Skip to content

Commit

Permalink
cherry-pick: fix: ensure /etc/kubernetes/certs exists before generati…
Browse files Browse the repository at this point in the history
…ng kubelet serving cert (#5583)

Co-authored-by: Cameron Meissner <[email protected]>
  • Loading branch information
cameronmeissner and Cameron Meissner authored Jan 15, 2025
1 parent 832e6be commit c3dc2c0
Show file tree
Hide file tree
Showing 176 changed files with 272 additions and 87 deletions.
2 changes: 2 additions & 0 deletions parts/linux/cloud-init/artifacts/cse_config.sh
Original file line number Diff line number Diff line change
Expand Up @@ -406,6 +406,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+Containerd/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+Containerd/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+Docker/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+Docker/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+GPUDedicatedVHD/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+K8S115/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+K8S115/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+K8S117/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+K8S117/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+K8S118/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+K8S118/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+KubeletConfigFile/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+OSKubeletDisk/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+OSKubeletDisk/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+TempDiskExplicit/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1604+TempDiskToggle/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1604+TempDiskToggle/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1804+ArtifactStreaming/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1804+Containerd+Certsd/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1804+Containerd+Kubenet/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
2 changes: 1 addition & 1 deletion pkg/agent/testdata/AKSUbuntu1804+Containerd+MIG/CustomData

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1804+Containerd+MIG/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions pkg/agent/testdata/AKSUbuntu1804+Containerd+MotD/line70.sh
Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -396,6 +396,8 @@ getPrimaryNicIP() {
}

generateSelfSignedKubeletServingCertificate() {
mkdir -p "/etc/kubernetes/certs"

KUBELET_SERVER_PRIVATE_KEY_PATH="/etc/kubernetes/certs/kubeletserver.key"
KUBELET_SERVER_CERT_PATH="/etc/kubernetes/certs/kubeletserver.crt"

Expand Down
Loading

0 comments on commit c3dc2c0

Please sign in to comment.