add cluster-signing to kube-controller-manager

kube-controller-manager's cluster signing cert and key points by default to not
existing `/etc/kubernetes/ca/ca.pem` and `/etc/kubernetes/ca/ca.key` [docs][1]

[1]: http://kubernetes.io/docs/admin/kube-controller-manager/#options
This commit is contained in:
fen4o 2016-12-07 11:09:04 +02:00 committed by Martin Vladev
parent 8e28cb8095
commit 10ce760450

View file

@ -18,6 +18,8 @@ spec:
- --leader-elect=true - --leader-elect=true
- --service-account-private-key-file={{ kube_cert_dir }}/apiserver-key.pem - --service-account-private-key-file={{ kube_cert_dir }}/apiserver-key.pem
- --root-ca-file={{ kube_cert_dir }}/ca.pem - --root-ca-file={{ kube_cert_dir }}/ca.pem
- --cluster-signing-cert-file={{ kube_cert_dir }}/ca.pem
- --cluster-signing-key-file={{ kube_cert_dir }}/ca-key.pem
- --enable-hostpath-provisioner={{ kube_hostpath_dynamic_provisioner }} - --enable-hostpath-provisioner={{ kube_hostpath_dynamic_provisioner }}
- --v={{ kube_log_level }} - --v={{ kube_log_level }}
{% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %} {% if cloud_provider is defined and cloud_provider in ["openstack", "azure"] %}