Skip to content
This repository has been archived by the owner on Mar 28, 2020. It is now read-only.

*: make default etcd version to 3.2.10 #1607

Merged
merged 1 commit into from
Nov 18, 2017
Merged

*: make default etcd version to 3.2.10 #1607

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@

### Changed

- Default base image is changed to `gcr.io/etcd-development/etcd`, default etcd version is `3.2.10`.

### Removed

### Fixed
Expand Down
31 changes: 16 additions & 15 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ See the [Resources and Labels](./doc/user/resource_labels.md) doc for an overvie
## Requirements

- Kubernetes 1.8+
- etcd 3.1+
- etcd 3.2.10+

## Demo

Expand Down Expand Up @@ -101,7 +101,7 @@ metadata:
name: "example-etcd-cluster"
spec:
size: 5
version: "3.1.8"
version: "3.2.10"
```

Apply the size change to the cluster CR:
Expand Down Expand Up @@ -129,7 +129,7 @@ metadata:
name: "example-etcd-cluster"
spec:
size: 3
version: "3.1.8"
version: "3.2.10"
```
```
$ kubectl apply -f example/example-etcd-cluster.yaml
Expand Down Expand Up @@ -214,58 +214,59 @@ example-etcd-cluster-0003 1/1 Running 0 1m
Have the following yaml file ready:

```
$ cat 3.0-etcd-cluster.yaml
$ cat upgrade-example.yaml
apiVersion: "etcd.database.coreos.com/v1beta2"
kind: "EtcdCluster"
metadata:
name: "example-etcd-cluster"
spec:
size: 3
version: "3.0.16"
version: "3.1.10"
baseImage: "quay.io/coreos/etcd"
```

Create an etcd cluster with the version specified (3.0.16) in the yaml file:
Create an etcd cluster with the version specified (3.1.10) in the yaml file:

```
$ kubectl apply -f 3.0-etcd-cluster.yaml
$ kubectl apply -f upgrade-example.yaml
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
example-etcd-cluster-0000 1/1 Running 0 37s
example-etcd-cluster-0001 1/1 Running 0 25s
example-etcd-cluster-0002 1/1 Running 0 14s
```

The container image version should be 3.0.16:
The container image version should be 3.1.10:

```
$ kubectl get pod example-etcd-cluster-0000 -o yaml | grep "image:" | uniq
image: quay.io/coreos/etcd:v3.0.16
image: quay.io/coreos/etcd:v3.1.10
```

Now modify the file `3.0-etcd-cluster.yaml` and change the `version` from 3.0.16 to 3.1.8:
Now modify the file `upgrade-example` and change the `version` from 3.1.10 to 3.2.10:

```
$ cat 3.0-etcd-cluster.yaml
$ cat upgrade-example
apiVersion: "etcd.database.coreos.com/v1beta2"
kind: "EtcdCluster"
metadata:
name: "example-etcd-cluster"
spec:
size: 3
version: "3.1.8"
version: "3.2.10"
```

Apply the version change to the cluster CR:

```
$ kubectl apply -f 3.0-etcd-cluster.yaml
$ kubectl apply -f upgrade-example
```

Wait ~30 seconds. The container image version should be updated to v3.1.8:
Wait ~30 seconds. The container image version should be updated to v3.2.10:

