app" + kubeproxy "k8s.io/kubernetes/cmd/kube-proxy/app" ) // nodeCmd represents the node command