mirror of https://github.com/k3s-io/k3s
860cae0933
Automatic merge from submit-queue specify custom ca file to verify the keystone server <!-- Thanks for sending a pull request! Here are some tips for you: 1. If this is your first time, read our contributor guidelines https://github.com/kubernetes/kubernetes/blob/master/CONTRIBUTING.md and developer guide https://github.com/kubernetes/kubernetes/blob/master/docs/devel/development.md 2. If you want *faster* PR reviews, read how: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/faster_reviews.md 3. Follow the instructions for writing a release note: https://github.com/kubernetes/kubernetes/blob/master/docs/devel/pull-requests.md#release-notes --> **What this PR does / why we need it**: Sometimes the keystone server's certificate is self-signed, mainly used for internal development, testing and etc. For this kind of ca, we need a way to verify the keystone server. Otherwise, below error will occur. > x509: certificate signed by unknown authority This patch provide a way to pass in a ca file to verify the keystone server when starting `kube-apiserver`. **Which issue this PR fixes** : fixes #22695, #24984 **Special notes for your reviewer**: **Release note**: <!-- Steps to write your release note: 1. Use the release-note-* labels to set the release note state (if you have access) 2. Enter your extended release note in the below block; leaving it blank means using the PR title as the release note. If no release note is required, just write `NONE`. --> ``` release-note ``` |
||
|---|---|---|
| .. | ||
| admission | ||
| api | ||
| apimachinery | ||
| apis | ||
| apiserver | ||
| auth | ||
| capabilities | ||
| client | ||
| cloudprovider | ||
| controller | ||
| conversion | ||
| credentialprovider | ||
| dns | ||
| fieldpath | ||
| fields | ||
| generated | ||
| genericapiserver | ||
| healthz | ||
| httplog | ||
| hyperkube | ||
| kubectl | ||
| kubelet | ||
| kubemark | ||
| labels | ||
| master | ||
| metrics | ||
| probe | ||
| proxy | ||
| quota | ||
| registry | ||
| routes | ||
| runtime | ||
| security | ||
| securitycontext | ||
| selection | ||
| serviceaccount | ||
| ssh | ||
| storage | ||
| types | ||
| util | ||
| version | ||
| volume | ||
| watch | ||
| OWNERS | ||