sigs.k8s.io/cluster-api-provider-azure@v1.14.3/templates/addons/metrics-server/patches/temp-use-insecure-https.yaml

sigs.k8s.io/cluster-api-provider-azure@v1.14.3/templates/addons/metrics-server/patches/temp-use-insecure-https.yaml (about)

     1  # As there is a proposal to address this long term in CAPI 
     2  # we are enabling the metric server flag --kubelet-insecure-tls 
     3  # for the e2e tests with the plan to enable this customers 
     4  # longer term with the CAPI solution. It is possible to write 
     5  # a controller that would auto enable the CSR signing but would 
     6  # be not relevant once the CAPI work is in place.
     7  #
     8  # capi proposal: https://github.com/kubernetes-sigs/cluster-api/blob/main/docs/proposals/20210222-kubelet-authentication.md#changes-to-cluster-api-bootstrap-provider-kubeadm
     9  # docs on enabling securely with kubeadm https://kubernetes.io/docs/tasks/administer-cluster/kubeadm/kubeadm-certs/#kubelet-serving-certs
    10  # tracking issue: https://github.com/kubernetes-sigs/cluster-api-provider-azure/issues/1125
    11  - op: add
    12    path: /spec/template/spec/containers/0/args/-
    13    value:
    14      --kubelet-insecure-tls