diff --git a/pkg/apis/kops/componentconfig.go b/pkg/apis/kops/componentconfig.go index 542371cb191f2..5b469925c3483 100644 --- a/pkg/apis/kops/componentconfig.go +++ b/pkg/apis/kops/componentconfig.go @@ -377,7 +377,7 @@ type KubeControllerManagerConfig struct { // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider. ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` // Controllers is a list of controllers to enable on the controller-manager - Controllers *[]string `json:"controllers,omitempty" flag:"controllers"` + Controllers []string `json:"controllers,omitempty" flag:"controllers"` // CIDRAllocatorType specifies the type of CIDR allocator to use. CIDRAllocatorType *string `json:"cidrAllocatorType,omitempty" flag:"cidr-allocator-type"` // rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle. diff --git a/pkg/apis/kops/v1alpha1/componentconfig.go b/pkg/apis/kops/v1alpha1/componentconfig.go index d13e846b1ba3d..e83bfc2d44a5a 100644 --- a/pkg/apis/kops/v1alpha1/componentconfig.go +++ b/pkg/apis/kops/v1alpha1/componentconfig.go @@ -377,7 +377,7 @@ type KubeControllerManagerConfig struct { // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider. ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` // Controllers is a list of controllers to enable on the controller-manager - Controllers *[]string `json:"controllers,omitempty" flag:"controllers"` + Controllers []string `json:"controllers,omitempty" flag:"controllers"` // CIDRAllocatorType specifies the type of CIDR allocator to use. CIDRAllocatorType *string `json:"cidrAllocatorType,omitempty" flag:"cidr-allocator-type"` // rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle. diff --git a/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go b/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go index 11b45dc0c4083..a1a752763432a 100644 --- a/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go +++ b/pkg/apis/kops/v1alpha1/zz_generated.deepcopy.go @@ -2199,16 +2199,8 @@ func (in *KubeControllerManagerConfig) DeepCopyInto(out *KubeControllerManagerCo } if in.Controllers != nil { in, out := &in.Controllers, &out.Controllers - if *in == nil { - *out = nil - } else { - *out = new([]string) - if **in != nil { - in, out := *in, *out - *out = make([]string, len(*in)) - copy(*out, *in) - } - } + *out = make([]string, len(*in)) + copy(*out, *in) } if in.CIDRAllocatorType != nil { in, out := &in.CIDRAllocatorType, &out.CIDRAllocatorType diff --git a/pkg/apis/kops/v1alpha2/componentconfig.go b/pkg/apis/kops/v1alpha2/componentconfig.go index 2d3d71ec3e9f7..ad8a5e8251e16 100644 --- a/pkg/apis/kops/v1alpha2/componentconfig.go +++ b/pkg/apis/kops/v1alpha2/componentconfig.go @@ -377,7 +377,7 @@ type KubeControllerManagerConfig struct { // ConfigureCloudRoutes enables CIDRs allocated with to be configured on the cloud provider. ConfigureCloudRoutes *bool `json:"configureCloudRoutes,omitempty" flag:"configure-cloud-routes"` // Controllers is a list of controllers to enable on the controller-manager - Controllers *[]string `json:"controllers,omitempty" flag:"controllers"` + Controllers []string `json:"controllers,omitempty" flag:"controllers"` // CIDRAllocatorType specifies the type of CIDR allocator to use. CIDRAllocatorType *string `json:"cidrAllocatorType,omitempty" flag:"cidr-allocator-type"` // rootCAFile is the root certificate authority will be included in service account's token secret. This must be a valid PEM-encoded CA bundle. diff --git a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go index f5caf4cb48107..fce2ee0be598b 100644 --- a/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go +++ b/pkg/apis/kops/v1alpha2/zz_generated.deepcopy.go @@ -2280,16 +2280,8 @@ func (in *KubeControllerManagerConfig) DeepCopyInto(out *KubeControllerManagerCo } if in.Controllers != nil { in, out := &in.Controllers, &out.Controllers - if *in == nil { - *out = nil - } else { - *out = new([]string) - if **in != nil { - in, out := *in, *out - *out = make([]string, len(*in)) - copy(*out, *in) - } - } + *out = make([]string, len(*in)) + copy(*out, *in) } if in.CIDRAllocatorType != nil { in, out := &in.CIDRAllocatorType, &out.CIDRAllocatorType diff --git a/pkg/apis/kops/zz_generated.deepcopy.go b/pkg/apis/kops/zz_generated.deepcopy.go index 9bdc8101ecbef..6d4cbb43611c1 100644 --- a/pkg/apis/kops/zz_generated.deepcopy.go +++ b/pkg/apis/kops/zz_generated.deepcopy.go @@ -2468,16 +2468,8 @@ func (in *KubeControllerManagerConfig) DeepCopyInto(out *KubeControllerManagerCo } if in.Controllers != nil { in, out := &in.Controllers, &out.Controllers - if *in == nil { - *out = nil - } else { - *out = new([]string) - if **in != nil { - in, out := *in, *out - *out = make([]string, len(*in)) - copy(*out, *in) - } - } + *out = make([]string, len(*in)) + copy(*out, *in) } if in.CIDRAllocatorType != nil { in, out := &in.CIDRAllocatorType, &out.CIDRAllocatorType diff --git a/pkg/model/components/kubecontrollermanager.go b/pkg/model/components/kubecontrollermanager.go index f78efb620a92e..d5116f58a42ae 100644 --- a/pkg/model/components/kubecontrollermanager.go +++ b/pkg/model/components/kubecontrollermanager.go @@ -167,5 +167,13 @@ func (b *KubeControllerManagerOptionsBuilder) BuildOptions(o interface{}) error } } + // @check if the node authorization is enabled and if so enable the tokencleaner controller (disabled by default) + // This is responsible for cleaning up bootstrap tokens which have expired + if b.Context.IsKubernetesGTE("1.10") { + if fi.BoolValue(clusterSpec.KubeAPIServer.EnableBootstrapAuthToken) && len(kcm.Controllers) <= 0 { + kcm.Controllers = []string{"*", "tokencleaner"} + } + } + return nil }