From c9bbf897c8c6511e35728ddc3f04a29c69dc9b25 Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Tue, 8 Aug 2017 01:02:25 -0400 Subject: [PATCH] Honor --use-service-account-credentials in cloud-controller-manager --- cmd/cloud-controller-manager/app/controllermanager.go | 8 ++++---- cmd/cloud-controller-manager/app/options/options.go | 1 - 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/cmd/cloud-controller-manager/app/controllermanager.go b/cmd/cloud-controller-manager/app/controllermanager.go index 9eedb9f6c2e22..5e48971082431 100644 --- a/cmd/cloud-controller-manager/app/controllermanager.go +++ b/cmd/cloud-controller-manager/app/controllermanager.go @@ -139,7 +139,7 @@ func Run(s *options.CloudControllerManagerServer, cloud cloudprovider.Interface) ClientConfig: kubeconfig, } var clientBuilder controller.ControllerClientBuilder - if len(s.ServiceAccountKeyFile) > 0 && s.UseServiceAccountCredentials { + if s.UseServiceAccountCredentials { clientBuilder = controller.SAControllerClientBuilder{ ClientConfig: restclient.AnonymousClientConfig(kubeconfig), CoreClient: kubeClient.CoreV1(), @@ -150,7 +150,7 @@ func Run(s *options.CloudControllerManagerServer, cloud cloudprovider.Interface) clientBuilder = rootClientBuilder } - err := StartControllers(s, kubeconfig, rootClientBuilder, clientBuilder, stop, recorder, cloud) + err := StartControllers(s, kubeconfig, clientBuilder, stop, recorder, cloud) glog.Fatalf("error running controllers: %v", err) panic("unreachable") } @@ -196,10 +196,10 @@ func Run(s *options.CloudControllerManagerServer, cloud cloudprovider.Interface) } // StartControllers starts the cloud specific controller loops. -func StartControllers(s *options.CloudControllerManagerServer, kubeconfig *restclient.Config, rootClientBuilder, clientBuilder controller.ControllerClientBuilder, stop <-chan struct{}, recorder record.EventRecorder, cloud cloudprovider.Interface) error { +func StartControllers(s *options.CloudControllerManagerServer, kubeconfig *restclient.Config, clientBuilder controller.ControllerClientBuilder, stop <-chan struct{}, recorder record.EventRecorder, cloud cloudprovider.Interface) error { // Function to build the kube client object client := func(serviceAccountName string) clientset.Interface { - return rootClientBuilder.ClientOrDie(serviceAccountName) + return clientBuilder.ClientOrDie(serviceAccountName) } if cloud != nil { diff --git a/cmd/cloud-controller-manager/app/options/options.go b/cmd/cloud-controller-manager/app/options/options.go index 0f5a3e7968957..e3fc1dfedbeac 100644 --- a/cmd/cloud-controller-manager/app/options/options.go +++ b/cmd/cloud-controller-manager/app/options/options.go @@ -75,7 +75,6 @@ func (s *CloudControllerManagerServer) AddFlags(fs *pflag.FlagSet) { fs.DurationVar(&s.NodeMonitorPeriod.Duration, "node-monitor-period", s.NodeMonitorPeriod.Duration, "The period for syncing NodeStatus in NodeController.") fs.DurationVar(&s.NodeStatusUpdateFrequency.Duration, "node-status-update-frequency", s.NodeStatusUpdateFrequency.Duration, "Specifies how often the controller updates nodes' status.") - fs.StringVar(&s.ServiceAccountKeyFile, "service-account-private-key-file", s.ServiceAccountKeyFile, "Filename containing a PEM-encoded private RSA or ECDSA key used to sign service account tokens.") fs.BoolVar(&s.UseServiceAccountCredentials, "use-service-account-credentials", s.UseServiceAccountCredentials, "If true, use individual service account credentials for each controller.") fs.DurationVar(&s.RouteReconciliationPeriod.Duration, "route-reconciliation-period", s.RouteReconciliationPeriod.Duration, "The period for reconciling routes created for Nodes by cloud provider.") fs.BoolVar(&s.ConfigureCloudRoutes, "configure-cloud-routes", true, "Should CIDRs allocated by allocate-node-cidrs be configured on the cloud provider.")