```
$ kubectl get pod example-etcd-cluster-0000 -o yaml | grep "image:" | uniq
image: quay.io/coreos/etcd:v3.1.8
image: gcr.io/etcd-development/etcd:v3.2.10
```

Check the other two pods and you should see the same result.
Expand Down
4 changes: 2 additions & 2 deletions doc/user/cluster_tls.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,8 +35,8 @@ The example cluster YAML manifest and example certs can be found in [example/tls

The peer TLS assets should have the following:
- **peer.crt**: peer communication cert.
The certificate should allow wildcard domain `*.${clusterName}.${namespace}.svc`.
In this case, it is `*.example.default.svc`.
The certificate should allow wildcard domain `*.${clusterName}.${namespace}.svc` and `*.${clusterName}.${namespace}.svc.${cluster_domain}`.
In our case, it is `*.example.default.svc` and `*.example.default.svc.cluster.local`.
- **peer.key**: peer communication key.
- **peer-ca.crt**: CA cert for this peer key-cert pair.

Expand Down
2 changes: 1 addition & 1 deletion doc/user/spec_examples.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ This will use default version that etcd operator chooses.
```yaml
spec:
size: 3
version: "3.1.8"
version: "3.2.10"
```

### Three members cluster with node selector and anti-affinity
Expand Down
2 changes: 1 addition & 1 deletion doc/user/walkthrough/backup-operator.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ apiVersion: etcd.database.coreos.com/v1beta2
kind: EtcdBackup
...
status:
s3Path: mybucket/v1/default/example-etcd-cluster/3.1.8_0000000000000001_etcd.backup
s3Path: mybucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup
succeeded: true
```

Expand Down
4 changes: 2 additions & 2 deletions doc/user/walkthrough/restore-operator.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,10 +76,10 @@ Create a Kubernetes secret that contains AWS credentials and config. This is use

Create the `EtcdRestore` CR:

