-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add domain support for certgen.sh #3808
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@lwabish Why do you build the certs manually instead of using the certs generted by cloudcore?
I was following the Enable kubectl logs Feature steps after install cloudcore and init my edge node. @fisherxu |
Ok, it should only use the stream func. |
yes,indeed. So should I leave the genCert() funciton as it was? |
stream is only used to the communition between cloudcore and apiserver, I think the domain name is used to communicate between cloudhub and edgehub, so it's no need to add the domain name in stream's certs. And genCert haven't been used now.. |
oh I see. |
@ramezanius: adding LGTM is restricted to approvers and reviewers in OWNERS files. In response to this: Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Yes, if the cloudocre domain used for edgeside, the domain name maybe a public domain. If apiserver connects to the cloudcore, it may not have to use that public domin, domain name incluster should be also fine, like Anyway, set the domain name in stream's certs is reasonable, and can we set another env value like |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good, and could you please squash the 4 commits? Thanks.
previous commits squashed. |
Yes, fetch upstream commit is no needed here :) |
1. when CLOUDCOREIPS env contains spaces, `-z ${CLOUDCOREIPS}` could lead to error, double quote is indispensable. 2. in some cases domain names are provided when running `./certgen.sh stream` Signed-off-by: lwabish <wubw@pku.edu.cn>
done |
Thanks, and would you like to update the docs? Ref: https://github.com/kubeedge/website/blob/master/content/en/docs/setup/keadm.md#enable-kubectl-logs-feature |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: fisherxu, ramezanius The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
sure, i'll work on it later. |
What type of PR is this?
/kind bug
What this PR does / why we need it:
the original script failed when providing a domain name.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: