From faaff8bd728548f39804b321057cd7fa1d6955e2 Mon Sep 17 00:00:00 2001
From: Robin Elfrink <robin.elfrink@eu.equinix.com>
Date: Wed, 16 Oct 2019 13:31:41 +0200
Subject: [PATCH] Add RotateCertificates to kubelet config if
 kubelet_rotate_certificates is set. (#5152)

Signed-off-by: Robin Elfrink <robin.elfrink@eu.equinix.com>
---
 roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2 | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2 b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
index 78ca34796..ec7cbfe44 100644
--- a/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
+++ b/roles/kubernetes/node/templates/kubelet-config.v1beta1.yaml.j2
@@ -29,6 +29,9 @@ address: {{ kubelet_bind_address }}
 readOnlyPort: {{ kube_read_only_port }}
 kubeletCgroups: {{ kubelet_kubelet_cgroups }}
 clusterDomain: {{ dns_domain }}
+{% if kubelet_rotate_certificates|bool %}
+rotateCertificates: true
+{% endif %}
 {# DNS settings for kubelet #}
 {% if enable_nodelocaldns %}
 {% set kubelet_cluster_dns = [nodelocaldns_ip] %}