From 82d81d9f53c4b218e9972203d42a5ea178225e0a Mon Sep 17 00:00:00 2001 From: John Hixson Date: Wed, 24 Jul 2019 12:17:05 -0700 Subject: [PATCH] data/data/bootstrap: use loopback kubeconfig for API access --- data/data/bootstrap/files/usr/local/bin/bootkube.sh.template | 2 +- data/data/bootstrap/systemd/units/approve-csr.service | 2 +- data/data/bootstrap/systemd/units/openshift.service | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template b/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template index 4bcec4de461..2ed508a3dec 100755 --- a/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template +++ b/data/data/bootstrap/files/usr/local/bin/bootkube.sh.template @@ -71,7 +71,7 @@ then cp cvo-bootstrap/bootstrap/* bootstrap-manifests/ cp cvo-bootstrap/manifests/* manifests/ ## FIXME: CVO should use `/etc/kubernetes/bootstrap-secrets/kubeconfig` instead - cp auth/kubeconfig /etc/kubernetes/kubeconfig + cp auth/kubeconfig-loopback /etc/kubernetes/kubeconfig touch cvo-bootstrap.done fi diff --git a/data/data/bootstrap/systemd/units/approve-csr.service b/data/data/bootstrap/systemd/units/approve-csr.service index abd943b62ff..1c7318898b4 100644 --- a/data/data/bootstrap/systemd/units/approve-csr.service +++ b/data/data/bootstrap/systemd/units/approve-csr.service @@ -4,7 +4,7 @@ Wants=bootkube.service After=bootkube.service [Service] -ExecStart=/usr/local/bin/approve-csr.sh /opt/openshift/auth/kubeconfig +ExecStart=/usr/local/bin/approve-csr.sh /opt/openshift/auth/kubeconfig-loopback Restart=on-failure RestartSec=5s diff --git a/data/data/bootstrap/systemd/units/openshift.service b/data/data/bootstrap/systemd/units/openshift.service index c09bc11e709..bb0d2207e8d 100644 --- a/data/data/bootstrap/systemd/units/openshift.service +++ b/data/data/bootstrap/systemd/units/openshift.service @@ -6,7 +6,7 @@ ConditionPathExists=!/opt/openshift/.openshift.done [Service] WorkingDirectory=/opt/openshift/openshift -ExecStart=/usr/local/bin/openshift.sh /opt/openshift/auth/kubeconfig +ExecStart=/usr/local/bin/openshift.sh /opt/openshift/auth/kubeconfig-loopback Restart=on-failure RestartSec=5s