>Note: This example uses k8s secret "aws" and S3 path "mybucket/v1/default/example-etcd-cluster/3.1.8_0000000000000001_etcd.backup"
>Note: This example uses k8s secret "aws" and S3 path "mybucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup"

```sh
sed -e 's|<full-s3-path>|mybucket/v1/default/example-etcd-cluster/3.1.8_0000000000000001_etcd.backup|g' \
sed -e 's|<full-s3-path>|mybucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup|g' \
-e 's|<aws-secret>|aws|g' \
example/etcd-restore-operator/restore_cr.yaml \
| kubectl create -f -
Expand Down
5 changes: 3 additions & 2 deletions example/etcd-restore-operator/restore_cr.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,10 @@ metadata:
spec:
clusterSpec:
size: 3
version: "3.1.8"
version: 3.2.10
baseImage: "gcr.io/etcd-development/etcd"
s3:
# The format of "path" must be: "<s3-bucket-name>/<path-to-backup-file>"
# e.g: "etcd-snapshot-bucket/v1/default/example-etcd-cluster/3.1.8_0000000000000001_etcd.backup"
# e.g: "etcd-snapshot-bucket/v1/default/example-etcd-cluster/3.2.10_0000000000000001_etcd.backup"
path: <full-s3-path>
awsSecret: <aws-secret>
2 changes: 1 addition & 1 deletion example/example-etcd-cluster.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,4 @@ metadata:
name: "example-etcd-cluster"
spec:
size: 3
version: "3.1.8"
version: "3.2.10"
34 changes: 34 additions & 0 deletions example/tls/certs/ca-config.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
{
"signing": {
"default": {
"expiry": "43800h"
},
"profiles": {
"server": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"server auth"
]
},
"client": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"client auth"
]
},
"peer": {
"expiry": "43800h",
"usages": [
"signing",
"key encipherment",
"server auth",
"client auth"
]
}
}
}
}
16 changes: 16 additions & 0 deletions example/tls/certs/ca-csr.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"CN": "My own CA",
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "US",
"L": "CA",
"O": "My Company Name",
"ST": "San Francisco",
"OU": "Org Unit 1"
}
]
}
35 changes: 18 additions & 17 deletions example/tls/certs/etcd-client-ca.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,22 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDujCCAqKgAwIBAgIUc1U4246CFKu48X11jNH1wol8R1IwDQYJKoZIhvcNAQEL
MIID3jCCAsagAwIBAgIUKXbvWUAgVnL7iVUcet3e4x1qH70wDQYJKoZIhvcNAQEL
BQAwdTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lzY28xCzAJBgNV
BAcTAkNBMRgwFgYDVQQKEw9NeSBDb21wYW55IE5hbWUxEzARBgNVBAsTCk9yZyBV
bml0IDIxEjAQBgNVBAMTCU15IG93biBDQTAeFw0xNzA4MDQwMDU1MDBaFw0yMjA4
