kubernetes
/
minikube
mirror of https://github.com/kubernetes/minikube.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add the daemon host address as Alternate Name if it's not an IP

pull/10873/head
Tom Di Nunzio 2021-03-19 11:03:20 +02:00
parent d42ff1ae8d
commit c1b092adb1
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
pkg/minikube/bootstrapper/certs.go
View File

@ -199,15 +199,22 @@ func generateProfileCerts(k8s config.KubernetesConfig, n config.Node, ccs CACert
apiServerIPs := append(k8s.APIServerIPs, apiServerIPs := append(k8s.APIServerIPs,
net.ParseIP(n.IP), serviceIP, net.ParseIP(oci.DefaultBindIPV4), net.ParseIP("10.0.0.1")) net.ParseIP(n.IP), serviceIP, net.ParseIP(oci.DefaultBindIPV4), net.ParseIP("10.0.0.1"))
if v := oci.DaemonHost(k8s.ContainerRuntime); v != oci.DefaultBindIPV4 {
apiServerIPs = append(apiServerIPs, net.ParseIP(v))
}
apiServerNames := append(k8s.APIServerNames, k8s.APIServerName, constants.ControlPlaneAlias) apiServerNames := append(k8s.APIServerNames, k8s.APIServerName, constants.ControlPlaneAlias)
apiServerAlternateNames := append( apiServerAlternateNames := append(
apiServerNames, apiServerNames,
util.GetAlternateDNS(k8s.DNSDomain)...) util.GetAlternateDNS(k8s.DNSDomain)...)
daemonHost := oci.DaemonHost(k8s.ContainerRuntime)
if daemonHost != oci.DefaultBindIPV4 {
daemonHostIP := net.ParseIP(daemonHost)
// if daemonHost is an IP we add it to the certificate's IPs, otherwise we assume it's an hostname and add it to the alternate names
if daemonHostIP != nil {
apiServerIPs = append(apiServerIPs, daemonHostIP)
} else {
apiServerAlternateNames = append(apiServerAlternateNames, daemonHost)
}
}
// Generate a hash input for certs that depend on ip/name combinations // Generate a hash input for certs that depend on ip/name combinations
hi := []string{} hi := []string{}
hi = append(hi, apiServerAlternateNames...) hi = append(hi, apiServerAlternateNames...)