Skip setting up client tls when etcd server does not have tls enabled

Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
2022-03-29 11:45:21 -07:00 · 2022-03-29 11:45:21 -07:00 · 4eb3a48862
parent 98036cedf4
commit 4eb3a48862
1 changed files with 9 additions and 7 deletions
--- a/pkg/etcd/etcd.go
+++ b/pkg/etcd/etcd.go
@ -608,18 +608,20 @@ func getClientConfig(ctx context.Context, runtime *config.ControlRuntime, endpoi
 	if len(endpoints) == 0 {
 		endpoints = getEndpoints(runtime)
 	}
-	tlsConfig, err := toTLSConfig(runtime)
-	if err != nil {
-		return nil, err
-	}
-	return &etcd.Config{
+
+	config := &etcd.Config{
 		Endpoints:            endpoints,
-		TLS:                  tlsConfig,
 		Context:              ctx,
 		DialTimeout:          defaultDialTimeout,
 		DialKeepAliveTime:    defaultKeepAliveTime,
 		DialKeepAliveTimeout: defaultKeepAliveTimeout,
-	}, nil
+	}
+
+	var err error
+	if strings.HasPrefix(endpoints[0], "https://") {
+		config.TLS, err = toTLSConfig(runtime)
+	}
+	return config, err
 }

 // getEndpoints returns the endpoints from the runtime config if set, otherwise the default endpoint.