MDMwMDU1MDBaMHUxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1TYW4gRnJhbmNpc2Nv
bml0IDExEjAQBgNVBAMTCU15IG93biBDQTAeFw0xNzEwMzEyMjUzMDBaFw0yMjEw
MzAyMjUzMDBaMHUxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1TYW4gRnJhbmNpc2Nv
MQswCQYDVQQHEwJDQTEYMBYGA1UEChMPTXkgQ29tcGFueSBOYW1lMRMwEQYDVQQL
EwpPcmcgVW5pdCAyMRIwEAYDVQQDEwlNeSBvd24gQ0EwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDMzC1UukJS8nUJR/wS+65VvO0ifCQRY+i2sFZuoAYm
MuZDcVBBL4wklv3/A6PiK0PjoI4jeHvgsPl+/IxIazj3Wih/bJ0vPXqorettLbL2
39YiaP6PUaTqK7UacCLGC+gWnQ/3BQ0ksRyJPhaj0y8F2dJXBMPjYa73j0CI3au9
r4ENYk1gL5c97bp6nOElPaceVnxhdumQROkNwlYIP5Yg0NRHcvgmQpcd0YfxhYnd
3NrXy7TWYQWprTjDxN3P3VoecBSmmsa3NKHWmgXkb5oydfJ2quEAVxZyDNdyLEgd
TCWPXFmJCxRW8e0vg9R97EGuqAYuk7u2qvwZMeuljaifAgMBAAGjQjBAMA4GA1Ud
DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT8isnuZ7ofP3Op
W1cfE/N9nbLnBDANBgkqhkiG9w0BAQsFAAOCAQEAHi/Q9bF4/jYHYf07fOFsCQSF
A3b8w4fkEUifxHoBxmBBEytsKf0R9wcq21bJgQ4l76whM+Msqp6rtuJlIQL2Kn7z
zowgvYbkYyx8JUbLxKSv630n0QpnXlGkYgNpa0OKhvS4Ydr9BO6qB2Z1p8/5PdJx
FUs92nrD8b+ROS85YEbz5Txs0ztSWlvjs17WOIgQHaBGC651Z8RfLXfMefZEXARU
4hFHVOmwNOaA9PjOaH+AdpI6ShQNX7IhApRahdRxRMwaenE8OatQAaNr7mCjjw1h
7MmqiR65dhsYJNJcKRIN/heEc/jR4asXA4gmq5l0QnOUahbiRO9MGtG/yq2lFA==
EwpPcmcgVW5pdCAxMRIwEAYDVQQDEwlNeSBvd24gQ0EwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDgwydE2HYdqTiz//bMSL/C4w2y4DDMjGZgNdo50VIl
QniiNDrPRB8Xt1fY4MO3VAyLWU934YKssrsqSDn1PE/Fcc5yURKaMc+rsSlGr8Qn
E/W551OuEIAKujPKhIIBk6X4mBVQWEQnjVskAD0aEjYtoo4I/+9F67Rklub5fXwE
ESsB5yf812zWSzC51Ls0s1Uc80h5buh4p7HtFDOY0oCNxNx2Ou21xn5qqpG/1flY
ReHHKmuvRWwnxQdQu+qrill8j/H48Ly6ZGSV47Qqiw7Hb2JK2vnsf95Pp8nEProU
53M5V5y5WHW8VH0sVgzjgc0rC0w0TCCQVkGUSttqFpdJAgMBAAGjZjBkMA4GA1Ud
DwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQWBBSgWCYJFFoa
6O22U4MaelWJt3khUDAfBgNVHSMEGDAWgBSgWCYJFFoa6O22U4MaelWJt3khUDAN
BgkqhkiG9w0BAQsFAAOCAQEA1ELpWokOl1kwD5fbuROUZ9YedhXVRBWUKKluqQCr
eUUU7x/txKZ4xRYr3s1ltuUjxOMs5XbJSJq1z3tifDQ1srDjyU2CkKtZfjX5xmaS
QHCEJv/WgC6SBHGVYAgZ1hONPN2WpWxDYOLf6seonLszCHLkHMmjub8uFi/TSP8x
5OQ2SYLpHQDQcb3xlwk6+09ZuihAzWAgNAOvW+cNrunlD7N+BBTWMZmugKzqk0BT
avTn+p4dimFk528Iz+bk2uCfmF9WlnHm9DmlwCwM4PioGND7ag1VXAsgkqRWGa3k
uCP+NP3PpnGJLfxV5u20YlNLJk8bVFMB6FoFMafREVMQBA==
-----END CERTIFICATE-----
34 changes: 19 additions & 15 deletions example/tls/certs/etcd-client.crt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIC/zCCAeegAwIBAgIUFIXoPvxUJb0gJxyvZafxQoOjRLwwDQYJKoZIhvcNAQEL
MIIDzzCCAregAwIBAgIUFr+6DAbtFSnfqm4Aup/yPagMWB8wDQYJKoZIhvcNAQEL
BQAwdTELMAkGA1UEBhMCVVMxFjAUBgNVBAgTDVNhbiBGcmFuY2lzY28xCzAJBgNV
BAcTAkNBMRgwFgYDVQQKEw9NeSBDb21wYW55IE5hbWUxEzARBgNVBAsTCk9yZyBV
bml0IDIxEjAQBgNVBAMTCU15IG93biBDQTAeFw0xNzA4MDcxOTM2MDBaFw0yMjA4
