Revert "fix Kubernetes certs"
This reverts commit 803aa03f419531ae0cd82b468d04f3a97b5dfcfc.
Related-Prod: PROD-17783
Change-Id: I75da3f52e8ab556365170b647072f06bc8db75f3
diff --git a/salt/minion/cert/k8s_client_single.yml b/salt/minion/cert/k8s_client_single.yml
index eb7b21c..e9c7d79 100644
--- a/salt/minion/cert/k8s_client_single.yml
+++ b/salt/minion/cert/k8s_client_single.yml
@@ -21,3 +21,21 @@
common_name: system:kube-proxy
signing_policy: cert_client
alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_scheduler:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-scheduler-client.key
+ cert_file: /etc/kubernetes/ssl/kube-scheduler-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-scheduler
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}
+ k8s_controller_manager:
+ host: ${_param:salt_minion_ca_host}
+ authority: ${_param:salt_minion_ca_authority}
+ key_file: /etc/kubernetes/ssl/kube-controller-manager-client.key
+ cert_file: /etc/kubernetes/ssl/kube-controller-manager-client.crt
+ ca_file: /etc/kubernetes/ssl/ca-kubernetes.crt
+ common_name: system:kube-controller-manager
+ signing_policy: cert_client
+ alternative_names: IP:${_param:control_address},IP:${_param:kubernetes_internal_api_address}