m/n/kubernetes: factor out generating KPKI, support multiple endpoints in Kubeconfig
Change-Id: I0e648c24ffa134314a03715575d1af1b925fd450
Reviewed-on: https://review.monogon.dev/c/monogon/+/1377
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
Tested-by: Jenkins CI
diff --git a/metropolis/node/kubernetes/service_controller.go b/metropolis/node/kubernetes/service_controller.go
index 5d9580f..da92b7f 100644
--- a/metropolis/node/kubernetes/service_controller.go
+++ b/metropolis/node/kubernetes/service_controller.go
@@ -76,7 +76,7 @@
return fmt.Errorf("could not generate scheduler pki config: %w", err)
}
- masterKubeconfig, err := s.c.KPKI.Kubeconfig(ctx, pki.Master)
+ masterKubeconfig, err := s.c.KPKI.Kubeconfig(ctx, pki.Master, pki.KubernetesAPIEndpointForController)
if err != nil {
return fmt.Errorf("could not generate master kubeconfig: %w", err)
}
@@ -243,7 +243,7 @@
if err != nil {
return nil, status.Errorf(codes.Unavailable, "Failed to get volatile client certificate: %v", err)
}
- kubeconfig, err := pki.Kubeconfig(ctx, s.c.KPKI.KV, client)
+ kubeconfig, err := pki.Kubeconfig(ctx, s.c.KPKI.KV, client, pki.KubernetesAPIEndpointForController)
if err != nil {
return nil, status.Errorf(codes.Unavailable, "Failed to generate kubeconfig: %v", err)
}