From a3dcabdb2eb0041d175285a4a8a27448cacb9bdc Mon Sep 17 00:00:00 2001 From: qinghui wang Date: Mon, 22 Feb 2021 12:53:34 +0800 Subject: [PATCH 1/2] kubefedcluster use cadata in kubeconfig file --- pkg/kubefedctl/join.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/pkg/kubefedctl/join.go b/pkg/kubefedctl/join.go index b839b909f6..9f76e191b9 100644 --- a/pkg/kubefedctl/join.go +++ b/pkg/kubefedctl/join.go @@ -272,6 +272,10 @@ func joinClusterForNamespace(hostConfig, clusterConfig *rest.Config, kubefedName disabledTLSValidations = append(disabledTLSValidations, fedv1b1.TLSAll) } + if clusterConfig.CAData != nil { + caBundle = clusterConfig.CAData + } + kubefedCluster, err := createKubeFedCluster(client, joiningClusterName, clusterConfig.Host, secret.Name, kubefedNamespace, caBundle, disabledTLSValidations, dryRun, errorOnExisting) if err != nil { From e983b1c01bc2a29195ec2bd00f5f50531b8d4da0 Mon Sep 17 00:00:00 2001 From: qinghui wang Date: Tue, 2 Mar 2021 16:54:46 +0800 Subject: [PATCH 2/2] document the change --- docs/cluster-registration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/cluster-registration.md b/docs/cluster-registration.md index f63a3076f5..52e41859d7 100644 --- a/docs/cluster-registration.md +++ b/docs/cluster-registration.md @@ -25,6 +25,7 @@ Repeat this step to join any additional clusters. **NOTE:** `cluster-context` will default to use the joining cluster name if not specified. +**NOTE:** Before the [PR](https://github.com/kubernetes-sigs/kubefed/pull/1361), `kubefed` automatically fetches apiserver's `certificate-authority-data` from member cluster, after that kubefed will use `certificate-authority-data` in joining cluster's kubeconfig file. # Checking status of joined clusters