etcd: enable v2 api only if needed (#8001)
* etcd: enable v2 api only if needed Only enable v2 API if we have a consumer (flannel) This reduce the exposed surface for etcd. * Fix bad group name
This commit is contained in:
parent
c8d7f000c9
commit
c0e1211abe
1 changed files with 2 additions and 1 deletions
|
@ -32,8 +32,9 @@ ETCD_MAX_SNAPSHOTS={{ etcd_max_snapshots }}
|
|||
{% if etcd_max_wals is defined %}
|
||||
ETCD_MAX_WALS={{ etcd_max_wals }}
|
||||
{% endif %}
|
||||
# Flannel need etcd v2 API
|
||||
{% if hostvars[groups['k8s_cluster'][0]]['kube_network_plugin'] == 'flannel' %}
|
||||
ETCD_ENABLE_V2=true
|
||||
{% endif %}
|
||||
|
||||
# TLS settings
|
||||
ETCD_TRUSTED_CA_FILE={{ etcd_cert_dir }}/ca.pem
|
||||
|
|
Loading…
Reference in a new issue