diff --git a/pkg/asset/ignition/bootstrap/bootstrap.go b/pkg/asset/ignition/bootstrap/bootstrap.go index f9d6b6975c..618f325393 100644 --- a/pkg/asset/ignition/bootstrap/bootstrap.go +++ b/pkg/asset/ignition/bootstrap/bootstrap.go @@ -183,6 +183,7 @@ func (a *Bootstrap) addBootstrapFiles(dependencies asset.Parents) { } func (a *Bootstrap) addBootkubeFiles(dependencies asset.Parents, templateData *bootstrapTemplateData) { + bootkubeConfigOverridesDir := filepath.Join(rootDir, "bootkube-config-overrides") adminKubeconfig := &kubeconfig.Admin{} manifests := &manifests.Manifests{} dependencies.Get(adminKubeconfig, manifests) @@ -191,6 +192,12 @@ func (a *Bootstrap) addBootkubeFiles(dependencies asset.Parents, templateData *b a.Config.Storage.Files, ignition.FileFromString("/opt/tectonic/bootkube.sh", 0555, applyTemplateData(content.BootkubeShFileTemplate, templateData)), ) + for _, o := range content.BootkubeConfigOverrides { + a.Config.Storage.Files = append( + a.Config.Storage.Files, + ignition.FileFromString(filepath.Join(bootkubeConfigOverridesDir, o.Name()), 0600, applyTemplateData(o, templateData)), + ) + } a.Config.Storage.Files = append( a.Config.Storage.Files, ignition.FilesFromAsset(rootDir, 0600, adminKubeconfig)..., diff --git a/pkg/asset/ignition/bootstrap/content/bootkube.go b/pkg/asset/ignition/bootstrap/content/bootkube.go index 0f5251022e..46cd07244f 100644 --- a/pkg/asset/ignition/bootstrap/content/bootkube.go +++ b/pkg/asset/ignition/bootstrap/content/bootkube.go @@ -76,7 +76,8 @@ then --manifest-image=${OPENSHIFT_HYPERSHIFT_IMAGE} \ --asset-input-dir=/assets/tls \ --asset-output-dir=/assets/kube-apiserver-bootstrap \ - --config-output-file=/assets/kube-apiserver-bootstrap/config + --config-output-file=/assets/kube-apiserver-bootstrap/config \ + --config-override-files=/assets/bootkube-config-overrides/kube-apiserver-config-overrides.yaml cp kube-apiserver-bootstrap/config /etc/kubernetes/bootstrap-configs/kube-apiserver-config.yaml cp kube-apiserver-bootstrap/bootstrap-manifests/* bootstrap-manifests/ @@ -95,7 +96,8 @@ then --manifest-image=${OPENSHIFT_HYPERKUBE_IMAGE} \ --asset-input-dir=/assets/tls \ --asset-output-dir=/assets/kube-controller-manager-bootstrap \ - --config-output-file=/assets/kube-controller-manager-bootstrap/config + --config-output-file=/assets/kube-controller-manager-bootstrap/config \ + --config-override-files=/assets/bootkube-config-overrides/kube-controller-manager-config-overrides.yaml cp kube-controller-manager-bootstrap/config /etc/kubernetes/bootstrap-configs/kube-controller-manager-config.yaml cp kube-controller-manager-bootstrap/bootstrap-manifests/* bootstrap-manifests/ @@ -229,3 +231,30 @@ podman run \ start --asset-dir=/assets `)) ) + +var ( + // BootkubeConfigOverrides contains the configuration override files passed to the render commands of the components. + // These are supposed to be customized by the installer where the config differs from the operator render default. + BootkubeConfigOverrides = []*template.Template{ + KubeApiserverConfigOverridesTemplate, + KubeControllerManagerConfigOverridesTemplate, + } +) + +var ( + // KubeApiserverConfigOverridesTemplate are overrides that the installer passes to the default config of the + // kube-apiserver rendered by the cluster-kube-apiserver-operator. + KubeApiserverConfigOverridesTemplate = template.Must(template.New("kube-apiserver-config-overrides.yaml").Parse(` +apiVersion: kubecontrolplane.config.openshift.io/v1 +kind: KubeAPIServerConfig +kubeletClientInfo: + ca: "" # kubelet uses self-signed serving certs. TODO: fix kubelet pki +`)) + + // KubeControllerManagerConfigOverridesTemplate are overrides that the installer passes to the default config of the + // kube-controller-manager rendered by the cluster-kube-controller-manager-operator. + KubeControllerManagerConfigOverridesTemplate = template.Must(template.New("kube-controller-manager-config-overrides.yaml").Parse(` +apiVersion: kubecontrolplane.config.openshift.io/v1 +kind: KubeControllerManagerConfig +`)) +)