Merge pull request #125 from utilitywarehouse/tls-config

Move TLS config to config file from flags
utilitywarehouse · May 19, 2020 · 1f40ad9 · 1f40ad9
2 parents 6955c85 + 4e1c408
commit 1f40ad9
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/resources/master-kubelet-conf.yaml b/resources/master-kubelet-conf.yaml
@@ -15,4 +15,6 @@ clusterDomain: "cluster.local"
 ${feature_gates == "" ? "" : "featureGates:\n  ${feature_gates}"}
 serializeImagePulls: false
 staticPodPath: "/etc/kubernetes/manifests"
+tlsCertFile: "/etc/kubernetes/ssl/kubelet.pem"
+tlsPrivateKeyFile: "/etc/kubernetes/ssl/kubelet-key.pem"
 cgroupDriver: systemd
diff --git a/resources/master-kubelet.service b/resources/master-kubelet.service
@@ -32,8 +32,6 @@ ExecStart=${kubelet_binary_path} \
   --cni-conf-dir=/etc/cni/net.d \
   ${cloud_provider == "" ? "" : "--cloud-provider=${cloud_provider}"} \
   --lock-file=/var/run/lock/kubelet.lock \
-  --tls-cert-file=/etc/kubernetes/ssl/kubelet.pem \
-  --tls-private-key-file=/etc/kubernetes/ssl/kubelet-key.pem \
   --exit-on-lock-contention \
   --v=0
 Restart=always

diff --git a/resources/node-kubelet-conf.yaml b/resources/node-kubelet-conf.yaml
@@ -15,6 +15,8 @@ clusterDomain: "cluster.local"
 ${feature_gates == "" ? "" : "featureGates:\n  ${feature_gates}"}
 serializeImagePulls: false
 staticPodPath: "/etc/kubernetes/manifests"
+tlsCertFile: "/etc/kubernetes/ssl/kubelet.pem"
+tlsPrivateKeyFile: "/etc/kubernetes/ssl/kubelet-key.pem"
 cgroupDriver: systemd
 
 # Resource allocation

diff --git a/resources/node-kubelet.service b/resources/node-kubelet.service
@@ -35,8 +35,6 @@ ExecStart=${kubelet_binary_path} \
 %{ if taints != "" }  --register-with-taints=${taints} \
 %{ endif ~}
   --lock-file=/var/run/lock/kubelet.lock \
-  --tls-cert-file=/etc/kubernetes/ssl/kubelet.pem \
-  --tls-private-key-file=/etc/kubernetes/ssl/kubelet-key.pem \
   --v=0
 Restart=always
 RestartSec=10