From d81abdbcf1b7b0a1d629760ba85548a6ec7de875 Mon Sep 17 00:00:00 2001 From: "Mads H. Danquah" Date: Tue, 11 Apr 2017 06:46:38 +0200 Subject: [PATCH] Move certificate and private-key away from /var/run It is cleared out at reboot. It appears that only the file-name part of --tls-cert-file / --tls-private-key-file is used and that the path is taken from --cert-dir (which defaults to /var/run/kubernetes) so to make the path stick we also add a --cert-dir --- docs/06-kubernetes-worker.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/06-kubernetes-worker.md b/docs/06-kubernetes-worker.md index d7c8285..31a1290 100644 --- a/docs/06-kubernetes-worker.md +++ b/docs/06-kubernetes-worker.md @@ -183,8 +183,9 @@ ExecStart=/usr/bin/kubelet \\ --kubeconfig=/var/lib/kubelet/kubeconfig \\ --serialize-image-pulls=false \\ --register-node=true \\ - --tls-cert-file=/var/run/kubernetes/kubelet-client.crt \\ - --tls-private-key-file=/var/run/kubernetes/kubelet-client.key \\ + --tls-cert-file=/var/lib/kubelet/kubelet-client.crt \\ + --tls-private-key-file=/var/lib/kubelet/kubelet-client.key \\ + --cert-dir=/var/lib/kubelet \\ --v=2 Restart=on-failure RestartSec=5