From eeeeb109a306090846855721da27deb91b6f9b02 Mon Sep 17 00:00:00 2001 From: Karen Almog Date: Fri, 17 Aug 2018 16:16:02 +0200 Subject: [PATCH] Stop using static tls data --- manifests/clusterapi-apiserver-secret.yaml | 13 ------------- manifests/clusterapi-apiserver.yaml | 2 +- manifests/clusterapi-apiservice.yaml | 4 +--- 3 files changed, 2 insertions(+), 17 deletions(-) delete mode 100644 manifests/clusterapi-apiserver-secret.yaml diff --git a/manifests/clusterapi-apiserver-secret.yaml b/manifests/clusterapi-apiserver-secret.yaml deleted file mode 100644 index 4c63d02b5..000000000 --- a/manifests/clusterapi-apiserver-secret.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: v1 -kind: Secret -type: kubernetes.io/tls -metadata: - name: cluster-apiserver-secrets - namespace: default - labels: - api: clusterapi - apiserver: "true" -data: - tls.crt: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURZRENDQWtpZ0F3SUJBZ0lJVld0dEpOQWI0YzB3RFFZSktvWklodmNOQVFFTEJRQXdLekVwTUNjR0ExVUUKQXhNZ1kyeDFjM1JsY21Gd2FTMWpaWEowYVdacFkyRjBaUzFoZFhSb2IzSnBkSGt3SGhjTk1UZ3dOekV3TURnegpPRFE0V2hjTk1Ua3dOekV3TURnek9EUTVXakFoTVI4d0hRWURWUVFERXhaamJIVnpkR1Z5WVhCcExtUmxabUYxCmJIUXVjM1pqTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUF5NG9mZkw5aVR2c0EKeEEraWVDcndnMVZmQTA0S2FVcEF6ODNPWVE5dUtxVXMxQWRQdTBtd2ljcXkzcW1EaHNic3QyOW1peFJ2MTNZbgpUYjFGcGNITTFteitzWjE1UDlBRGtKWnFNdXJ6RC80N1dBVXBwWERqNlJxd2xmTk55MmN1bzJiYTNxc1ZrM051CmJJK1prMFhYMFJjT3o0dXo5a1IxYk5nL3BGTU5lcDBJQ25sNDg0SVpKRUs2QldnU1l3M25pSFRjbU1CVXg5MWEKZ1NxUHJFZkN1TDBJZGMwbGk0Y1d0UUVpb0NOSUdpV3pjb2ZEU01hcUU0SUZ3Sjc0ZVlENDIzckdjVGhyUCt0MApxbW1Qa2ZSRXltUlFHeGswVDVHMzVnUXJpZnNQMENVOXNlK05rMVlMMG9mVktlc1gvZjdFRUkxL0VQNExIKzVJCmttSnBaOHdMTVFJREFRQUJvNEdSTUlHT01BNEdBMVVkRHdFQi93UUVBd0lGb0RBVEJnTlZIU1VFRERBS0JnZ3IKQmdFRkJRY0RBVEJuQmdOVkhSRUVZREJlZ2dwamJIVnpkR1Z5WVhCcGdoSmpiSFZ6ZEdWeVlYQnBMbVJsWm1GMQpiSFNDRm1Oc2RYTjBaWEpoY0drdVpHVm1ZWFZzZEM1emRtT0NKR05zZFhOMFpYSmhjR2t1WkdWbVlYVnNkQzV6CmRtTXVZMngxYzNSbGNpNXNiMk5oYkRBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQWRiZ00zOTBpNVhSbWVONTUKSG9Zcm5HOEUvakxqQW1kRnZTYlUzM25YY25UTnJwV083NHlSRUxYY2NjRm4vZ3FuUWI1NU5KV2M5NDdnVll6TQpwT1JSb3Z3TE5nUlpFSUdkRWhPT1JIaWorOWdNQUUyeVM2c1kzYnhnM3ZzM01aMmxJZmQ1aWpKUnFHcE1hdTBiCkthR2EzamRKYjE0R3VXWElqcDJpOUlNSkxxZUxlTVVOMFMxS055dmlzY05MYjJEQjF3VTY5SDlLZFhUWDFjK0MKSUVhYjIyeXpFZWJiT2RUK2NDOVZWbEZ2RzdlaDZ1c3Ryd3JRSDdkMkhid1krWVgvRWszY1k1M0R5WjltL1FWZgpEOFZvUFIyYmdaWE5GeEozMFlldXM0MTl0c290TUp2L01zTWJKT0l6TEVZUElBeHJab25sUVlDQXZzZ2pIT3FuCkFDS2l3UT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K - tls.key: LS0tLS1CRUdJTiBSU0EgUFJJVkFURSBLRVktLS0tLQpNSUlFcFFJQkFBS0NBUUVBeTRvZmZMOWlUdnNBeEEraWVDcndnMVZmQTA0S2FVcEF6ODNPWVE5dUtxVXMxQWRQCnUwbXdpY3F5M3FtRGhzYnN0MjltaXhSdjEzWW5UYjFGcGNITTFteitzWjE1UDlBRGtKWnFNdXJ6RC80N1dBVXAKcFhEajZScXdsZk5OeTJjdW8yYmEzcXNWazNOdWJJK1prMFhYMFJjT3o0dXo5a1IxYk5nL3BGTU5lcDBJQ25sNAo4NElaSkVLNkJXZ1NZdzNuaUhUY21NQlV4OTFhZ1NxUHJFZkN1TDBJZGMwbGk0Y1d0UUVpb0NOSUdpV3pjb2ZEClNNYXFFNElGd0o3NGVZRDQyM3JHY1RoclArdDBxbW1Qa2ZSRXltUlFHeGswVDVHMzVnUXJpZnNQMENVOXNlK04KazFZTDBvZlZLZXNYL2Y3RUVJMS9FUDRMSCs1SWttSnBaOHdMTVFJREFRQUJBb0lCQUh2WCt2aW9hbVNzRFBjKwpuQmlKNS9YQlNDSjJwWmNTK3dSMXNSRVZsbTZVT2daNHZHYTBtNW43bjRJam1rZXpXZXp5OTIzQWJaeW40NXBGCmc4OHJjRHMzN25DYjVGNlRidGZXN1o4MW5kY3BWV3BsR2NYMFBuaGpLUGJVSjQyUHBxejl0RWF2eWwwQmF6cmEKMVJMcStEbmMwY0l1dXIwcFFsbUw2bzFOaTNJQ2JFWno5bGJvZTJtS3FKTkpGRC9qUlRIQ1EzaEJnK3lXNUxscgpwN0Flbk1kOGlvTHl0algrcjB4N3QvU25nNWFQeFlZVjR5WTlCQ1RFQm05SWJBL3dyK1lDS0lqNlJidm9EcmVtClNGQkNvWjNSdllnYklOSlRqSEkvSnVrYlZLOFdzQmJYOXRadWM3RVhiU3M1V2MxbUZyamdYNVVkdHhENGs5WHgKVXNyNjdRRUNnWUVBNTRUM0JFVzIxNWxmbnpMY3Azdmk4S1grYUJKcWFrM0tCSmFWSEN2ZVBsemtaYmJZQ2R2dApudnRCYW5rNTI3d0xMbHFPd0ZHdnBVdWE0YlpkRi9HZE9sZjI2Qk1weU9uT0pyRElPdGVZek1ieU5ZWkVDWmswCkg1VmlTNys5cjJZZG1Fbm9ycHVrdXVacTIrejg3VVRwYU4yOHFyazIrMHd4VVY0ckFKejlLNGtDZ1lFQTRRL0UKWHNnTHpMYUhkMktMa3h4dUw4aTFwUkdXL0tUK1pmYk9DcnJ5YU1QeFlNYytmamJML3pEYmMxUUl4c3cvWHAwWgpmUVVCMStnN2dPQlVjcGdXc1kzTXAyc3BVdEYrVkxzUmVWcy9MdnBPMHdBZUt3TGMzdmxGMjFIeExIbDNvK0dsCkpqYU1URlFmQ2dQMDhKRVRSb0hqbVNyaG5RV2l5djVCa3VFUHNHa0NnWUVBejhRT1hTSW01TEo2RW9iMVo4UVEKczc5ellIZnVVYm0vYW9Dc0RaejhrK0NQQXd5a01helJRTlBnTDZuY2wybllhdC9QcloxZzBDamFOR2FRZ3BWTQpjUGhSMXBDajllNkVGMHFjVmRuM0FRWWtoSTRhYnJhekJRanRMbWRDMWE0Qkx4SmNvcDJBcGsxelppdjJDd1BGCnAxc2VIZU9iQ01lbWxvdTRjWk53eTJrQ2dZRUFoRXlkZGM0SXlhMGUwdm8xN0NPUlRqdWhNOGkwUmczRGtqTFUKQ2hDOVFRSzJHTnJuREpDdnVIS0MvamVPOVRYSnBwZVpEUm50YkhzU3gzNlhoY21MeFpJQ2xRUDBoYitxa0twcQo2ampPV3BJLzFkOUMzS3ZSSkszSjk5UWlmcTlrdWd5QjVZVzVVWUU5d2NoenF4ck5CdXlCMjE4T3d4dzJCemdSCldnTTlFc2tDZ1lFQWw4UWRkZTd3Vk1qY2kzRFRzdGdWdHZ1UWsvWVB0N0RNU2JXU3BrQTQ3azRWQWdtdVJyQ3QKRjBXMCtDdG1BbWhRckhYaHE3TTFUc1Z6QjNzRkY2cDlzZnN4MTVFK3lEOTJ6aGVIdEJrL0dkeU91eUlvNjFoQwpicUFzcEo0eWRRWDJKM2ttLy85azhuSFpUSThydDhUbHIwS3c0alZoR3hsMEdtS3lacWRtb0RNPQotLS0tLUVORCBSU0EgUFJJVkFURSBLRVktLS0tLQo= -# TODO: generate this dynamically diff --git a/manifests/clusterapi-apiserver.yaml b/manifests/clusterapi-apiserver.yaml index f82362ce2..5d6db2f18 100644 --- a/manifests/clusterapi-apiserver.yaml +++ b/manifests/clusterapi-apiserver.yaml @@ -110,5 +110,5 @@ spec: emptyDir: {} - name: cluster-apiserver-certs secret: - secretName: cluster-apiserver-secrets + secretName: cluster-apiserver-certs # TODO: add readiness and liveness probe diff --git a/manifests/clusterapi-apiservice.yaml b/manifests/clusterapi-apiservice.yaml index f9486a241..abcf5fa52 100644 --- a/manifests/clusterapi-apiservice.yaml +++ b/manifests/clusterapi-apiservice.yaml @@ -9,10 +9,8 @@ spec: version: v1alpha1 group: cluster.k8s.io groupPriorityMinimum: 2000 - versionPriority: 200 service: name: clusterapi namespace: default versionPriority: 10 - caBundle: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM5RENDQWR5Z0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFyTVNrd0p3WURWUVFERXlCamJIVnoKZEdWeVlYQnBMV05sY25ScFptbGpZWFJsTFdGMWRHaHZjbWwwZVRBZUZ3MHhPREEzTVRBd09ETTRORGhhRncweQpPREEzTURjd09ETTRORGhhTUNzeEtUQW5CZ05WQkFNVElHTnNkWE4wWlhKaGNHa3RZMlZ5ZEdsbWFXTmhkR1V0CllYVjBhRzl5YVhSNU1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBdVR3TGR6NlIKbTVxU20wNC9ES1Y3ZUV1ZnFrQmh0S01GZHM3MGswaUVVWjlKcWpNSWE4cFNkU2dMc3VWQXNwbkVZYmJxcTFUcAp1UVRHbnpoNnRQU2lsRnprOWVlOFUvL0dDQmU5NzhNeXl3emgycFB6WjBGaEZHMzFlaVNycjQrRlUxRFpPVGIwCkFucU9QQzU0QmpUOFZTci9aZm9OZkFoTm9hK1RxeEt4dzdDcDZMbmFLVmkzR3U1SlowSzFVK1Z2bGt6ajhWUGkKU256azMyVDJCZTZEQ0MwTUhYRXlRRXdoWFVrTTg5eTNHMTZtVG12Z0JiSHowU2F6Vjc4UE02b0lUdS9HcmgvLwp2RTVoYUdOcTF0RVY0TTRPMGR5K2k2d01rZU9vV3o1MjA5NjgvQ1VmMHJ3c2ZVMGwxWC9YK1RhTmkrMm4weEh1CkJqSWF5bEZaM3oxbVRRSURBUUFCb3lNd0lUQU9CZ05WSFE4QkFmOEVCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXcKQXdFQi96QU5CZ2txaGtpRzl3MEJBUXNGQUFPQ0FRRUFoVFpMSmtOa0FibDE4b3JEc2ZjeFN5TE40MjREOVltLwpXWVo1d1RpNDdzUHdhcG8yMnpkMXF0N0dDa0MzckJrbkNMbnYvODdCWjcrWmhXR0JrYy8xMjZRUldwTUdoY283Ck4zRWhwNmk5OEo3NEY2UVkzRlhVRk9hNWUwNDdGUkZUOGZ2N2RLQjR6Nm45N05YWE9ZeDJIZ3d6R2ozNGliTGEKZUs3SkorTEUvL3BPT0h6bVF5UDZWdkU4ak91MDBXNW0xTGpsT0xsbzZ5MXpzajV5c2FvM3krUU90SjUvVUY1NQp3cWVWRW1uOVNxWTZEemp3ZWNoelU3OGFtN1I2end1ZzM1RWp0YTUvbVNvTGlBU0VtcEVTQ1hJUkhiK3BLSXNoCjZFRmNXbFAvcWNnbjVnZEk2aFBodlVwc1l5a2RMWHpQd1VKUVJLYnVPNWVGUGxBUzAzR2QzZz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K -# TODO: generate this dynamically + insecureSkipTLSVerify: true