This userdata plugin generates a cloud-init script which can be used to provision a CentOS node to be a OpenShift worker node.
OpenShift worker nodes require a "bootstrap token" to start.
That token must be a ServiceAccount token which has the permissions to create CSRs.
In a default OpenShift installation, that token is located at:
Therefore the machine-controller must be started with
OpenShift has a controller to automatically approve CSRs but that only works with machines from the OpenShift machine-controller. Thus we require a custom controller.
Sidenote: A new node creates 2 CSRs:
- Kubelet client certificate
- Kubelet serving certificate
There is no documentation for this package.