Fix bug in renewer code

pull/707/merge^2
Carl Tashian 2022-03-22 14:54:26 -07:00
parent 300f2fc77c
commit 340050478d
1 changed files with 5 additions and 10 deletions

View File

@ -142,8 +142,7 @@ sudo mkdir /etc/systemd/system/cert-renewer@kube-controller-manager.service.d
cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-controller-manager.service.d/override.conf cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-controller-manager.service.d/override.conf
[Service] [Service]
Environment=STEPPATH=/root/.step \\ Environment=STEPPATH=/root/.step \\
CERT_LOCATION=/var/lib/kubernetes/kube-controller-manager.pem CERT_LOCATION=/var/lib/kubernetes/kube-controller-manager.pem \\
\\
KEY_LOCATION=/var/lib/kubernetes/kube-controller-manager-key.pem KEY_LOCATION=/var/lib/kubernetes/kube-controller-manager-key.pem
ExecStartPost=kubectl config set-credentials system:kube-controller-manager \\ ExecStartPost=kubectl config set-credentials system:kube-controller-manager \\
@ -167,8 +166,7 @@ sudo mkdir /etc/systemd/system/cert-renewer@kube-scheduler.service.d
cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-scheduler.service.d/override.conf cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-scheduler.service.d/override.conf
[Service] [Service]
Environment=STEPPATH=/root/.step \\ Environment=STEPPATH=/root/.step \\
CERT_LOCATION=/var/lib/kubernetes/kube-scheduler.pem CERT_LOCATION=/var/lib/kubernetes/kube-scheduler.pem \\
\\
KEY_LOCATION=/var/lib/kubernetes/kube-scheduler-key.pem KEY_LOCATION=/var/lib/kubernetes/kube-scheduler-key.pem
ExecStartPost=kubectl config set-credentials system:kube-scheduler \\ ExecStartPost=kubectl config set-credentials system:kube-scheduler \\
@ -212,8 +210,7 @@ sudo mkdir /etc/systemd/system/cert-renewer@kube-service-account.service.d
cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-service-account.service.d/override.conf cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-service-account.service.d/override.conf
[Service] [Service]
Environment=STEPPATH=/root/.step \\ Environment=STEPPATH=/root/.step \\
CERT_LOCATION=/var/lib/kubernetes/service-account.pem CERT_LOCATION=/var/lib/kubernetes/service-account.pem \\
\\
KEY_LOCATION=/var/lib/kubernetes/service-account-key.pem KEY_LOCATION=/var/lib/kubernetes/service-account-key.pem
; Restart services that use the service account certificate or key ; Restart services that use the service account certificate or key
@ -244,8 +241,7 @@ sudo mkdir /etc/systemd/system/cert-renewer@kubelet.service.d
cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kubelet.service.d/override.conf cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kubelet.service.d/override.conf
[Service] [Service]
Environment=STEPPATH=/root/.step \\ Environment=STEPPATH=/root/.step \\
CERT_LOCATION=/var/lib/kubelet/${HOSTNAME}.pem CERT_LOCATION=/var/lib/kubelet/${HOSTNAME}.pem \\
\\
KEY_LOCATION=/var/lib/kubelet/${HOSTNAME}-key.pem KEY_LOCATION=/var/lib/kubelet/${HOSTNAME}-key.pem
; Restart services that use the service account certificate or key ; Restart services that use the service account certificate or key
@ -264,8 +260,7 @@ sudo mkdir /etc/systemd/system/cert-renewer@kube-proxy.service.d
cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-proxy.service.d/override.conf cat <<EOF | sudo tee /etc/systemd/system/cert-renewer@kube-proxy.service.d/override.conf
[Service] [Service]
Environment=STEPPATH=/root/.step \\ Environment=STEPPATH=/root/.step \\
CERT_LOCATION=/var/lib/kube-proxy/kube-proxy.pem CERT_LOCATION=/var/lib/kube-proxy/kube-proxy.pem \\
\\
KEY_LOCATION=/var/lib/kube-proxy/kube-proxy.pem KEY_LOCATION=/var/lib/kube-proxy/kube-proxy.pem
ExecStartPost=kubectl config set-credentials system:kube-proxy \\ ExecStartPost=kubectl config set-credentials system:kube-proxy \\