Skip to content

Commit 044cd26

Browse files
author
Kubernetes Submit Queue
authored
Merge pull request kubernetes#60818 from jpbetz/etcd-image-creds-1.8
Automatic merge from submit-queue. Pass in etcd TLS credentials during migrate and rollback: 1.8 edition 1.8 edition of kubernetes#60808 : "For HA etcd clusters, the etcd-creds settings, specifically the --peer-* TLS flags that may be included, must be passed in to start-stop-etcd.sh in order for the etcd server mode started during migrate and rollback steps to be able to communicate between peers." **Release note**: ```release-note NONE ```
2 parents 616a050 + c93560b commit 044cd26

File tree

2 files changed

+9
-1
lines changed

2 files changed

+9
-1
lines changed

cluster/images/etcd/migrate-if-needed.sh

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -98,13 +98,17 @@ fi
9898

9999
# Starts 'etcd' version ${START_VERSION} and writes to it:
100100
# 'etcd_version' -> "${START_VERSION}"
101+
# ETCD_CREDS may optionally be set to provide flags for TLS credentials
102+
# such as '--cert-file' and '--peer-cert-file'. For a complete list of
103+
# flags, see https://coreos.com/etcd/docs/latest/op-guide/security.html.
101104
# Successful write confirms that etcd is up and running.
102105
# Sets ETCD_PID at the end.
103106
# Returns 0 if etcd was successfully started, non-0 otherwise.
104107
start_etcd() {
105108
# Use random ports, so that apiserver cannot connect to etcd.
106109
ETCD_PORT=18629
107110
ETCD_PEER_PORT=2380
111+
ETCD_CREDS="${ETCD_CREDS:-}"
108112
# Avoid collisions between etcd and event-etcd.
109113
case "${DATA_DIRECTORY}" in
110114
*event*)
@@ -127,7 +131,8 @@ start_etcd() {
127131
--listen-client-urls http://127.0.0.1:${ETCD_PORT} \
128132
--advertise-client-urls http://127.0.0.1:${ETCD_PORT} \
129133
--listen-peer-urls http://127.0.0.1:${ETCD_PEER_PORT} \
130-
--initial-advertise-peer-urls http://127.0.0.1:${ETCD_PEER_PORT} &
134+
--initial-advertise-peer-urls http://127.0.0.1:${ETCD_PEER_PORT} \
135+
${ETCD_CREDS} &
131136
ETCD_PID=$!
132137
# Wait until we can write to etcd.
133138
for i in $(seq 240); do

cluster/saltbase/salt/etcd/etcd.manifest

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,9 @@
6060
},
6161
{ "name": "DATA_DIRECTORY",
6262
"value": "/var/etcd/data{{ suffix }}"
63+
},
64+
{ "name": "ETCD_CREDS",
65+
"value": "{{ etcd_creds }}"
6366
}
6467
],
6568
"livenessProbe": {

0 commit comments

Comments
 (0)