MDYxOTM2MDBaMEMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMN
U2FuIEZyYW5jaXNjbzEPMA0GA1UEAxMGY2xpZW50MFkwEwYHKoZIzj0CAQYIKoZI
zj0DAQcDQgAEgh6z4iNScKvQSwnb+t3ER4MMPgZBDxHAwGLOYRfpRK1UWcufECGP
AaZP1efP+IRnul4dhEsy6HS8eJmmx9jAjqOBgzCBgDAOBgNVHQ8BAf8EBAMCBaAw
EwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU+qZP
vBpJQHo9GbVObVkZ4/i6LIswHwYDVR0jBBgwFoAU/IrJ7me6Hz9zqVtXHxPzfZ2y
5wQwCwYDVR0RBAQwAoIAMA0GCSqGSIb3DQEBCwUAA4IBAQCgq/fFtMgjFoNH73+p
gGO6XLru+/6g0R9tTY7oEeXLCb6y60Uihb+JZnVe3L+VB0/cPtn3BXw1ymFp53Y9
RXJma2kqjjVv8ssQ8lDuIYEMAfDDxsvDKZWYDu2dVLtDFGMFK6kCREpyXy5JtEky
yF+4kOUhm7LRKkm0simgg/JHp34mrrMizrVrKbg8Wyca2emE6hUwBRBOoQt8THd7
NJ11FHiX5LA5Fp0J5bbyXqF4zZ7kIE3Pv9QKI33lsOlRi6coCGyv2R0005GU2Fqb
rfOIcifaf1Z9ipVSrqlaD0/qLVD7DjXmL6eP0UVoGU+XySlcyXMPlKYbsP3SnYdu
bjzH
bml0IDExEjAQBgNVBAMTCU15IG93biBDQTAeFw0xNzEwMzEyMjUzMDBaFw0yMjEw
MzAyMjUzMDBaMEgxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1TYW4gRnJhbmNpc2Nv
MQswCQYDVQQHEwJDQTEUMBIGA1UEAxMLZXRjZCBjbGllbnQwggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQDBA3WhHLwWPFeaqsDIvwkqnszPIiCpyDdLkpTx
XcjM6PTiA/hA2y3WRlcQrBsPAcGyj3V+fGxOCGTIktoKLvFk4GjGR6zw+hfIGwSe
hbuPAQnkaoCsctrgeRjyv7TUb9N4KzXOYfP/RHAtZxh+91gmo/oF/kgzJz+MFR/y
OodBzzdXp7ZAumt0HUB5kqDxQDNXftnquK0WWvjU9geoYwFuHZ4J25p18RmMkL7p
hAWK+MB8+DgTMDP3SGh7SwdVS41UJhJTxK6C/ebj5fMjMNmsinAtCt39pvgwcP7y
p3k/IPoXxWBqRaC3NZW8Mq/dFVMVdcDZ9kzXWiRuvVnCpwzzAgMBAAGjgYMwgYAw
DgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQC
MAAwHQYDVR0OBBYEFNJTsiGVvKItIERnVbqCz9kpQoDyMB8GA1UdIwQYMBaAFKBY
JgkUWhro7bZTgxp6VYm3eSFQMAsGA1UdEQQEMAKCADANBgkqhkiG9w0BAQsFAAOC
AQEAjleSdnxhceY4/muz9HsC1Fk9Yh/KqkMZWMbKCSGyDGR27hS69RJ5VSpfHV6O
2BzXrhH7ygbnqGIl9BreBVOuYsNK/Z2l/h1vwRmehpjlht1LWQAYgSsS24RxgFSL
w2QREI+3hYtnOW7ESnnZTD5xlNJenR1iQx7+R+1Y4R2viqN6s8WF30p7q28EzBVR
+jlqezpwDhmIRTv91IQhrhmkn/xFtg0ZiIS/AGbjKpPKmVw19mweh2TRscV1V8Gk
0nCV8xvREELZyFLNyXdlkhVMyE2f0Dp4uYcPwuPlGTFcQOmELirzi0Gw94WaoIPO
58JdskKHXTJdzbV15WYM/KD8Kw==
-----END CERTIFICATE-----
16 changes: 16 additions & 0 deletions example/tls/certs/etcd-client.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"CN": "etcd client",
"hosts": [""],
"key": {
"algo": "rsa",
"size": 2048
},
"names": [
{
"C": "US",
"L": "CA",
"ST": "San Francisco"
}
]
}

32 changes: 27 additions & 5 deletions example/tls/certs/etcd-client.key
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,27 @@
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIFuA5AKbtdPPtIpE5PFq9oM8jMv3UYulHVoGSo5mOSQ6oAoGCCqGSM49
AwEHoUQDQgAEgh6z4iNScKvQSwnb+t3ER4MMPgZBDxHAwGLOYRfpRK1UWcufECGP
AaZP1efP+IRnul4dhEsy6HS8eJmmx9jAjg==
