This is useful only in rancher environment, they are using this in a
very old branch (1.6), they are currently at 2.2.x. There is just no
point in us carrying this code as this is not useful to anyone else
outside of the rancher environment. Let us please remove this code from
upstream.
Change-Id: I5196d0edd79a7809c3a04e6028ddbd01063f224b
kubeadm still generates RSA keys when deploying a node, but also
accepts ECDSA keys if they already exist pregenerated in the
directory specified in --cert-dir.
Add the functionality to support `CreateOrMutateConfigMap` and `MutateConfigMap`.
* `CreateOrMutateConfigMap` will try to create a given ConfigMap object; if this ConfigMap
already exists, a new version of the resource will be retrieved from the server and a
mutator callback will be called on it. Then, an `Update` of the mutated object will be
performed. If there's a conflict during this `Update` operation, retry until no conflict
happens. On every retry the object is refreshed from the server to the latest version.
* `MutateConfigMap` will try to get the latest version of the ConfigMap from the server,
call the mutator callback and then try to `Update` the mutated object. If there's a
conflict during this `Update` operation, retry until no conflict happens. On every retry
the object is refreshed from the server to the latest version.
Add unit tests for `MutateConfigMap`
* One test checks that in case of no conflicts, the update of the
given ConfigMap happens without any issues.
* Another test mimics 5 consecutive CONFLICT responses when updating
the given ConfigMap, whereas the sixth try it will work.
The function certs.NewCACertAndKey() is just a wrapper around
pkiutil.NewCertificateAuthority() which doesn't add any
additional functionality.
Instead use pkiutil.NewCertificateAuthority() directly.
use split host port func instead trim specific character
add unit test for metrics and healthz bind address
recover import package
refactor set default kube proxy configuration
fix ipv4 condition
fix set default port condition
rewrite call function occasion to reduce error
set ipv6 default value
move get GetBindAddressHostPort to util
use one func to handle deprecated series
update bazel
define address type
return earlier in the error case
refactor set default kube proxy configuration logic
recover import package
preserve some of the original comments
add get default address func
add append port if needed unit test
rewrite unit test for deprecated flags
remove unused codes
Currently kubeadm produces an error upon parsing multiple
certificates stored in the cluster-info configmap. Yet it
should check all available certificates in a scenario like
CA key rotation.
Check all available CA certs against pinned certificate hashes.
Fixes https://github.com/kubernetes/kubeadm/issues/1399
Kubernetes Prow Robot