github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Cache self-signed loopback cert on startup

pull/22/head
Darren Shepherd 2019-02-07 21:14:20 -07:00
parent af96c908da
commit 5e1ce4aa42
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/daemons/control/server.go
View File

@ -153,6 +153,10 @@ func apiServer(ctx context.Context, cfg *config.Control, runtime *config.Control
} }
} }
certDir := filepath.Join(cfg.DataDir, "tls/temporary-certs")
os.MkdirAll(certDir, 0700)
args = append(args, "--cert-dir", certDir)
args = append(args, "--allow-privileged=true") args = append(args, "--allow-privileged=true")
args = append(args, "--authorization-mode", strings.Join([]string{modes.ModeNode, modes.ModeRBAC}, ",")) args = append(args, "--authorization-mode", strings.Join([]string{modes.ModeNode, modes.ModeRBAC}, ","))
args = append(args, "--service-account-signing-key-file", runtime.ServiceKey) args = append(args, "--service-account-signing-key-file", runtime.ServiceKey)