-----END EC PRIVATE KEY-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEAwQN1oRy8FjxXmqrAyL8JKp7MzyIgqcg3S5KU8V3IzOj04gP4
QNst1kZXEKwbDwHBso91fnxsTghkyJLaCi7xZOBoxkes8PoXyBsEnoW7jwEJ5GqA
rHLa4HkY8r+01G/TeCs1zmHz/0RwLWcYfvdYJqP6Bf5IMyc/jBUf8jqHQc83V6e2
QLprdB1AeZKg8UAzV37Z6ritFlr41PYHqGMBbh2eCduadfEZjJC+6YQFivjAfPg4
EzAz90hoe0sHVUuNVCYSU8Sugv3m4+XzIzDZrIpwLQrd/ab4MHD+8qd5PyD6F8Vg
akWgtzWVvDKv3RVTFXXA2fZM11okbr1ZwqcM8wIDAQABAoIBAQCF26tZl/8NgL3U
wzU+Q9bMmyM5R9bVSMiofbkUB9G54pnqoYwrFpacc13wbxu49aPq/TkkBpBqMcIL
pGTZCSNarZOcZ5sV6KxTmAFFG0Qvci31HrOsZV9MrE9UEwYLCp7jSTxgrGg2kbUm
l8hSTaHx8mj0fRx/dWnJ8eCc8mBZj3LO6A9w1bSa53LGh5LggyxDFwRfECXcUEAI
RWFkP8QWVweSzbScHomVEQ3Wn0isBgMF3s5hcdvu6txkS+p12/M7ZXk1cgXZTNtM
6WUhX/uP/NrcA4b5NIRiW5hQ0qgGsCcVD7Tq3fBHZbt6dfRsPE+XIkQF79lmIRIu
DYeamONxAoGBANktHJ25DJ9lB99kIF8wTm1F0Xv1rfkz2YrW38MVhOErDfDurgTk
4VTcIfV8gNTmI/LLIOvk9B2nzm2wWJWFO2XRdEuTbWjQQn/po8G5mEKieYiHFHY1
0vx2HrwzZAtuxz0ceHC6aEoYg76w4a7ILiSw4eoMsIBjci7Q8kO3HUPJAoGBAOOE
j812IJylsdPiYAFlnqmm4+XPqXnXA8juUzlZr69GTgtwb0o6ZmnvmNPwErBXPwaB
DzWauENu5Tg1PxBjxBCxCjDlJcizhbGNaGLn8TphVpzg3roIWEqn6LR8es7WGao1
H9TyUSKGCSqCnszVhdBw+DyFxnKCKi8VXbHfFZDbAoGBAI6POlWef1aybzSI+WcC
wrigOB7y6rzG+GpXGpNosM1OAdzCEKFNzUxzJCeNDtSyLa7XAElZBZXh7XO7aqrb
xl3T3E8v+4XuD3j/2Wr1daloFfc1FI10T4dB0nMgGPAYS9klsznsY0EgTnsCiWK+
LOwQ4HtO0R22KeHpbt5ceW1hAoGBAJ3TWUX3ycugjWkkQeD2M0gQg0rp8PCaHQAH
gyfndR2rMXxx9GGTfXPDR0rN4Mj+3LOQV5Khz2zHwq5pEWQ3MM07YoxkiP9euUFf
jKf/qbEL0N9mhlqaa1TugViieTZ+ArO1wm0f4vSF8lnQ3oPNItRjaW/ihLTuYoDi
22oGDJm9AoGAS7rQk9SkMvg0miOGJJSKPwhLjvPRLxYWE/X9DkSpJPLdlay7LXj2
o9kytsNQ305U+aB55h1MkpI22TxClFIJ0YiPHOoYuvvEJ6YCpphZiNdRQVT/8Unv
sCV40oCU+RDsJNC4FAuVnXAovdT1VHkhZum7i25oto+C0hdZGpSlloM=
-----END RSA PRIVATE KEY-----
27 changes: 27 additions & 0 deletions example/tls/certs/gen-cert.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
#!/usr/bin/env bash

echo "generating CA certs ==="
cfssl gencert -initca ca-csr.json | cfssljson -bare ca -

echo "generating etcd peer certs ==="
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=peer peer.json | cfssljson -bare peer

echo "generating etcd server certs ==="
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=server server.json | cfssljson -bare server

echo "generating etcd client certs ==="
cfssl gencert -ca=ca.pem -ca-key=ca-key.pem -config=ca-config.json -profile=client etcd-client.json | cfssljson -bare etcd-client

mv etcd-client.pem etcd-client.crt
mv etcd-client-key.pem etcd-client.key
cp ca.pem etcd-client-ca.crt

mv server.pem server.crt
mv server-key.pem server.key
cp ca.pem server-ca.crt

mv peer.pem peer.crt
mv peer-key.pem peer.key
mv ca.pem peer-ca.crt

rm *.csr ca-key.pem
Loading