Use curl (not socat) in apiserver anchor readiness
Update the kubernetes apiserver anchor pod to use curl instead of socat for its readiness probe. Change-Id: Id102d6542fa21b6d692781f81d250a3231e18771
This commit is contained in:
parent
59e1f8af83
commit
6a17e4fccd
|
@ -88,10 +88,12 @@ spec:
|
||||||
- -c
|
- -c
|
||||||
- |-
|
- |-
|
||||||
grep -q "created-by: ${POD_NAME}" "${MANIFEST_PATH}" || exit 1
|
grep -q "created-by: ${POD_NAME}" "${MANIFEST_PATH}" || exit 1
|
||||||
if [ ! -f /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem ]; then
|
[ "$(curl -s -S -o /dev/null \
|
||||||
cat /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem <(echo) /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem > /host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem
|
--cert "/host{{ .Values.apiserver.host_etc_path }}/pki/apiserver.pem" \
|
||||||
fi
|
--key "/host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-key.pem" \
|
||||||
echo -e 'GET /healthz HTTP/1.0\r\n' | socat - openssl:localhost:{{ .Values.network.kubernetes_apiserver.port }},cert=/host{{ .Values.apiserver.host_etc_path }}/pki/apiserver-both.pem,cafile=/host{{ .Values.apiserver.host_etc_path }}/pki/cluster-ca.pem | grep '200 OK'
|
--cacert "/host{{ .Values.apiserver.host_etc_path }}/pki/cluster-ca.pem" \
|
||||||
|
"https://localhost:{{ .Values.network.kubernetes_apiserver.port }}/healthz" \
|
||||||
|
-w "%{http_code}")" = "200" ]
|
||||||
exit $?
|
exit $?
|
||||||
initialDelaySeconds: 10
|
initialDelaySeconds: 10
|
||||||
periodSeconds: 5
|
periodSeconds: 5
|
||||||
|
|
Loading…
Reference in New Issue